1This is the same test as ecdsa-prime256v1-sha512.pem, however the SIGNATURE has 2been changed to a (valid) BIT STRING containing two unused bits. 3 4Note that the last two bits of the original signature were 0, so the 5DER-encoded bytes portion of the mutated BIT STRING remains the same. All that 6changes is the octet at the start which indicates the number of unused bits. 7 8In other words SIGNATURE changes from: 9 03 47 00 30 ... 84 10To: 11 03 47 02 30 ... 84 12 13 14$ openssl asn1parse -i < [PUBLIC KEY] 15 0:d=0 hl=2 l= 89 cons: SEQUENCE 16 2:d=1 hl=2 l= 19 cons: SEQUENCE 17 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 18 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 19 23:d=1 hl=2 l= 66 prim: BIT STRING 20-----BEGIN PUBLIC KEY----- 21MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS 22o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA== 23-----END PUBLIC KEY----- 24 25$ openssl asn1parse -i < [ALGORITHM] 26 0:d=0 hl=2 l= 10 cons: SEQUENCE 27 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 28-----BEGIN ALGORITHM----- 29MAoGCCqGSM49BAME 30-----END ALGORITHM----- 31 32-----BEGIN DATA----- 33bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 34SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 35APuEMjWr/5jiQb37VTjD4= 36-----END DATA----- 37 38$ openssl asn1parse -i < [SIGNATURE] 39 0:d=0 hl=2 l= 71 prim: BIT STRING 40-----BEGIN SIGNATURE----- 41A0cCMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX 42X/LDDO7/sWpyBCEa2OSiahA== 43-----END SIGNATURE----- 44