Anatomy of CMS/pkcs#7 signed messages


CMS (Cryptographic Message Syntax) and PKCS #7 are standards that define a syntax based on ASN.1 for encapsulation of cryptographic messages, digital signatures, enveloped data, with associated content, attributes and certificates. A CMS signed message always contains the digital signature (encrypted hash), information about the signer(s) which is usually the SubjectName of the issuer of the signing certificate, and the Serial Number field of the signer(s) certificate. Optionally, the signed message can contain the actual data signed, certificates and extra authenticated attributes.

A binary hex display for a typical CMS/PKCS #7 signed message is shown below with included content, the signer's certificate, but with no authenticated attributes. The actual "digital signature" is formed by encrypting a formatted standard Type 1 signature block, which contains a hash of the data covered by the signature and the hash algorithm specifier. The signature block is encrypted with the private RSA key associated with the signer's certificate. In this simple case, the signature represents the encrypted hash of the embedded content, a simple string in this case. If authenticated attributes are included (e.g. signing time etc.) then the hash value covers the content as well as the specified authenticated attributes. The display uses color-coding to highlight specific data sections. Sections not highlighted (black) are ASN.1 specifiers and other attributes, algorithms etc.


0000   30 82 03 AA 06 09 2A 86 48 86 F7 0D 01 07 02 A0   0.....*.H.......
0010   82 03 9B 30 82 03 97 02 01 01 31 0B 30 09 06 05   ...0......1.0...
0020   2B 0E 03 02 1A 05 00 30 1E 06 09 2A 86 48 86 F7   +......0...*.H..
0030   0D 01 07 01 A0 11 04 0F 4D 69 74 63 68 20 47 61   ........Mitch Ga
0040   6C 6C 61 6E 74 0D 0A A0 82 02 48 30 82 02 44 30   llant.....H0..D0
0050   82 01 AD 02 04 3B 49 FD BD 30 0D 06 09 2A 86 48   .....;I..0...*.H
0060   86 F7 0D 01 01 04 05 00 30 69 31 0B 30 09 06 03   ........0i1.0...
0070   55 04 06 13 02 43 41 31 0B 30 09 06 03 55 04 08   U....CA1.0...U..

0080   13 02 4F 4E 31 0F 30 0D 06 03 55 04 07 13 06 4F   ..ON1.0...U....O
0090   74 74 61 77 61 31 14 30 12 06 03 55 04 0A 13 0B   ttawa1.0...U....
00a0   4A 61 76 61 53 63 69 65 6E 63 65 31 0D 30 0B 06   JavaScience1.0..
00b0   03 55 04 0B 13 04 48 6F 6D 65 31 17 30 15 06 03   .U....Home1.0...
00c0   55 04 03 13 0E 4D 69 63 68 65 6C 20 47 61 6C 6C   U....Michel Gall
00d0   61 6E 74 30 1E 17 0D 30 31 30 37 30 39 31 38 35   ant0...010709185
00e0   33 34 39 5A 17 0D 30 33 30 36 30 39 31 38 35 33   349Z..0306091853
00f0   34 39 5A 30 69 31 0B 30 09 06 03 55 04 06 13 02   49Z0i1.0...U....

0100   43 41 31 0B 30 09 06 03 55 04 08 13 02 4F 4E 31   CA1.0...U....ON1
0110   0F 30 0D 06 03 55 04 07 13 06 4F 74 74 61 77 61   .0...U....Ottawa
0120   31 14 30 12 06 03 55 04 0A 13 0B 4A 61 76 61 53   1.0...U....JavaS
0130   63 69 65 6E 63 65 31 0D 30 0B 06 03 55 04 0B 13   cience1.0...U...
0140   04 48 6F 6D 65 31 17 30 15 06 03 55 04 03 13 0E   .Home1.0...U....
0150   4D 69 63 68 65 6C 20 47 61 6C 6C 61 6E 74 30 81   Michel Gallant0.
0160   9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00   .0...*.H........
0170   03 81 8D 00 30 81 89 02 81 81 00 B9 12 F5 CE D7   ....0...........

