| This is the same test as ecdsa-prime256v1-sha512.pem, however the SIGNATURE has |
| been changed to a (valid) BIT STRING containing two unused bits. |
| |
| Note that the last two bits of the original signature were 0, so the |
| DER-encoded bytes portion of the mutated BIT STRING remains the same. All that |
| changes is the octet at the start which indicates the number of unused bits. |
| |
| In other words SIGNATURE changes from: |
| 03 47 00 30 ... 84 |
| To: |
| 03 47 02 30 ... 84 |
| |
| |
| $ openssl asn1parse -i < [PUBLIC KEY] |
| 0:d=0 hl=2 l= 89 cons: SEQUENCE |
| 2:d=1 hl=2 l= 19 cons: SEQUENCE |
| 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey |
| 13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1 |
| 23:d=1 hl=2 l= 66 prim: BIT STRING |
| -----BEGIN PUBLIC KEY----- |
| MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS |
| o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA== |
| -----END PUBLIC KEY----- |
| |
| $ openssl asn1parse -i < [ALGORITHM] |
| 0:d=0 hl=2 l= 10 cons: SEQUENCE |
| 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512 |
| -----BEGIN ALGORITHM----- |
| MAoGCCqGSM49BAME |
| -----END ALGORITHM----- |
| |
| -----BEGIN DATA----- |
| bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV |
| SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1 |
| APuEMjWr/5jiQb37VTjD4= |
| -----END DATA----- |
| |
| $ openssl asn1parse -i < [SIGNATURE] |
| 0:d=0 hl=2 l= 71 prim: BIT STRING |
| -----BEGIN SIGNATURE----- |
| A0cCMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX |
| X/LDDO7/sWpyBCEa2OSiahA== |
| -----END SIGNATURE----- |
