PNG Digital Signatures Commented Example Martin Bosslet, Thomas Kopp / Dialogika GmbH Document History Version Date Remarks 1.0 17.04.2008 Initial Version According to PNG Digital Signatures Spec. 1.0 1.1 18.05.2008 Introductory Chunk Length Comment Corrected 1.2 26.08.2008 ContentInfo of SignedData instead of pure SignedData This document outlines a detailed example concerning the dSIG chunk (cf. PNG Digital Signatures, Extension Specification 1.0). The optional yet important PNG digital signature feature can be applied to various use cases, e.g. for cleaning web pages that may contain dangerous PNGs hiding malicious scripts attached by intruders. The example has been elaborated and commented by Martin Bosslet who also provided a proof of concept for signing and verifying PNG images. The following PNG image has been used for attaching a digital signature. 89504E470D0A1A0A # PNG 8-byte signature (not included in the message digest) 0000000D # IHDR: length 13 49484452 # IHDR 000001A40000012C0806000000 # IHDR data 8CAFC780 # IHDR CRC 00000030 # dSIG: length 48 (introductory dSIG chunk) 64534947 # dSIG 302E # SEQUENCE OF 46 bytes (introductory ContentInfo) 06092A864886F70D010702 # OBJECT IDENTIFIER 1.2.840.113549.1.7.2 (id-signed-data) A021 # [0] Explicitly tagged structure of 33 bytes 301F # SEQUENCE OF 31 bytes (SignedData) 020101 # INTEGER 1 310B # SET OF 11 bytes 3009 # SEQUENCE OF 9 bytes 06052B0E03021A # OBJECT IDENTIFIER 1.3.14.3.2.26 (sha-1) 0500 # NULL 300B # SEQUENCE OF 11 bytes 06092A864886F70D010701 # OBJECT IDENTIFIER 1.2.840.113549.1.7.1 (id-data) 3100 # SET OF 0 bytes # dSIG data << The data is the DER encoding of the following ASN.1 structure: SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.7.2 [0] { SEQUENCE { INTEGER 1 SET { SEQUENCE { OBJECT IDENTIFIER 1.3.14.3.2.26 NULL } } SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.7.1 } SET { } } } } The structure represents a ContentInfo of SignedData as specified in RFC 3852: ContentInfo ::= SEQUENCE { contentType ContentType, content [0] EXPLICIT ANY DEFINED BY contentType } ContentType ::= OBJECT IDENTIFIER SignedData ::= SEQUENCE { version CMSVersion, digestAlgorithms DigestAlgorithmIdentifiers, encapContentInfo EncapsulatedContentInfo, certificates [0] IMPLICIT CertificateSet OPTIONAL, crls [1] IMPLICIT CertificateRevocationLists OPTIONAL, signerInfos SignerInfos } The following particularities can be observed: The version is 1. The digest algorithms structure contains the SHA-1 identifier. The encapsulated content is empty and specified by the id data object identifier. Certificates and CRLs are omitted. The structure contains an empty set of signer infos. The introductory dSIG chunk serves for the sole purpose to inform a verifier about the digest algorithms used in order to support streamed processing. >> 6B1D4A84 # dSIG CRC 00000001 # sRGB: length 1 73524742 # sRGB 00 # sRGB data AECE1CE9 # sRGB CRC 00000006 # bKGD: length 6 624B4744 # bKGD 00F600C2000E # bKGD data 4BA471AB # bKGD CRC 00000009 # pHYs: length 9 70485973 # pHYs 00000B1300000B1301 # pHYs data 009A9C18 # pHYs CRC 00000007 # tIME: length 7 74494D45 # tIME 07D8040F0A0110 # tIME data 96612687 # tIME