Network Working Group R. Housley
Request for Comments: 2630 SPYRUS
Category: Standards Track June 1999
Cryptographic Message Syntax
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
Abstract
This document describes the Cryptographic Message Syntax. This
syntax is used to digitally sign, digest, authenticate, or encrypt
arbitrary messages.
The Cryptographic Message Syntax is derived from PKCS #7 version 1.5
as specified in RFC 2315 [PKCS#7]. Wherever possible, backward
compatibility is preserved; however, changes were necessary to
accommodate attribute certificate transfer and key agreement
techniques for key management.
Housley Standards Track [Page 1]
RFC 2630 Cryptographic Message Syntax June 1999
Table of Contents
1 Introduction ................................................. 4
2 General Overview ............................................. 4
3 General Syntax ............................................... 5
4 Data Content Type ............................................ 5
5 Signed-data Content Type ..................................... 6
5.1 SignedData Type ......................................... 7
5.2 EncapsulatedContentInfo Type ............................ 8
5.3 SignerInfo Type ......................................... 9
5.4 Message Digest Calculation Process ...................... 11
5.5 Message Signature Generation Process .................... 12
5.6 Message Signature Verification Process .................. 12
6 Enveloped-data Content Type .................................. 12
6.1 EnvelopedData Type ...................................... 14
6.2 RecipientInfo Type ...................................... 15
6.2.1 KeyTransRecipientInfo Type ....................... 16
6.2.2 KeyAgreeRecipientInfo Type ....................... 17
6.2.3 KEKRecipientInfo Type ............................ 19
6.3 Content-encryption Process .............................. 20
6.4 Key-encryption Process .................................. 20
7 Digested-data Content Type ................................... 21
8 Encrypted-data Content Type .................................. 22
9 Authenticated-data Content Type .............................. 23
9.1 AuthenticatedData Type .................................. 23
9.2 MAC Generation .......................................... 25
9.3 MAC Verification ........................................ 26
10 Useful Types ................................................. 27
10.1 Algorithm Identifier Types ............................. 27
10.1.1 DigestAlgorithmIdentifier ...................... 27
10.1.2 SignatureAlgorithmIdentifier ................... 27
10.1.3 KeyEncryptionAlgorithmIdentifier ............... 28
10.1.4 ContentEncryptionAlgorithmIdentifier ........... 28
10.1.5 MessageAuthenticationCodeAlgorithm ............. 28
10.2 Other Useful Types ..................................... 28
10.2.1 CertificateRevocationLists ..................... 28
10.2.2 CertificateChoices ............................. 29
10.2.3 CertificateSet ................................. 29
10.2.4 IssuerAndSerialNumber .......................... 30
10.2.5 CMSVersion ..................................... 30
10.2.6 UserKeyingMaterial ............................. 30
10.2.7 OtherKeyAttribute .............................. 30
Housley Standards Track [Page 2]
RFC 2630 Cryptographic Message Syntax June 1999
11 Useful Attributes ............................................ 31
11.1 Content Type ........................................... 31
11.2 Message Digest ......................................... 32
11.3 Signing Time ........................................... 32
11.4 Countersignature ....................................... 34
datatracker.ietf.org