{"id":1366,"date":"2021-08-02T15:36:50","date_gmt":"2021-08-02T15:36:50","guid":{"rendered":"https:\/\/www.ishygddt.xyz\/~blog\/?p=1366"},"modified":"2022-03-08T15:56:25","modified_gmt":"2022-03-08T21:56:25","slug":"ghetto-guide-to-cms","status":"publish","type":"post","link":"http:\/\/www.ishygddt.xyz\/~blog\/2021\/08\/ghetto-guide-to-cms","title":{"rendered":"[DRAFT] Ghetto Guide to CMS"},"content":{"rendered":"<p>*and by \"ghetto\", I mean \"extremely applied\". Basically, it's just interpretive labor on <a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc5652\">RFC 5652: Cryptographic Message Syntax<\/a> and <a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc5280\">RFC 5280: X.509<\/a>.<\/p>\n<p>P.S. CMS is way more technically elegant than PGP. I dare you to read <a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc4880\">the RFC<\/a> and compare.<\/p>\n<hr \/>\n<p>Firstly: the \"root object\" that you'll be shitting nakedly into a binary (or ASCII-armored) file that sits in the filesystem or gets otherwise transferred is <strong>a <code class=\"\" data-line=\"\">ContentInfo<\/code> data stream<\/strong>. This is an ASN.1 <code class=\"\" data-line=\"\">SEQUENCE<\/code> with 2 elements:<\/p>\n<ol>\n<li><code class=\"\" data-line=\"\">OBJECT IDENTIFIER<\/code> giving \"context\" and defining what the following element should contain<\/li>\n<li><code class=\"\" data-line=\"\">[0] EXPLICIT OCTET STRING OPTIONAL<\/code>, containing whatever the OID in the first element says to<\/li>\n<\/ol>\n<p>Before we go on, just take note that <code class=\"\" data-line=\"\">AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }<\/code>; I didn't want to define terms that aren't\u00a0<em>directly<\/em> in a critical chain of logic, but this one is used all the frickin time here so I figured I'd define it for convenience.<\/p>\n<p>We'll generally want the <code class=\"\" data-line=\"\">EnvelopedData<\/code> content type (<code class=\"\" data-line=\"\">1.2.840.113549.1.7.3<\/code>) at the first level; it is a <code class=\"\" data-line=\"\">SEQUENCE<\/code> with 3 to 5 elements:<\/p>\n<ol>\n<li><code class=\"\" data-line=\"\">version<\/code> (an integer)<\/li>\n<li><code class=\"\" data-line=\"\">[0] IMPLICIT OriginatorInfo OPTIONAL<\/code><\/li>\n<li><code class=\"\" data-line=\"\">SET OF CHOICE { KeyTransRecipentInfo, [1] KeyAgreeRecipientInfo, [2] KEKRecipientInfo, [3] PasswordRecipientInfo, [4] OtherRecipientInfo }<\/code><code class=\"\" data-line=\"\"><\/code><\/li>\n<li><code class=\"\" data-line=\"\">EncryptedContentInfo<\/code><\/li>\n<li><code class=\"\" data-line=\"\">[1] IMPLICIT UnprotectedAttributes SET OF AlgorithmIdentifier OPTIONAL<\/code>\n<ul>\n<li>A <strong>kinda-comprehensive<\/strong> list of choices can be found <a href=\"http:\/\/www.iana.org\/assignments\/smi-numbers\/smi-numbers.xhtml#security-smime-2\">here<\/a>\n<ul>\n<li>Abandon all hope, ye who enter here<\/li>\n<\/ul>\n<\/li>\n<li>You probably should include at least <code class=\"\" data-line=\"\">id-aa-contentHint<\/code> (<code class=\"\" data-line=\"\">1.2.840.113549.1.9.16.2.4<\/code>) to specify the <code class=\"\" data-line=\"\">contentType<\/code> of your <em>plaintext<\/em> data<\/li>\n<li>if this field is <em>present<\/em>, then the <code class=\"\" data-line=\"\">version<\/code> field must be 2<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p>Currently, we'll focus on <code