pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SIGNED Macro and PEM Signatures

1993-03-08 10:35:00
from [Jeff Thompson] [Permanent Link] 


Or, even better, TIS or RSADSI should publish an example
verification which shows
 
1. The DER code of a ToBeSigned of a certificate.

2. *Intermediate* results like the md2 of this and the RSA input block.

3. The verification key.

Wolfgang


OK, here is an example using a certificate issued by our Low Assurance
(soon to be) PCA

- Jeff

full certificate encoding:

30 82 01 98 30 82 01 22 02 04 46 00
00 01 30 0d 06 09 2a 86 48 86 f7 0d
01 01 02 05 00 30 5f 31 0b 30 09 06
03 55 04 06 13 02 55 53 31 20 30 1e
06 03 55 04 0a 13 17 52 53 41 20 44
61 74 61 20 53 65 63 75 72 69 74 79
2c 20 49 6e 63 2e 31 2e 30 2c 06 03
55 04 0b 13 25 4c 6f 77 20 41 73 73
75 72 61 6e 63 65 20 43 65 72 74 69
66 69 63 61 74 69 6f 6e 20 41 75 74
68 6f 72 69 74 79 30 1e 17 0d 39 32
30 39 30 39 31 38 35 30 30 35 5a 17
0d 39 34 30 39 30 39 31 38 35 30 30
34 5a 30 2c 31 0b 30 09 06 03 55 04
06 13 02 55 53 31 1d 30 1b 06 03 55
04 0a 13 14 45 78 61 6d 70 6c 65 20
4f 72 67 61 6e 69 7a 61 74 69 6f 6e
30 5c 30 0d 06 09 2a 86 48 86 f7 0d
01 01 01 05 00 03 4b 00 30 48 02 41
00 c5 59 65 91 f6 70 ac 38 7f ba bf
f6 c0 d0 83 e5 93 22 0e 0b c3 a0 0f
97 5b 9e b7 ad 51 4c 77 7b ae 14 25
2d f8 30 58 74 7f 17 7e ac 9c 1d a5
39 4d 33 eb d8 de 92 16 a4 1c 69 d2
d4 83 8f a4 51 02 03 01 00 01 30 0d
06 09 2a 86 48 86 f7 0d 01 01 02 05
00 03 61 00 73 8e 6d 82 92 30 f4 37
6a a9 4c 20 50 0b f1 53 42 89 80 14
fa ca d1 d8 71 48 e7 28 12 d6 f1 95
70 0f 1f 1c 42 37 82 08 03 8c fa 96
d4 d7 7b aa fa b2 dc dc 7c 5a 80 31
fc 67 8e 78 9a 35 c5 ce e9 85 ec e4
45 fe 8b b2 58 bc cb d9 28 02 dd ec
c8 26 bc 6a d6 76 64 c4 8e 3c c5 a2
6d 8f 74 95

toBeSigned portion of certificate:

                  30 82 01 22 02 04 46 00 00 01 
30 0d 06 09 2a 86 48 86 f7 0d 01 01 02 05 00 30 
5f 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 20 
30 1e 06 03 55 04 0a 13 17 52 53 41 20 44 61 74 
61 20 53 65 63 75 72 69 74 79 2c 20 49 6e 63 2e 
31 2e 30 2c 06 03 55 04 0b 13 25 4c 6f 77 20 41 
73 73 75 72 61 6e 63 65 20 43 65 72 74 69 66 69 
63 61 74 69 6f 6e 20 41 75 74 68 6f 72 69 74 79 
30 1e 17 0d 39 32 30 39 30 39 31 38 35 30 30 35 
5a 17 0d 39 34 30 39 30 39 31 38 35 30 30 34 5a 
30 2c 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 
1d 30 1b 06 03 55 04 0a 13 14 45 78 61 6d 70 6c 
65 20 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 30 5c 
30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 
4b 00 30 48 02 41 00 c5 59 65 91 f6 70 ac 38 7f 
ba bf f6 c0 d0 83 e5 93 22 0e 0b c3 a0 0f 97 5b 
9e b7 ad 51 4c 77 7b ae 14 25 2d f8 30 58 74 7f 
17 7e ac 9c 1d a5 39 4d 33 eb d8 de 92 16 a4 1c 
69 d2 d4 83 8f a4 51 02 03 01 00 01             

unencrypted signature block:

                  00 01 ff ff ff ff ff ff ff ff 
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 
ff ff ff 00 30 20 30 0c 06 08 2a 86 48 86 f7 0d 
02 02 05 00 04 10 b2 fb 7c 83 03 bd dd 10 19 1f 
54 ef 9a 1a ef 5e                               

md2 digest of toBeSigned portion (as you can see from the signature block):

b2 fb 7c 83 03 bd dd 10 19 1f 54 ef 9a 1a ef 5e 

certificate issuer's public key (Low Assurance PCA):

30 7c 30 0d 06 09 2a 86 48 86 f7 0d
01 01 01 05 00 03 6b 00 30 68 02 61
00 b0 b4 0e 9a 3a 46 4e 87 03 ff b8
db ca d8 af 41 f3 c3 f4 13 1c f6 57
1e 39 a5 35 49 b4 20 94 dc 92 f8 ee
1e a1 03 5f 94 21 2b 75 1a 3b 07 44
5d bd d6 ef 4d 7e 23 00 f4 2c f5 73
47 90 bc e8 ba 51 7f a8 19 ee f7 5f
17 46 dc e5 ff d1 23 fe 64 2e 68 94
b3 81 de 5a 40 28 8d d6 d7 14 af 84
ef 02 03 01 00 01
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Lack of Clarity in RFC 1423 ?, Raymond Lau
Next by Date:  Symmetric MIC-CLEAR messages, Mike Roe
Previous by Thread:  Re: SIGNED Macro and PEM Signatures, Wolfgang Schneider
Next by Thread:  Re: SIGNED Macro and PEM Signatures, Peter Williams
Indexes:  [Date] [Thread] [Top] [All Lists]