0180   BA 74 C4 62 4E 9F 41 E6 85 90 2B 47 36 AF 86 B5   .t.bN.A...+G6...
0190   5C 74 31 F4 45 A5 9A BA 52 D7 FE EC 1C 94 C7 5D   \t1.E...R......]
01a0   85 8A E6 4B 9D 81 1C 80 61 C6 D1 5B 53 86 B3 5C   ...K....a..[S..\
01b0   E0 41 D1 E1 E5 73 F0 75 52 C0 A7 73 05 6B AC E6   .A...s.uR..s.k..
01c0   39 8A 41 55 14 D9 CA ED 86 1F EE 4D 0C 46 91 2F   9.AU.......M.F./
01d0   BF 7D 50 75 11 8D 02 B3 C7 D8 BD 57 CB 42 49 92   .}Pu.......W.BI.
01e0   B3 26 9A 07 A3 5A B2 63 26 BA D8 E6 2C 83 91 B0   .&...Z.c&...,...
01f0   3D 11 81 10 33 7A A8 C0 6A 0B 8D 02 03 01 00 01   =...3z..j.......

0200   30 0D 06 09 2A 86 48 86 F7 0D 01 01 04 05 00 03   0...*.H.........
0210   81 81 00 2D 7B 1E 63 8A 86 4E 24 E9 F3 B3 49 77   ...-{.c..N$...Iw
0220   A5 82 6D 31 25 1A 03 E9 B9 AC 30 86 FC F9 43 9B   ..m1%.....0...C.
0230   C6 92 33 69 19 9D 51 71 A9 8F E4 B5 03 AA B6 5A   ..3i..Qq.......Z
0240   F2 B5 15 C0 56 D9 6F 70 94 C6 C0 4E 66 5A E3 94   ....V.op...NfZ..
0250   F5 39 5B ED 5E A5 FC 09 D9 16 3C 06 AD 97 25 08   .9[.^.....<...%.
0260   A5 4B 63 77 78 68 54 54 FB EE 55 D9 C9 4D 29 F9   .KcwxhTT..U..M).
0270   60 68 9B 85 D0 44 52 6F 65 F7 82 28 F4 2F 2F 1D   `h...DRoe..(.//.

0280   41 92 50 11 88 32 13 06 2A 2F 2F BD DC 49 54 3E   A.P..2..*//..IT>
0290   CA D2 7A 31 82 01 17 30 82 01 13 02 01 01 30 71   ..z1...0......0q
02a0   30 69 31 0B 30 09 06 03 55 04 06 13 02 43 41 31   0i1.0...U....CA1
02b0   0B 30 09 06 03 55 04 08 13 02 4F 4E 31 0F 30 0D   .0...U....ON1.0.
02c0   06 03 55 04 07 13 06 4F 74 74 61 77 61 31 14 30   ..U....Ottawa1.0
02d0   12 06 03 55 04 0A 13 0B 4A 61 76 61 53 63 69 65   ...U....JavaScie
02e0   6E 63 65 31 0D 30 0B 06 03 55 04 0B 13 04 48 6F   nce1.0...U....Ho
02f0   6D 65 31 17 30 15 06 03 55 04 03 13 0E 4D 69 63   me1.0...U....Mic

0300   68 65 6C 20 47 61 6C 6C 61 6E 74 02 04 3B 49 FD   hel Gallant..;I.
0310   BD 30 09 06 05 2B 0E 03 02 1A 05 00 30 0D 06 09   .0...+......0...
0320   2A 86 48 86 F7 0D 01 01 01 05 00 04 81 80 AB 8E   *.H.............
0330   66 F8 71 F4 47 EC 96 2F 1D AA 48 7A 86 45 76 D5   f.q.G../..Hz.Ev.
0340   CB 3E 31 CC 34 56 38 9C 5C 60 B7 3E D9 A6 89 D9   .>1.4V8.\`.>....
0350   E4 FC FF B2 E8 2B 41 C3 50 29 A2 F9 59 F1 19 00   .....+A.P)..Y...
0360   26 4D 30 FC AB 37 F1 62 BC F4 86 3E 55 3B 84 7E   &M0..7.b...>U;.~
0370   A6 11 27 01 A7 EB A8 46 A1 E8 08 1D C2 AF 95 0B   ..'....F........