class=\"\" data-line=\"\">PasswordRecipientInfo<\/code>, which was defined in <a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc3211\">RFC 3211<\/a> as a <code class=\"\" data-line=\"\">SEQUENCE<\/code> with 3 to 4 elements:<\/p>\n<ol>\n<li><code class=\"\" data-line=\"\">version<\/code> (always equal to 0)<\/li>\n<li><code class=\"\" data-line=\"\">keyDerivationAlgorithm [0] AlgorithmIdentifier OPTIONAL<\/code>\n<ul>\n<li><a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-smime-cmsalg-01#section-4.4.1\">PBKDF2<\/a> (<code class=\"\" data-line=\"\">1.2.840.113549.1.5.12<\/code>) is a good choice here<\/li>\n<li><code class=\"\" data-line=\"\">PBKDF2-params ::= SEQUENCE { salt CHOICE { specified OCTET STRING, otherSource AlgorithmIdentifier }, iterationCount INTEGER, keyLength INTEGER OPTIONAL, prf AlgorithmIdentifier DEFAULT hMAC-SHA1 }<\/code><\/li>\n<\/ul>\n<\/li>\n<li><code class=\"\" data-line=\"\">keyEncryptionAlgorithm AlgorithmIdentifier<\/code>\n<ul>\n<li>officially prescribed is <a href=\"https:\/\/www.rfc-editor.org\/rfc\/rfc3211.html#section-2.3.1\">this convoluted algorithm<\/a> or <a href=\"https:\/\/www.rfc-editor.org\/rfc\/rfc3370#section-4.3\">these mediocre options<\/a>. I think we can do better than either, these days.<\/li>\n<\/ul>\n<\/li>\n<li><code class=\"\" data-line=\"\">encryptedKey OCTET STRING<\/code><\/li>\n<\/ol>\n<p><code class=\"\" data-line=\"\">EncryptedContentInfo<\/code> is a <code class=\"\" data-line=\"\">SEQUENCE<\/code> with 2 to 3 elements:<\/p>\n<ol>\n<li><code class=\"\" data-line=\"\">contentType OBJECT IDENTIFIER<\/code><\/li>\n<li><code class=\"\" data-line=\"\">contentEncryptionAlgorithm AlgorithmIdentifier<\/code>\n<ul>\n<li>Nonces <em>generally<\/em> go here, but it's entirely up to whoever defined the selected <code class=\"\" data-line=\"\">algorithm<\/code><\/li>\n<\/ul>\n<\/li>\n<li><code class=\"\" data-line=\"\">encryptedContent [0] IMPLICIT OPTIONAL OCTET STRING DEFINED BY contentEncryptionAlgorithm<\/code>\n<ul>\n<li>\u201c<code class=\"\" data-line=\"\">encryptedContent<\/code> is the result of encrypting the content. The field is optional, [but] if [it] is not present, its intended value must be supplied by other means.\u201d<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p>TODO: <code class=\"\" data-line=\"\">SignedData<\/code>, which is a complicated composite doodad that supports most other use-cases as a subset<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Interpretive labor on RFC 5652 and RFC 5280<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[101],"tags":[102],"class_list":["post-1366","post","type-post","status-publish","format-standard","hentry","category-writeups","tag-cryptography"],"_links":{"self":[{"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/posts\/1366","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/comments?post=1366"}],"version-history":[{"count":26,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/posts\/1366\/revisions"}],"predecessor-version":[{"id":2097,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/posts\/1366\/revisions\/2097"}],"wp:attachment":[{"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/media?parent=1366"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/categories?post=1366"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.ishygddt.xyz\/~blog\/wp-json\/wp\/v2\/tags?post=1366"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}