CMS Implementation Questions

Jack Lloyd <lloyd@randombit.net> Thu, 13 November 2003 12:51 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA22630 for <smime-archive@lists.ietf.org>; Thu, 13 Nov 2003 07:51:16 -0500 (EST)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.10/8.12.8) with ESMTP id hADCLTkT053489 for <ietf-smime-bks@above.proper.com>; Thu, 13 Nov 2003 04:21:29 -0800 (PST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.10/8.12.9/Submit) id hADCLTej053488 for ietf-smime-bks; Thu, 13 Nov 2003 04:21:29 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from centaur.acm.jhu.edu (postfix@centaur.acm.jhu.edu [128.220.223.65]) by above.proper.com (8.12.10/8.12.8) with ESMTP id hADCLSkT053483 for <ietf-smime@imc.org>; Thu, 13 Nov 2003 04:21:28 -0800 (PST) (envelope-from lloyd@randombit.net)
Received: by centaur.acm.jhu.edu (Postfix, from userid 528) id A8A563EB45; Thu, 13 Nov 2003 07:21:27 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by centaur.acm.jhu.edu (Postfix) with ESMTP id A78A346842 for <ietf-smime@imc.org>; Thu, 13 Nov 2003 07:21:27 -0500 (EST)
Date: Thu, 13 Nov 2003 07:21:27 -0500
From: Jack Lloyd <lloyd@randombit.net>
X-X-Sender: lloyd@centaur.acm.jhu.edu
To: ietf-smime@imc.org
Subject: CMS Implementation Questions
Message-ID: <Pine.LNX.4.44.0311130715460.6695-100000@centaur.acm.jhu.edu>
X-GPG-Key-ID: 4DCDF398
X-GPG-Key-Fingerprint: 2DD2 95F9 C7E3 A15E AF29 80E1 D6A9 A5B9 4DCD F398
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>


I've been looking over the various CMS RFCs, and have a few questions, most
of which probably have obvious and simple answers, but I could use some
help.

1) I'm pretty sure I understand how to nest CMS structures correctly, but the
   existing S/MIME examples draft doesn't have any examples of, say, compress
   then encrypt then sign. Are there any examples floating around, or, are
   there any free implementations of CMS that do this, which I could use to
   generate a few tests? (Preferably PEM or raw binary, rather than MIME, but
   I'll take what I can get).

2) In section 6.2.3 of RFC 3369, "keyIdentifier identifies the key-encryption
   key that was previously distributed to the sender and one or more
   recipients." Is there some typical mechanism for choosing this value?
   Obviously, as far as the RFC is concerned, one can do pretty much anything
   they please, but if there is a simple and commonly used method, I figure I
   might as well go with the crowd.

3) It is legal to include SignedAttributes and sign everything that way even
   when signing plain data content, correct?

4) Is the encoding of subjectKeyIdentifier in SignerIdentifier and
   RecipientIdentifier supposed to be with EXPLICIT or IMPLICIT tags? This is
   not particularly clear to me from the texts of RFCs 2630 and 3369.

5) Is the RC2 key wrap example in RFC 3217 right? For the KEK/IV/LCEKPADICV
   given there, I get:
      03 5E 97 2A B1 5C C4 C9 C4 A0 3D BA A3 5A 21 66
      67 E4 3E BC A2 67 46 AE 86 08 DB C8 9E 64 CA 29
   for TEMP1. I found a mention of at least one other person who had the same
   problem, and am wondering if the RFC is incorrect, or if my RC2 code manages
   to pass ~30 test vectors while still being wrong. Either way, something
   needs fixing.

Any help would be much appreciated.

Jack