0380   25 2B 46 52 A8 99 6B E3 D9 65 24 CA B8 39 5F 89   %+FR..k..e$..9_.
0390   6C 84 C1 AD 83 6F B5 9E 44 37 6F D5 3D 71 82 39   l....o..D7o.=q.9
03a0   22 EF 09 2F 92 8B 25 AE 9A BB 41 E7 1D EE         "../..%...A...

For comparison, a minimal CMS/PKCS #7 signed message (signed with a different certificate, and with different content) which does not include certificates is shown below:

0000   30 82 01 FE 06 09 2A 86 48 86 F7 0D 01 07 02 A0   0.....*.H.......
0010   82 01 EF 30 82 01 EB 02 01 01 31 0F 30 0D 06 09   ...0......1.0...
0020   2A 86 48 86 F7 0D 01 01 05 05 00 30 45 06 09 2A   *.H........0E..*
0030   86 48 86 F7 0D 01 07 01 A0 38 04 36 54 68 65 20   .H.......8.6The 
0040   56 65 6E 74 75 72 65 73 20 61 72 65 20 74 68 65   Ventures are the
0050   20 62 65 73 74 20 73 75 72 66 2D 69 6E 73 74 72    best surf-instr
0060   75 6D 65 6E 74 61 6C 20 62 61 6E 64 20 65 76 65   umental band eve
0070   72 21 31 82 01 8C 30 82 01 88 02 01 01 30 81 E1   r!1...0......0..

0080   30 81 CC 31 17 30 15 06 03 55 04 0A 13 0E 56 65   0..1.0...U....Ve
0090   72 69 53 69 67 6E 2C 20 49 6E 63 2E 31 1F 30 1D   riSign, Inc.1.0.
00a0   06 03 55 04 0B 13 16 56 65 72 69 53 69 67 6E 20   ..U....VeriSign 
00b0   54 72 75 73 74 20 4E 65 74 77 6F 72 6B 31 46 30   Trust Network1F0
00c0   44 06 03 55 04 0B 13 3D 77 77 77 2E 76 65 72 69   D..U...=www.veri
00d0   73 69 67 6E 2E 63 6F 6D 2F 72 65 70 6F 73 69 74   sign.com/reposit
00e0   6F 72 79 2F 52 50 41 20 49 6E 63 6F 72 70 2E 20   ory/RPA Incorp. 
00f0   42 79 20 52 65 66 2E 2C 4C 49 41 42 2E 4C 54 44   By Ref.,LIAB.LTD

0100   28 63 29 39 38 31 48 30 46 06 03 55 04 03 13 3F   (c)981H0F..U...?
0110   56 65 72 69 53 69 67 6E 20 43 6C 61 73 73 20 31   VeriSign Class 1
0120   20 43 41 20 49 6E 64 69 76 69 64 75 61 6C 20 53    CA Individual S
0130   75 62 73 63 72 69 62 65 72 2D 50 65 72 73 6F 6E   ubscriber-Person
0140   61 20 4E 6F 74 20 56 61 6C 69 64 61 74 65 64 02   a Not Validated.
0150   10 01 47 8A E1 E3 BF E9 99 FB C0 AA 9D 92 D9 ED   ..G.............
0160   38 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00   80...*.H........
0170   30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 04   0...*.H.........

0180   81 80 08 4F 8F C8 0E 15 62 91 4F F8 A7 38 95 88   ...O....b.O..8..
0190   C3 83 90 09 D5 AE B3 3D BD 22 2D FC AE 18 91 CF   .......=."-.....
01a0   DC CC F6 B8 7B 18 8B 90 B6 FC D3 A5 2A 00 12 7F   ....{.......*...
01b0   30 CC B1 2E 1F 32 77 1C 10 F2 FF C8 E5 16 D2 16   0....2w.........
01c0   E2 D4 DD F2 32 B9 87 46 B2 F1 08 EC 26 31 85 21   ....2..F....&1.!
01d0   56 75 71 EA 91 4D 60 F1 82 B6 9D 3F 21 4D E1 59   Vuq..M`....?!M.Y
01e0   3C 1D D1 B2 10 E6 90 EE B2 09 F6 11 8C 21 5B 38   <............![8
01f0   F2 96 21 DD FF 46 F6 8C D7 61 44 00 5B 2E 21 7E   ..!..F...aD.[.!~