CRC 00000019 # tEXt: length 25 74455874 # tEXt 436F6D6D656E74004372656174656420776974682047494D50 # tEXt data (origin: GIMP) 57810E17 # tEXt CRC 00002000 # IDAT: length 8192 49444154 # IDAT: [Omitted 10 IDAT chunks of 8192 bytes each, followed by a final one of 3172 bytes.] D2B26128 # last IDAT CRC 0000068D # dSIG: length 1677 64534947 # dSIG 30820689 # SEQUENCE OF 1673 bytes (trailing ContentInfo) 06092A864886F70D010702 # OBJECT IDENTIFIER 1.2.840.113549.1.7.2 (id-signed-data) A082067A # [0] Explicitly tagged structure of 1658 bytes 30820676 # SEQUENCE OF 1654 bytes (SignedData) 020101 # INTEGER 1 3100 # SET OF 0 bytes 300B # SEQUENCE OF 11 bytes 06092A864886F70D010701 # OBJECT IDENTIFIER 1.2.840.113549.1.7.1 (id-data) A082054A # [0] IMPLICIT TAGGED STRUCTURE OF 1354 bytes 30820546 # SEQUENCE OF 1350 bytes 3082042E # SEQUENCE OF 1070 bytes A003 # [0] IMPLICIT TAGGED STRUCTURE OF 3 bytes 020102 # INTEGER 2 02020A4E # INTEGER 2638 300D # SEQUENCE OF 13 bytes 06092A864886F70D010105 # OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha-1 & rsa) 0500 # NULL 3045 # SEQUENCE OF 69 bytes 310B # SET OF 11 bytes 3009 # SEQUENCE OF 9 bytes 0603550406 # OBJECT IDENTIFIER 2.5.4.6 (countryName) 13024C55 # PrintableString LU 3115 # SET OF 21 bytes 3013 # SEQUENCE OF 19 bytes 060355040A # OBJECT IDENTIFIER 2.5.4.10 (organizationName) 130C4C7578547275737420732E61 # PrintableString LuxTrust s.a 311F # SET OF 31 bytes 301D # SEQUENCE OF 29 bytes 0603550403 # OBJECT IDENTIFIER 2.5.4.3 (commonName) 13164C75785472757374204E6F726D616C69736564204341 # PrintableString LuxTrust Normalised CA 301E # SEQUENCE OF 30 bytes 170D3037303532313133303031345A # UTCTime Mon May 21 15:00:14 CEST 2007 170D3130303532313133303031345A # UTCTime Fri May 21 15:00:14 CEST 2010 30820100 # SEQUENCE OF 256 bytes 310B # SET OF 11 bytes 3009 # SEQUENCE OF 9 bytes 0603550406 # OBJECT IDENTIFIER 2.5.4.6 (countryName) 13024445 # PrintableString DE 3110 # SET OF 16 bytes 300E # SEQUENCE OF 14 bytes 0603550407 # OBJECT IDENTIFIER 2.5.4.7 (localityName) 13074765726D616E79 # PrintableString Germany 3117 # SET OF 23 bytes 3015 # SEQUENCE OF 21 bytes 060355040A # OBJECT IDENTIFIER 2.5.4.10 (organizationName) 130E4469616C6F67696B6120476D6248 # PrintableString Dialogika GmbH 3115 # SET OF 21 bytes 3013 # SEQUENCE OF 19 bytes 060355040B # OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) 130C485242204E722E2037333437 # PrintableString HRB Nr. 7347 311D # SET OF 29 bytes 301B # SEQUENCE OF 27 bytes 0603550403 # OBJECT IDENTIFIER 2.5.4.3 (commonName) 13144D617274696E20506574657220426F73736C6574 # PrintableString Martin Peter Bosslet 3110 # SET OF 16 bytes 300E # SEQUENCE OF 14 bytes 0603550404 # OBJECT IDENTIFIER 2.5.4.4 (surname) 1307426F73736C6574 # PrintableString Bosslet 3115 # SET OF 21 bytes 3013 # SEQUENCE OF 19 bytes 060355042A # OBJECT IDENTIFIER 2.5.4.42 (givenName) 130C4D617274696E205065746572 # PrintableString Martin Peter 311D # SET OF 29 bytes 301B # SEQUENCE OF 27 bytes 0603550405 # OBJECT IDENTIFIER 2.5.4.5 (serialNumber) 13143130313030333832343830303030323130393830 # PrintableString 10100382480000210980 312A # SET OF 42 bytes 3028 # SEQUENCE OF 40 bytes 06092A864886F70D010901 # OBJECT IDENTIFIER 1.2.840.113549.1.9.1 (emailAddress) 161B6D617274696E2E626F73736C6574406469616C6F67696B612E6465 # IA5String martin.bosslet@dialogika.de 311C # SET OF 28 bytes 301A # SEQUENCE OF 26 bytes 060355040C # OBJECT IDENTIFIER 2.5.4.12 (title) 131350726F66657373696F6E616C20506572736F6E # PrintableString Professional Person 30819F # SEQUENCE OF 159 bytes 300D # SEQUENCE OF 13 bytes 06092A864886F70D010101 # OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsa) 0500 # NULL 03818D # BIT STRING OF 141 bytes 0030818902818100A5318FD0FBF26C6A2377B4488D5FCF52282B2B25AAC6A0003FD3BC8B 0377804F8DEC8394D54469DA6417F0E274852FAB422B0A6B2E94FFF9A3F170FB8947FCF2 5E2C5E1FDB74EC2F8C9C862C4F52BC33CA34F4825512BC6D32798D33D12950A6F678EA40 46F007317104C5661AB838E0939AD9D84647E377DFDDC6B5936A9BF50203010001 A3820205 # [3] IMPLICIT TAGGED STRUCTURE OF 517 bytes 30820201 # SEQUENCE OF 513 bytes 300C # SEQUENCE OF 12 bytes 0603551D13 # OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) 0101FF # BOOLEAN true 04023000 # OCTET STRING OF 2 bytes 3060 # SEQUENCE OF 96 bytes 06082B06010505070101 # OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) 04543052302306082B060105050730018617687474703A2F2F6F6373702E6C7578747275 73742E6C75302B06082B06010505073002861F687474703A2F2F63612E6C757874727573 742E6C752F4C544E43412E637274 # OCTET STRING OF 84 bytes 3082010A # SEQUENCE OF 266 bytes 0603551D20 # OBJECT IDENTIFIER 2.5.29.32 (cerificatePolicies) 048201013081FE3008060604008F7A01023081F106072B812B010201013081E53081B706 082B060105050702023081AA1A81A74C75785472757374204E6F726D616C697365642043 65727469666963617465206F6E20535343442E2055736167653A20456C656374726F6E69 63205369676E617475726520284F494420312E332E3137312E312E322E312E3129204175 7468656E7469636174696F6E2020616E6420456E6372797074696F6E20284F4944312E33 2E3137312E312E322E312E32292E204B65792047656E65726174696F6E20627920435350 2E20302906082B06010505070201161D687474703A2F2F7265706F7369746F72792E6C75 7874727573742E6C75 # OCTET STRING OF 257 bytes 300E # SEQUENCE OF 14 bytes 0603551D0F # OBJECT IDENTIFIER 2.5.29.15 (keyUsage) 0101FF # BOOLEAN (TRUE) 040403020640 # OCTET STRING OF 4 bytes 301F # SEQUENCE OF 31 bytes 0603551D23 # OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) 041830168014CEFE469D632F89FDF2381625D8F16CDE47F8CEC1 # OCTET STRING OF 24 bytes 3031 # SEQUENCE OF 49 bytes 0603551D1F # OBJECT IDENTIFIER 2.5.29.31 (crlDistributionPoints) 042A30283026A024A0228620687474703A2F2F63726C2E6C757874727573742E6C752F4C 544E43412E63726C # OCTET STRING OF 42 bytes 301D # SEQUENCE OF 29 bytes 0603551D0E # OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) 041604149B93CC4AA2F18692880D41AB02D3C6BBDD362452 # OCTET STRING OF 22 bytes 300D # SEQUENCE OF 13 bytes 06092A864886F70D010105 # OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha-1 & rsa) 0500 # NULL 03820101 # BIT STRING OF 257 bytes 007D6082B097AB13FEBA93A429238A5F53312542C9E238FEB7CA4561CFD8ABDBAC86F8ACFF21B8716428081CD4774915336C234C9EAADEF75E966FC877CB45AAD244AAE4EF05F880876F494F9416296AE900AB9D7A68A5EB08888696871EEEDDC38E0717F4F31621D379FE63855C10DDD45B7E3244305F2C4083203859D5E13BE27871725DE2997E1C17AA3F0C651D56BCEE082A14DF9F5A86C9EFEC231F885E8BA2B38DFF610909912FD0AD8C9C4A34DE2851A7B9DB864CE9E1F28DEAED69730C92A8A0D87BF113AC578EADBC5A07E8C49F3FC5B3E8F9527EEFB21F81E6D98CE0B7E94B1AF461E86022CB88F1E71495EB6BB62558843CC66A03DCBC16CF44A510 