1This is the same test as ecdsa-prime256v1-sha512.pem, however the SIGNATURE has 2been changed to a (valid) BIT STRING containing two unused bits. 3 4Note that the last two bits of the original signature were 0, so the 5DER-encoded bytes portion of the mutated BIT STRING remains the same. All that 6changes is the octet at the start which indicates the number of unused bits. 7 8In other words SIGNATURE changes from: 9 03 47 00 30 ... 84 10To: 11 03 47 02 30 ... 84 12 13 14 15-----BEGIN PUBLIC KEY----- 16MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS 17o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA== 18-----END PUBLIC KEY----- 19 20$ openssl asn1parse -i < [PUBLIC KEY] 21 0:d=0 hl=2 l= 89 cons: SEQUENCE 22 2:d=1 hl=2 l= 19 cons: SEQUENCE 23 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 24 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 25 23:d=1 hl=2 l= 66 prim: BIT STRING 26 27 28 29-----BEGIN ALGORITHM----- 30MAoGCCqGSM49BAME 31-----END ALGORITHM----- 32 33$ openssl asn1parse -i < [ALGORITHM] 34 0:d=0 hl=2 l= 10 cons: SEQUENCE 35 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 36 37 38 39-----BEGIN DATA----- 40bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV 41SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 42APuEMjWr/5jiQb37VTjD4= 43-----END DATA----- 44 45 46 47-----BEGIN SIGNATURE----- 48A0cCMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX 49X/LDDO7/sWpyBCEa2OSiahA== 50-----END SIGNATURE----- 51 52$ openssl asn1parse -i < [SIGNATURE] 53 0:d=0 hl=2 l= 71 prim: BIT STRING 54