0200   8E 3B                                             .;

An ASN.1 dump for the second minimal signed message above is shown below:

   0 30  510: SEQUENCE {
   4 06    9:   OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
  15 A0  495:   [0] {
  19 30  491:     SEQUENCE {
  23 02    1:       INTEGER 1
  26 31   15:       SET {
  28 30   13:         SEQUENCE {
  30 06    9:           OBJECT IDENTIFIER
            :             sha1withRSAEncryption (1 2 840 113549 1 1 5)
  41 05    0:           NULL
            :           }
            :         }
  43 30   69:       SEQUENCE {
  45 06    9:         OBJECT IDENTIFIER data (1 2 840 113549 1 7 1)
  56 A0   56:         [0] {
  58 04   54:           OCTET STRING
            :             'The Ventures are the best surf-instrumental band'
            :             ' ever!'
            :           }
            :         }
 114 31  396:       SET {
 118 30  392:         SEQUENCE {
 122 02    1:           INTEGER 1
 125 30  225:           SEQUENCE {
 128 30  204:             SEQUENCE {
 131 31   23:               SET {
 133 30   21:                 SEQUENCE {
 135 06    3:                   OBJECT IDENTIFIER organizationName (2 5 4 10)
 140 13   14:                   PrintableString 'VeriSign, Inc.'
            :                   }
            :                 }
 156 31   31:               SET {
 158 30   29:                 SEQUENCE {
 160 06    3:                   OBJECT IDENTIFIER
            :                     organizationalUnitName (2 5 4 11)
 165 13   22:                   PrintableString 'VeriSign Trust Network'
            :                   }
            :                 }
 189 31   70:               SET {
 191 30   68:                 SEQUENCE {
 193 06    3:                   OBJECT IDENTIFIER
            :                     organizationalUnitName (2 5 4 11)
 198 13   61:                   PrintableString
            :                   'www.verisign.com/repository/RPA Incorp. By Ref.,'
            :                   'LIAB.LTD(c)98'
            :                   }
            :                 }
 261 31   72:               SET {
 263 30   70:                 SEQUENCE {
 265 06    3:                   OBJECT IDENTIFIER commonName (2 5 4 3)
 270 13   63:                   PrintableString
            :                   'VeriSign Class 1 CA Individual Subscriber-Person'
            :                   'a Not Validated'
            :                   }
            :                 }
            :               }
 335 02   16:             INTEGER
            :               01 47 8A E1 E3 BF E9 99 FB C0 AA 9D 92 D9 ED 38
            :             }
 353 30   13:           SEQUENCE {
 355 06    9:             OBJECT IDENTIFIER
            :               sha1withRSAEncryption (1 2 840 113549 1 1 5)
 366 05    0:             NULL
            :             }
 368 30   13:           SEQUENCE {
 370 06    9:             OBJECT IDENTIFIER
            :               rsaEncryption (1 2 840 113549 1 1 1)
 381 05    0:             NULL
            :             }
 383 04  128:           OCTET STRING
            :             08 4F 8F C8 0E 15 62 91 4F F8 A7 38 95 88 C3 83
            :             90 09 D5 AE B3 3D BD 22 2D FC AE 18 91 CF DC CC
            :             F6 B8 7B 18 8B 90 B6 FC D3 A5 2A 00 12 7F 30 CC
            :             B1 2E 1F 32 77 1C 10 F2 FF C8 E5 16 D2 16 E2 D4
            :             DD F2 32 B9 87 46 B2 F1 08 EC 26 31 85 21 56 75
            :             71 EA 91 4D 60 F1 82 B6 9D 3F 21 4D E1 59 3C 1D
            :             D1 B2 10 E6 90 EE B2 09 F6 11 8C 21 5B 38 F2 96
            :             21 DD FF 46 F6 8C D7 61 44 00 5B 2E 21 7E 8E 3B
            :           }
            :         }
            :       }
            :     }
            :   }