1Same test as rsa-pkcs1-sha1.pem, except the SPKI has been modified so the 2algorithm parameters are absent rather than NULL. 3 4This should fail because RFC 3279 says the parameters MUST be NULL. 5 6 7$ openssl asn1parse -i < [PUBLIC KEY] 8 0:d=0 hl=3 l= 157 cons: SEQUENCE 9 3:d=1 hl=2 l= 11 cons: SEQUENCE 10 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 11 16:d=1 hl=3 l= 141 prim: BIT STRING 12-----BEGIN PUBLIC KEY----- 13MIGdMAsGCSqGSIb3DQEBAQOBjQAwgYkCgYEApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h9 1462ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPC 15cKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcCAwEAAQ== 16-----END PUBLIC KEY----- 17 18$ openssl asn1parse -i < [ALGORITHM] 19 0:d=0 hl=2 l= 13 cons: SEQUENCE 20 2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption 21 13:d=1 hl=2 l= 0 prim: NULL 22-----BEGIN ALGORITHM----- 23MA0GCSqGSIb3DQEBBQUA 24-----END ALGORITHM----- 25 26-----BEGIN DATA----- 27zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu 28jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc 29vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY 30pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A== 31-----END DATA----- 32 33$ openssl asn1parse -i < [SIGNATURE] 34 0:d=0 hl=3 l= 129 prim: BIT STRING 35-----BEGIN SIGNATURE----- 36A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8 37Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/ 38wJfKsY6aRY/LY0zc6O41iUxITX 39-----END SIGNATURE----- 40