ietf-smime
[Top] [All Lists]

RE: Who has tried some or all of the S/MIME examples?

2003-05-06 11:20:20

Paul,

DigitalNet has used the S/MIME Freeware Library (SFL) (and underlying 
libraries) to successfully process the vast majority of the examples in the 
draft-ietf-smime-examples-10.txt.  This message includes the notes regarding 
our testing.  We will send you corrected examples for sections 11.1 and 11.2.


Test Results for S/MIME Examples-10:

These tests were executed by DigitalNet using the S/MIME Freeware Library (SFL) 
and underlying libraries.  Point of contact is Bob Colestock, 
Robert(_dot_)Colestock(_at_)DigitalNet(_dot_)com(_dot_)

(Note: Test numbers correspond to Examples-10 section numbers.)


4.  ContentInfo Tests

4.1     ContentInfo with Data type, BER:  Successfully ASN.1 decoded the 
BER-encoded ContentInfo sample in Examples document, but SFL can only create 
DER-encoded ContentInfo objects because the Enhanced SNACC library always uses 
DER to ASN.1 encode objects.

4.2     ContentInfo with Data type, DER:  Successfully decoded sample in 
Examples document using SFL.


5.  SignedData Tests

5.1     Basic signed content, DSS:  Successfully verified signature of sample 
in Examples document using SFL.

5.2     Basic signed content, RSA:  Successfully verified signature of sample 
in Examples document using SFL.

5.3     Basic signed content, detached content: Successfully verified signature 
of sample in Examples document using SFL.

5.4     Fancier signed content, Signed content with signed/unsigned attributes: 
Successfully verified signature of sample in Examples document using SFL.  

5.5     All RSA signed message:  Successfully verified signature of sample in 
Examples document using SFL.

5.6     Multiple DSS signatures: Successfully verified all of the signatures in 
the sample in the Examples document.  

5.7     Signing using SKI:  Successfully verified signature of sample in 
Examples document using SFL. 

5.8     S/MIME multipart/signed message: Successfully verified signature of 
sample in Examples document using SFL. 

5.9     S/MIME application/pkcs7-mime signed message:  Successfully verified 
signature of sample in Examples document using SFL.

5.10    SignedData With Attributes: Successfully verified signature of sample 
in Examples document.

5.11    SignedData with Certificates Only: Successfully verified that there 
were no SignerInfos that were present or verified in the sample in the Examples 
document.


6.   Enveloped-data Tests

6.1.    Basic encrypted content, TripleDES and DH:  Successfully used SFL to 
process this envelopedData sample.   

6.2.    Basic encrypted content, TripleDES and RSA:  Successfully decrypted 
sample in Examples document using SFL.

6.3.    Basic encrypted content, RC2/40 and RSA:  Successfully decrypted sample 
in Examples document using SFL.
  
6.4.    Encrypted content, two recipients, no shared keying material: 
Successfully used SFL to process the envelopedData sample.  NOTE:  Unsuccessful 
Invalid tag for privateKeyInfo for second login

6.5.    Encrypted content, two recipients, shared keying material: Was unable 
to use the SFL to process the envelopedData sample because of an SFL bug 
related to processing shared UKMs.  SFL will be fixed to be able to 
successfully process this message as it has in the past.

6.6.    Encrypted content, TripleDES and DH, previously-distributed keys: Used 
SFL to successfully process the envelopedData sample.

6.7.    Encrypted content, RC2/40 and RSA, previously-distributed keys: Used 
SFL to successfully process the envelopedData sample.  

6.8.    S/MIME application/pkcs7-mime encrypted message:  Successfully used SFL 
to process the envelopedData sample.

6.9.    EnvelopedData with All Recipient Types: Successfully used SFL to 
process the envelopedData sample for all recipient types KARI, KTRI, and KEKRI.

6.10.   EnvelopedData with KARI RC2 Encryption: Successfully used SFL to 
process the envelopedData sample.

6.11.   EnvelopedData with KEK 3DES Encryption: Successfully used SFL to 
process the envelopedData sample.


7.  DigestedData:  SFL does not support.



8.  Encrypted-Data Tests: 

8.1. Simple EncryptedData: Successfully used SFL to process the encryptedData 
sample.

8.2. EncryptedData with unprotected attributes: Successfully used SFL to 
process the encryptedData sample.


9.  Authenticated-Data:  SFL does not support.



10. Key Wrapping:  Tests conducted as part of EnvelopedData testing. 


11.  ESS Examples

11.1    ReceiptRequest:  Used SFL to successfully process the signedData 
including a receiptRequest attribute.  Note that the 11.2 signedReceipt is 
supposed to be in response to the 11.1 signedData receiptRequest, but the 
examples-10 samples are incorrect.  DigitalNet will provide new samples for 
11.1 and 11.2 that are correct.

11.2    Receipt:  Used SFL to successfully process the signedData including a 
receipt content type.  NOTE - Unsuccessful - no match in signer info error

11.3    ESSSecurityLabel:  Used SFL to successfully process the signedData 
including a ESSSecurityLabel signed attribute.

11.4    EquivalentLabels:  Used SFL to successfully process the signedData 
including an EquivalentLabels signed attribute.

11.5    mlExpansionHistory:  Used SFL to successfully process the signedData 
including an mlExpansionHistory signed attribute.

11.6    SigningCertificate:  Used SFL to successfully process the signedData 
including a SigningCertificate signed attribute.

====================================================
John Pawling, John(_dot_)Pawling(_at_)DigitalNet(_dot_)com
DigitalNet (formerly Getronics Government Solutions)
====================================================