1This is the same test as rsa-pkcs1-sha1.pem, except the SPKI has been modified 2so that the key algorithm is rsaPss (1.2.840.113549.1.1.10) with absent 3parameters. 4 5Subsequently this should fail, as a PSS key should not be used with a signature 6algorithm for PKCS#1 v1.5. 7 8 9 10-----BEGIN PUBLIC KEY----- 11MIGdMAsGCSqGSIb3DQEBCgOBjQAwgYkCgYEApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h9 1262ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPC 13cKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcCAwEAAQ== 14-----END PUBLIC KEY----- 15 16$ openssl asn1parse -i < [PUBLIC KEY] 17 0:d=0 hl=3 l= 157 cons: SEQUENCE 18 3:d=1 hl=2 l= 11 cons: SEQUENCE 19 5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss 20 16:d=1 hl=3 l= 141 prim: BIT STRING 21 22 23 24-----BEGIN ALGORITHM----- 25MA0GCSqGSIb3DQEBBQUA 26-----END ALGORITHM----- 27 28$ openssl asn1parse -i < [ALGORITHM] 29 0:d=0 hl=2 l= 13 cons: SEQUENCE 30 2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 31 13:d=1 hl=2 l= 0 prim: NULL 32 33 34 35-----BEGIN DATA----- 36zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 37jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 38vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 39pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 40-----END DATA----- 41 42 43 44-----BEGIN SIGNATURE----- 45A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8 46Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/ 47wJfKsY6aRY/LY0zc6O41iUxITX 48-----END SIGNATURE----- 49 50$ openssl asn1parse -i < [SIGNATURE] 51 0:d=0 hl=3 l= 129 prim: BIT STRING 52