1This test data was produced by creating a self-signed EC cert using OpenSSL, 2and then extracting the relevant fields. 3 4It uses ECDSA with curve secp384r1 an SHA-256. 5 6(1) Generate self-signed certificate 7 8 openssl ecparam -out ec_key.pem -name secp384r1 -genkey 9 openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem 10 11(2) Extract public key 12 13 openssl x509 -in cert.pem -pubkey -noout > pubkey.pem 14 cat pubkey.pem 15 16(3) Extract signed data (tbsCertificate) 17 18 openssl asn1parse -in cert.pem -out tbs -noout -strparse 4 19 base64 tbs 20 21(4) Extract signature algorithm 22 23 # Find the offset of the signature algorithm near the end (496 in this case) 24 openssl asn1parse -in cert.pem 25 26 openssl asn1parse -in cert.pem -out alg -noout -strparse 496 27 base64 alg 28 29(5) Extract the signature 30 31 # Find the final offset of BIT STRING (508 in this case) 32 openssl asn1parse -in cert.pem 33 34 openssl asn1parse -in cert.pem -out sig -noout -strparse 508 35 base64 sig 36 37 38 39-----BEGIN PUBLIC KEY----- 40MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXFhBi+WKXuxeK9yCbC9jqEchwjCNsQ4RXAsJ07oHZ+Q 41qz55cNIY5BAhcQ0QYY5jv9BimGL9SuhUuOSuS3Pn9rrsIFGcFsihy4kDr8rq5+7RbN8bV057gW5 42emYjLtvDsQ 43-----END PUBLIC KEY----- 44 45$ openssl asn1parse -i < [PUBLIC KEY] 46 0:d=0 hl=2 l= 118 cons: SEQUENCE 47 2:d=1 hl=2 l= 16 cons: SEQUENCE 48 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey 49 13:d=2 hl=2 l= 5 prim: OBJECT :secp384r1 50 20:d=1 hl=2 l= 98 prim: BIT STRING 51 52 53 54-----BEGIN ALGORITHM----- 55MAoGCCqGSM49BAMC 56-----END ALGORITHM----- 57 58$ openssl asn1parse -i < [ALGORITHM] 59 0:d=0 hl=2 l= 10 cons: SEQUENCE 60 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256 61 62 63 64-----BEGIN DATA----- 65MIIB6KADAgECAgkAtUVxft6/Vc0wCgYIKoZIzj0EAwIwbzELMAkGA1UEBhMCQVUxEzARBgNVBAg 66MClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAw 67wDYWhhMRowGAYJKoZIhvcNAQkBFgtzdXBAZm9vLmNvbTAeFw0xNTA3MDIwMDM4MTRaFw0xNjA3M 68DEwMDM4MTRaMG8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ 69bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA2FoYTEaMBgGCSqGSIb3DQEJARYLc3V 70wQGZvby5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARcWEGL5Ype7F4r3IJsL2OoRyHCMI2xDh 71FcCwnTugdn5CrPnlw0hjkECFxDRBhjmO/0GKYYv1K6FS45K5Lc+f2uuwgUZwWyKHLiQOvyurn7t 72Fs3xtXTnuBbl6ZiMu28OxCjUDBOMB0GA1UdDgQWBBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAfBgNV 73HSMEGDAWgBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAMBgNVHRMEBTADAQH/ 74-----END DATA----- 75 76 77 78-----BEGIN SIGNATURE----- 79A2kAMGYCMQCDwMSZVJZ8qThiNTV7VX57m8fdNnNS6cXIjRYoh4SozlYWmWGh87nhmJJCeD16jVM 80CMQDkroAY8oNi8RxLUor+LozhhVgu24tu6lcp4MP8H3Zy8bBea5HerAd1AqJp3Ox7KDU= 81-----END SIGNATURE----- 82 83$ openssl asn1parse -i < [SIGNATURE] 84 0:d=0 hl=2 l= 105 prim: BIT STRING 85