31820112 # SET OF 274 bytes 3082010E # SET OF 270 bytes 020101 # INTEGER 1 304B # SEQUENCE OF 75 bytes 3045 # SEQUENCE OF 69 bytes 310B # SET OF 11 bytes 3009 # SEQUENCE OF 9 bytes 0603550406 # OBJECT IDENTIFIER 2.5.4.6 (countryName) 13024C55 # PrintableString LU 3115 # SET OF 21 bytes 3013 # SEQUENCE OF 19 bytes 060355040A # OBJECT IDENTIFIER 2.5.4.10 (organizationName) 130C4C7578547275737420732E61 # PrintableString LuxTrust s.a 311F # SET OF 31 bytes 301D # SEQUENCE OF 29 bytes 0603550403 # OBJECT IDENTIFIER 2.5.4.3 (commonName) 13164C75785472757374204E6F726D616C69736564204341 # PrintableString LuxTrust Normalised CA 02020A4E # INTEGER 2638 3009 # SEQUENCE OF 9 bytes 06052B0E03021A # OBJECT IDENTIFIER 1.3.14.3.2.26 (sha-1) 0500 # NULL 300D # SEQUENCE OF 13 bytes 06092A864886F70D010101 # OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsa) 0500 # NULL 0481A1 # OCTET STRING OF 161 bytes 30819E06092B0601040184741F01020101130B5348413177697468525341818180A2CDEF94B23925CC17125D1038D8B34CD7F55F6302281EB3456AE653BA8BFE0F5BBA85D57DF51B044EA99381BE27FDD9DA9C151C796859E421D03473D7EA5D049AF8B535ADB8BC8E8604CB47ECD22C7A22DD26CDBD631F885EF12B81661C29B3B75611E2653DA3F2A286DC4A8406338923E018A65903E796B3FA9C2CE2F30530 # dSIG data << The terminating dSIG chunk again is a DER-encoded ContentInfo of SignedData: SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.7.2 [0] { SEQUENCE { INTEGER 1 SET { } SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.7.1 } [0] { SEQUENCE { SEQUENCE { [0] { INTEGER 2 } INTEGER 2638 SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.1.5 NULL null } SEQUENCE { SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.6 PrintableString LU } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.10 PrintableString LuxTrust s.a } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.3 PrintableString LuxTrust Normalised CA } } } SEQUENCE { UTCTime Mon May 21 15:00:14 CEST 2007 UTCTime Fri May 21 15:00:14 CEST 2010 } SEQUENCE { SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.6 PrintableString DE } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.7 PrintableString Germany } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.10 PrintableString Dialogika GmbH } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.11 PrintableString HRB Nr. 7347 } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.3 PrintableString Martin Peter Bosslet } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.4 PrintableString Bosslet } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.42 PrintableString Martin Peter } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.5 PrintableString 10100382480000210980 } } SET { SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.9.1 IA5String martin.bosslet@dialogika.de } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.12 PrintableString Professional Person } } } SEQUENCE { SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.1.1 NULL null } BIT STRING {2, 3, 8, 15, 16, 20, 23, 