Skip to main content

Appendix A. Examples

This appendix includes a set of examples that show the different features and message types that have been defined in this document. To make the examples easier to read, they are presented using the extended CBOR diagnostic notation (defined in [RFC8610]) rather than as a binary dump.

The examples are presented using the CBOR diagnostic notation. A Ruby-based tool exists [CBORDIAG] that can convert between the diagnostic notation and binary. The referenced webpage includes installation instructions.

The diagnostic notation can be converted into binary files using the following command line:

diag2cbor.rb < inputfile > outputfile

The examples can be extracted from the XML version of this document via an XPath expression, as all of the sourcecode is tagged with the attribute 'type="cbor-diag"'. (Depending on the XPath evaluator one is using, it may be necessary to deal with > as an entity.)

//sourcecode[@type='cbor-diag']/text()

This appendix uses the following terms:

AES-GCM: AES Galois/Counter Mode

CEK: content-encryption key

ECDH: Elliptic Curve Diffie-Hellman

ECDH-ES: Elliptic Curve Diffie-Hellman Ephemeral Static

ECDSA: Elliptic Curve Digital Signature Algorithm

EdDSA: Edwards-curve Digital Signature Algorithm

HKDF: HMAC-based Key Derivation Function

HMAC: Hashed Message Authentication Code

A.1. Examples of Signed Messages

A.1.1. Countersignature

This example uses the following:

Signature Algorithm: ECDSA with SHA-256, Curve P-256

The same header parameters are used for both the signature and the countersignature.

The size of the binary file is 180 bytes.

98(
  [
    / protected / h'',
    / unprotected / {
      / countersign / 11:[
        / protected  h'a10126' / << {
            / alg / 1:-7 / ECDSA 256 /
          } >>,
        / unprotected / {
          / kid / 4: '11'
        },
        / signature / h'5ac05e289d5d0e1b0a7f048a5d2b643813ded50bc9e4
9220f4f7278f85f19d4a77d655c9d3b51e805a74b099e1e085aacd97fc29d72f887e
8802bb6650cceb2c'
      ]
    },
    / payload / 'This is the content.',
    / signatures / [
      [
        / protected h'a10126' / << {
            / alg / 1:-7 / ECDSA 256 /
          } >>,
        / unprotected / {
          / kid / 4: '11'
        },
        / signature / h'e2aeafd40d69d19dfe6e52077c5d7ff4e408282cbefb
5d06cbf414af2e19d982ac45ac98b8544c908b4507de1e90b717c3d34816fe926a2b
98f53afd2fa0f30a'
      ]
    ]
  ]
)

A.2. Examples of Signed1 Messages

A.2.1. Countersignature

This example uses the following:

Signature Algorithm: ECDSA with SHA-256, Curve P-256

Countersignature Algorithm: ECDSA with SHA-512, Curve P-521

The size of the binary file is 275 bytes.

18(
  [
    / protected h'A201260300' / << {
      / alg / 1:-7, / ECDSA 256 /
      / ctyp / 3:0
    } >>,
    / unprotected / {
      / kid / 4: '11',
      / countersign / 11: [
        / protected h'A1013823' / << {
          / alg / 1:-36 / ECDSA 512 /
        } >>,
        / unprotected / {
          / kid / 4: '[email protected]'
        },
        / signature / h'01B1291B0E60A79C459A4A9184A0D393E034B34AF069
A1CCA34F5A913AFFFF698002295FA9F8FCBFB6FDFF59132FC0C406E98754A98F1FBF
E81C03095F481856BC470170227206FA5BEE3C0431C56A66824E7AAF692985952E31
271434B2BA2E47A335C658B5E995AEB5D63CF2D0CED367D3E4CC8FFFD53B70D115BA
A9E86961FBD1A5CF'
      ]
    },
    / payload / 'This is the content.',
    / signature / h'BB587D6B15F47BFD54D2CBFCECEF75451E92B08A514BD439
FA3AA65C6AC92DF0D7328C4A47529B32ADD3DD1B4E940071C021E9A8F2641F1D8E3B
053DDD65AE52'
  ]
)

A.3. Examples of Enveloped Messages

A.3.1. Countersignature on Encrypted Content

This example uses the following:

CEK: AES-GCM with 128-bit key

Recipient Class: ECDH Ephemeral-Static, Curve P-256

Countersignature Algorithm: ECDSA with SHA-512, Curve P-521

The size of the binary file is 326 bytes.