30, 32, 39, 40, 47, 56, 58, 59, 62, 63, 64, 66, 67, 69, 70, 71, 72, 75, 77, 80, 81, 84, 85, 86, 89, 90, 91, 92, 94, 95, 96, 99, 102, 103, 104, 111, 113, 117, 119, 120, 128, 134, 138, 139, 140, 141, 142, 144, 146, 149, 151, 157, 158, 162, 163, 164, 166, 172, 173, 174, 176, 177, 179, 180, 184, 186, 188, 189, 191, 192, 196, 197, 198, 199, 201, 202, 203, 204, 206, 207, 210, 215, 216, 217, 218, 219, 222, 223, 224, 225, 226, 228, 230, 232, 233, 234, 236, 238, 246, 248, 253, 254, 259, 263, 264, 266, 267, 268, 271, 273, 279, 280, 282, 288, 289, 291, 292, 293, 294, 295, 296, 299, 300, 301, 303, 305, 310, 312, 317, 320, 322, 323, 324, 326, 327, 328, 329, 332, 336, 338, 341, 342, 343, 344, 345, 346, 348, 349, 352, 353, 354, 355, 356, 357, 359, 360, 361, 362, 366, 367, 369, 370, 371, 374, 375, 378, 379, 380, 381, 383, 385, 387, 389, 391, 394, 395, 396, 397, 398, 400, 402, 407, 409, 410, 411, 412, 417, 418, 422, 424, 425, 427, 430, 432, 433, 434, 435, 436, 440, 442, 443, 446, 447, 448, 450, 453, 455, 457, 459, 461, 465, 467, 472, 476, 477, 478, 479, 480, 482, 486, 487, 493, 494, 495, 498, 499, 502, 503, 506, 508, 509, 511, 514, 515, 516, 517, 518, 519, 520, 522, 523, 524, 527, 528, 531, 536, 537, 538, 539, 540, 541, 544, 546, 547, 549, 550, 551, 553, 554, 558, 559, 560, 561, 563, 564, 565, 566, 568, 570, 571, 572, 577, 578, 581, 582, 583, 585, 588, 591, 592, 593, 595, 596, 597, 599, 600, 602, 603, 608, 609, 611, 612, 613, 614, 620, 626, 631, 632, 633, 634, 636, 637, 643, 646, 649, 650, 652, 653, 655, 656, 658, 660, 663, 665, 666, 667, 668, 670, 671, 677, 679, 682, 683, 684, 689, 690, 693, 694, 695, 696, 697, 700, 701, 702, 703, 707, 708, 709, 710, 711, 712, 713, 714, 715, 718, 719, 720, 721, 723, 725, 726, 727, 731, 733, 734, 735, 737, 738, 739, 742, 744, 745, 746, 748, 749, 753, 754, 755, 756, 757, 759, 762, 763, 764, 765, 766, 767, 769, 774, 776, 777, 782, 783, 784, 785, 786, 787, 788, 791, 792, 793, 796, 798, 799, 800, 801, 806, 809, 810, 812, 813, 816, 818, 819, 820, 822, 824, 825, 826, 827, 829, 830, 831, 835, 838, 839, 840, 841, 842, 845, 846, 847, 849, 850, 851, 852, 853, 855, 859, 860, 863, 865, 866, 868, 869, 870, 872, 873, 875, 876, 877, 878, 879, 882, 884, 885, 886, 888, 892, 893, 894, 895, 896, 897, 898, 899, 901, 902, 905, 906, 907, 909, 910, 912, 913, 915, 918, 921, 922, 924, 927, 933, 938, 940, 942, 945, 946, 947, 948, 949, 951, 954, 955, 957, 959, 960, 963, 964, 965, 970, 975, 978, 981, 985, 987, 989, 994, 997, 999, 1000, 1006, 1007, 1014, 1017, 1018, 1020, 1021, 1023, 1024, 1025, 1026, 1028, 1029, 1033, 1038, 1039, 1048, 1049, 1050, 1053, 1055, 1064, 1065, 1072, 1074, 1075, 1077, 1078, 1079, 1086, 1094, 1095, 1103, 1119 } } [3] { SEQUENCE { SEQUENCE { OBJECT IDENTIFIER 2.5.29.19 BOOLEAN true OCTET STRING 30 00 } SEQUENCE { OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 OCTET STRING 30 52 30 23 06 08 2B 06 01 05 05 07 30 01 86 17 68 74 74 70 3A 2F 2F 6F 63 73 70 2E 6C 75 78 74 72 75 73 74 2E 6C 75 30 2B 06 08 2B 06 01 05 05 07 30 02 86 1F 68 74 74 70 3A 2F 2F 63 61 2E 6C 75 78 74 72 75 73 74 2E 6C 75 2F 4C 54 4E 43 41 2E 63 72 74 } } SEQUENCE { OBJECT IDENTIFIER 2.5.29.32 OCTET STRING 30 81 FE 30 08 06 06 04 00 8F 7A 01 02 30 81 F1 06 07 2B 81 2B 01 02 01 01 30 81 E5 30 81 B7 06 08 2B 06 01 05 05 07 02 02 30 81 AA 1A 81 A7 4C 75 78 54 72 75 73 74 20 4E 6F 72 6D 61 6C 69 73 65 64 20 43 65 72 74 69 66 69 63 61 74 65 20 6F 6E 20 53 53 43 44 2E 20 55 73 61 67 65 3A 20 45 6C 65 63 74 72 6F 6E 69 63 20 53 69 67 6E 61 74 75 72 65 20 28 4F 49 44 20 31 2E 33 2E 31 37 31 2E 31 2E 32 2E 31 2E 31 29 20 41 75 74 68 65 6E 74 69 63 61 74 69 6F 6E 20 20 61 6E 64 20 45 6E 63 72 79 70 74 69 6F 6E 20 28 4F 49 44 31 2E 33 2E 31 37 31 2E 31 2E 32 2E 31 2E 32 29 2E 20 4B 65 79 20 47 65 6E 65 72 61 74 69 6F 6E 20 62 79 20 43 53 50 2E 20 30 29 06 08 2B 06 01 05 05 07 02 01 16 1D 68 74 74 70 3A 2F 2F 72 65 70 6F 73 69 74 6F 72 79 2E 6C 75 78 74 72 75 73 74 2E 6C 75 } } SEQUENCE { OBJECT IDENTIFIER 2.5.29.15 BOOLEAN true OCTET STRING 03 02 06 40 } SEQUENCE { OBJECT IDENTIFIER 2.5.29.35 OCTET STRING 30 16 80 14 CE FE 46 9D 63 2F 89 FD F2 38 16 25 D8 F1 6C DE 47 F8 CE C1 } SEQUENCE { OBJECT IDENTIFIER 2.5.29.31 OCTET STRING { 30 28 30 26 A0 24 A0 22 86 20 68 74 74 70 3A 2F 2F 63 72 6C 2E 6C 75 78 74 72 75 73 74 2E 6C 75 2F 4C 54 4E 43 41 2E 63 72 6C } } SEQUENCE { OBJECT IDENTIFIER 2.5.29.14 OCTET STRING { 04 14 BE 1E 28 01 5D 8B 90 24 CA 27 81 5B 3F E8 E9 3C 9E 27 3F C0 } } } } } SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.1.5 NULL null } BIT STRING {1, 2, 3, 4, 5, 7, 9, 10, 16, 22, 24, 26, 27, 32, 35, 37, 38, 39, 40, 42, 44, 46, 47, 51, 54, 55, 56, 57, 58, 59, 60, 61, 62, 64, 66, 67, 68, 70, 72, 75, 78, 79, 80, 82, 85, 90, 92, 95, 98, 102, 103, 104, 108, 110, 113, 115, 116, 117, 118, 119, 121, 123, 126, 127, 130, 131, 135, 138, 141, 143, 145, 150, 152, 153, 156, 159, 160, 161, 162, 166, 170, 171, 172, 176, 177, 178, 179, 180, 181, 182, 184, 186, 187, 189, 190, 191, 192, 193, 196, 198, 201, 205, 207, 209, 210, 215, 216, 217, 220, 221, 222, 223, 224, 225, 227, 228, 232, 234, 236, 238, 239, 240, 241, 243, 244, 246, 247, 248, 250, 252, 253, 256, 261, 262, 264, 265, 266, 267, 268, 272, 274, 276, 277, 280, 281, 282, 283, 284, 285, 286, 287, 290, 295, 296, 298, 299, 300, 305, 306, 307, 311, 313, 314, 317, 322, 324, 332, 339, 340, 341, 344, 345, 347, 349, 353, 354, 355, 357, 358, 359, 361, 364, 367, 371, 373, 375, 378, 379, 382, 383, 385, 386, 388, 389, 394, 398, 399, 401, 404, 405, 408, 411, 412, 413, 414, 416, 418, 420, 422, 424, 425, 427, 428, 429, 430, 432, 433, 434, 435, 437, 438, 439, 441, 443, 444, 445, 446, 448, 451, 453, 454, 457, 458, 460, 461, 462, 463, 464, 465, 468, 473, 474, 475, 477, 478, 479, 480, 481, 484, 486, 487, 489, 493, 495, 496, 498, 500, 502, 504, 505, 507, 510, 513, 517, 520, 522, 524, 526, 528, 529, 530, 533, 536, 537, 538, 540, 541, 542, 543, 549, 551, 552, 553, 554, 555, 556, 560, 568, 573, 574, 575, 577, 578, 580, 581, 582, 583, 585, 588, 591, 593, 596, 597, 598, 599, 600, 603, 605, 611, 613, 614, 618, 620, 623, 625, 626, 628, 630, 632, 633, 634, 636, 639, 648, 650, 652, 654, 655, 656, 659, 660, 661, 663, 665, 666, 667, 668, 670, 673, 674, 676, 680, 682, 685, 687, 688, 689, 690, 692, 694, 695, 700, 704, 708, 712, 717, 718, 720, 723, 725, 726, 728, 733, 734, 735, 739, 740, 741, 742, 744, 745, 746, 748, 749, 750, 752, 753, 755, 756, 757, 759, 760, 761, 766, 