96(
  [
    / protected h'a10101' / << {
        / alg / 1:1 / AES-GCM 128 /
      } >>,
    / unprotected / {
      / iv / 5:h'c9cf4df2fe6c632bf7886413',
      / countersign / 11:[
        / protected h'a1013823' / << {
            / alg / 1:-36 / ES512 /
          } >>,
        / unprotected / {
          / kid / 4: '[email protected]'
        },
        / signature / h'00929663c8789bb28177ae28467e66377da12302d7f9
594d2999afa5dfa531294f8896f2b6cdf1740014f4c7f1a358e3a6cf57f4ed6fb02f
cf8f7aa989f5dfd07f0700a3a7d8f3c604ba70fa9411bd10c2591b483e1d2c31de00
3183e434d8fba18f17a4c7e3dfa003ac1cf3d30d44d2533c4989d3ac38c38b71481c
c3430c9d65e7ddff'
      ]
    },
    / ciphertext / h'7adbe2709ca818fb415f1e5df66f4e1a51053ba6d65a1a0
c52a357da7a644b8070a151b0',
    / recipients / [
      [
        / protected h'a1013818' / << {
            / alg / 1:-25 / ECDH-ES + HKDF-256 /
          } >>,
        / unprotected / {
          / ephemeral / -1:{
            / kty / 1:2,
            / crv / -1:1,
            / x / -2:h'98f50a4ff6c05861c8860d13a638ea56c3f5ad7590bbf
bf054e1c7b4d91d6280',
            / y / -3:true
          },
          / kid / 4: '[email protected]'
        },
        / ciphertext / h''
      ]
    ]
  ]
)

A.4. Examples of Encrypted Messages

A.4.1. Countersignature on Encrypted Content

This example uses the following:

CEK: AES-GCM with 128-bit key

Countersignature Algorithm: EdDSA with Curve Ed25519

The size of the binary file is 136 bytes.

16(
  [
    / protected h'A10101' / << {
      / alg / 1:1 / AES-GCM 128 /
    } >>,
    / unprotected / {
      / iv / 5: h'02D1F7E6F26C43D4868D87CE',
      / countersign / 11: [
        / protected h'A10127' / << {
          / alg / 1:-8 / EdDSA with Ed25519 /
        } >>,
        / unprotected / {
          / kid / 4: '11'
        },
        / signature / h'E10439154CC75C7A3A5391491F88651E0292FD0FE0E0
2CF740547EAF6677B4A4040B8ECA16DB592881262F77B14C1A086C02268B17171CA1
6BE4B8595F8C0A08'
      ]
    },
    / ciphertext / h'60973A94BB2898009EE52ECFD9AB1DD25867374B162E2C0
3568B41F57C3CC16F9166250A'
  ]
)

A.5. Examples of MACed Messages

A.5.1. Countersignature on MAC Content

This example uses the following:

MAC Algorithm: HMAC/SHA-256 with 256-bit key

Countersignature Algorithm: EdDSA with Curve Ed25519

The size of the binary file is 159 bytes.

97(
  [
    / protected h'A10105' / << {
      / alg / 1:5 / HS256 /
    } >>,
    / unprotected / {
      / countersign / 11: [
        / protected h'A10127' / << {
          / alg / 1:-8 / EdDSA /
        } >>,
        / unprotected / {
          / kid / 4: '11'
        },
        / signature / h'602566F4A311DC860740D2DF54D4864555E85BC036EA
5A6CF7905B96E499C5F66B01C4997F6A20C37C37543ADEA1D705347D38A5B13594B2
9583DD741F455101'
      ]
    },
    / payload / 'This is the content.',
    / tag / h'2BDCC89F058216B8A208DDC6D8B54AA91F48BD63484986565105C9
AD5A6682F6',
    / recipients / [
      [
        / protected / h'',
        / unprotected / {
          / alg / 1: -6, / direct /
          / kid / 4: 'our-secret'
        },
        / ciphertext / h''
      ]
    ]
  ]
)

A.6. Examples of MAC0 Messages

A.6.1. Countersignature on MAC0 Content

This example uses the following:

MAC Algorithm: HMAC/SHA-256 with 256-bit key

Countersignature Algorithm: EdDSA with Curve Ed25519

The size of the binary file is 159 bytes.

17(
  [
    / protected h'A10105' / << {
      / alg / 1:5 / HS256 /
    } >>,
    / unprotected / {
      / countersign / 11: [
        / protected h'A10127' / << {
          / alg / 1:-8 / EdDSA /
        } >>,
        / unprotected / {
          / kid / 4: '11'
        },
        / signature / h'968A315DF6B4F26362E11F4CFD2F2F4E76232F39657B
F1598837FF9332CDDD7581E248116549451F81EF823DA5974F885B681D3D6E38FC41
42D8F8E9E7DC8F0D'
      ]
    },
    / payload / 'This is the content.',
    / tag / h'A1A848D3471F9D61EE49018D244C824772F223AD4F935293F1789F
C3A08D8C58'
  ]
)
Last updated on