767, 768, 772, 773, 774, 781, 782, 783, 787, 789, 790, 791, 792, 793, 794, 795, 797, 800, 801, 802, 803, 806, 807, 811, 813, 814, 818, 823, 824, 825, 827, 830, 831, 833, 834, 835, 836, 839, 840, 841, 842, 843, 844, 845, 846, 849, 850, 854, 855, 856, 861, 863, 865, 867, 868, 869, 875, 880, 881, 883, 884, 885, 887, 888, 889, 891, 893, 897, 899, 900, 902, 903, 905, 906, 907, 908, 909, 910, 914, 915, 918, 921, 925, 930, 931, 937, 939, 940, 941, 942, 943, 946, 948, 949, 953, 960, 966, 967, 970, 978, 979, 980, 985, 987, 988, 991, 992, 993, 995, 997, 999, 1000, 1001, 1002, 1007, 1010, 1011, 1012, 1014, 1015, 1016, 1017, 1018, 1022, 1025, 1026, 1027, 1028, 1033, 1034, 1035, 1039, 1041, 1042, 1043, 1046, 1049, 1051, 1052, 1053, 1055, 1056, 1057, 1058, 1062, 1064, 1067, 1068, 1071, 1073, 1074, 1075, 1076, 1077, 1078, 1083, 1084, 1085, 1091, 1093, 1094, 1095, 1096, 1098, 1100, 1102, 1106, 1107, 1108, 1109, 1110, 1111, 1116, 1117, 1121, 1122, 1125, 1127, 1131, 1132, 1133, 1135, 1137, 1139, 1141, 1142, 1144, 1146, 1147, 1148, 1149, 1152, 1153, 1154, 1156, 1157, 1158, 1164, 1170, 1172, 1174, 1179, 1181, 1184, 1185, 1187, 1188, 1189, 1190, 1191, 1192, 1195, 1196, 1197, 1198, 1199, 1201, 1203, 1204, 1206, 1208, 1213, 1214, 1216, 1217, 1220, 1223, 1224, 1225, 1226, 1228, 1229, 1230, 1231, 1232, 1233, 1234, 1236, 1237, 1242, 1246, 1247, 1251, 1252, 1253, 1254, 1255, 1256, 1260, 1265, 1267, 1268, 1269, 1270, 1272, 1276, 1278, 1279, 1280, 1282, 1286, 1288, 1290, 1291, 1294, 1295, 1296, 1300, 1301, 1303, 1304, 1305, 1306, 1307, 1308, 1309, 1310, 1311, 1313, 1314, 1319, 1324, 1327, 1332, 1335, 1336, 1339, 1343, 1346, 1348, 1349, 1350, 1351, 1352, 1353, 1355, 1360, 1362, 1364, 1365, 1367, 1368, 1372, 1373, 1376, 1379, 1380, 1381, 1385, 1388, 1390, 1394, 1395, 1397, 1400, 1401, 1403, 1404, 1405, 1406, 1410, 1412, 1417, 1419, 1423, 1424, 1426, 1429, 1430, 1431, 1432, 1434, 1435, 1436, 1439, 1440, 1441, 1443, 1444, 1446, 1447, 1448, 1453, 1454, 1457, 1460, 1461, 1464, 1465, 1466, 1468, 1471, 1472, 1473, 1474, 1479, 1480, 1481, 1482, 1483, 1486, 1488, 1492, 1493, 1495, 1496, 1497, 1498, 1500, 1502, 1504, 1505, 1506, 1508, 1509, 1511, 1513, 1514, 1516, 1519, 1521, 1522, 1523, 1526, 1527, 1532, 1533, 1536, 1539, 1542, 1544, 1546, 1548, 1552, 1554, 1560, 1561, 1563, 1564, 1569, 1570, 1571, 1572, 1574, 1575, 1576, 1577, 1578, 1579, 1583, 1587, 1590, 1591, 1592, 1594, 1596, 1597, 1601, 1603, 1605, 1606, 1607, 1608, 1612, 1613, 1614, 1616, 1618, 1620, 1621, 1623, 1624, 1626, 1627, 1628, 1629, 1633, 1635, 1636, 1638, 1645, 1646, 1647, 1648, 1649, 1650, 1652, 1656, 1657, 1661, 1664, 1667, 1668, 1669, 1670, 1671, 1674, 1675, 1676, 1677, 1678, 1679, 1680, 1681, 1685, 1687, 1688, 1690, 1691, 1694, 1695, 1696, 1697, 1698, 1700, 1704, 1705, 1706, 1707, 1708, 1711, 1713, 1715, 1718, 1721, 1722, 1723, 1724, 1725, 1726, 1728, 1729, 1730, 1732, 1733, 1734, 1735, 1736, 1738, 1739, 1742, 1747, 1748, 1749, 1750, 1751, 1752, 1759, 1760, 1761, 1762, 1765, 1766, 1768, 1769, 1771, 1772, 1775, 1776, 1780, 1781, 1784, 1785, 1786, 1792, 1794, 1795, 1797, 1798, 1799, 1800, 1801, 1802, 1804, 1807, 1809, 1812, 1814, 1815, 1819, 1820, 1822, 1824, 1825, 1826, 1827, 1829, 1833, 1834, 1839, 1840, 1841, 1842, 1844, 1849, 1850, 1858, 1862, 1864, 1865, 1868, 1870, 1871, 1872, 1876, 1880, 1881, 1882, 1883, 1887, 1888, 1889, 1890, 1893, 1894, 1895, 1899, 1901, 1904, 1907, 1909, 1911, 1912, 1913, 1914, 1916, 1918, 1919, 1921, 1922, 1924, 1926, 1927, 1928, 1930, 1931, 1933, 1934, 1938, 1941, 1943, 1945, 1947, 1948, 1952, 1957, 1962, 1963, 1964, 1965, 1968, 1969, 1973, 1974, 1977, 1978, 1980, 1982, 1990, 1991, 1992, 1993, 1995, 1996, 1997, 2000, 2002, 2003, 2004, 2005, 2011, 2013, 2014, 2016, 2017, 2020, 2021, 2022, 2023, 2025, 2029, 2032, 2034, 2037, 2039, 2043 } } } SET { SEQUENCE { INTEGER 1 SEQUENCE { SEQUENCE { SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.6 PrintableString LU } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.10 PrintableString LuxTrust s.a } } SET { SEQUENCE { OBJECT IDENTIFIER 2.5.4.3 PrintableString LuxTrust Normalised CA } } } INTEGER 2638 } SEQUENCE { OBJECT IDENTIFIER 1.3.14.3.2.26 NULL null } SEQUENCE { OBJECT IDENTIFIER 1.2.840.113549.1.1.1 NULL null } OCTET STRING { 30 81 9E 06 09 2B 06 01 04 01 84 74 1F 01 02 01 01 13 0B 53 48 41 31 77 69 74 68 52 53 41 81 81 80 A2 CD EF 94 B2 39 25 CC 17 12 5D 10 38 D8 B3 4C D7 F5 5F 63 02 28 1E B3 45 6A E6 53 BA 8B FE 0F 5B BA 85 D5 7D F5 1B 04 4E A9 93 81 BE 27 FD D9 DA 9C 15 1C 79 68 59 E4 21 D0 34 73 D7 EA 5D 04 9A F8 B5 35 AD B8 BC 8E 86 04 CB 47 EC D2 2C 7A 22 DD 26 CD BD 63 1F 88 5E F1 2B 81 66 1C 29 B3 B7 56 11 E2 65 3D A3 F2 A2 86 DC 4A 84 06 33 89 23 E0 18 A6 59 03 E7 96 B3 FA 9C 2C E2 F3 05 30 } } } } } } The following particularities can be observed: The version is 1. The digest algorithms structure is empty because this information is supplied ex ante by the introductory chunk. The encapsulated content is empty and specified by the id data object identifier. The certificates section typically contains all certificates required for constructing a path to a trusted root. However, the signer certificate only is listed here. CRLs are omitted. The structure contains the set of signer infos which is the essential part of the dSIG chunk containing the actual digital signature wrapped as a trailing OCTET STRING. The signer info structure conforms to the following general syntax: SignerInfo ::= SEQUENCE { version CMSVersion, sid SignerIdentifier, digestAlgorithm DigestAlgorithmIdentifier, signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL, signatureAlgorithm SignatureAlgorithmIdentifier, signature SignatureValue, unsignedAttrs [1] IMPLICIT UnsignedAttributes OPTIONAL } SignerIdentifier ::= CHOICE { issuerAndSerialNumber IssuerAndSerialNumber, subjectKeyIdentifier [0] SubjectKeyIdentifier } SignedAttributes ::= SET SIZE (1..MAX) OF Attribute UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute Attribute ::= SEQUENCE { attrType OBJECT IDENTIFIER, attrValues SET OF AttributeValue } AttributeValue ::= ANY SignatureValue ::= OCTET STRING The SignedAttrs and UnsignedAttrs are empty. The digest algorithm used is SHA-1 corresponding to the algorithm listed in the introductory chunk, the signature algorithm used is RSA. >> A1EE0024 # dSIG CRC 00000000 # IEND: length 0 49454E44 # IEND AE426082 # IEND CRC PNG Signature Example Dialogika GmbH & LuxTrust S.A.