This test exercises using a different hash function parameter to the mask gen function (SHA-256 for the hash, but SHA-512 for the MGF1 hash). This test data was constructed manually by calling signing functions from OpenSSL code. It constructs an RSASSA-PSS signature using: * Key with modulus 1024 bit * Salt length 33 bytes * Digest function of SHA-256 * Mask gen function of MGF1 with SHA-512 -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB -----END PUBLIC KEY----- $ openssl asn1parse -i < [PUBLIC KEY] 0:d=0 hl=3 l= 159 cons: SEQUENCE 3:d=1 hl=2 l= 13 cons: SEQUENCE 5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 16:d=2 hl=2 l= 0 prim: NULL 18:d=1 hl=3 l= 141 prim: BIT STRING -----BEGIN ALGORITHM----- MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU DBAIDBQCiAwIBIQ== -----END ALGORITHM----- $ openssl asn1parse -i < [ALGORITHM] 0:d=0 hl=2 l= 65 cons: SEQUENCE 2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss 13:d=1 hl=2 l= 52 cons: SEQUENCE 15:d=2 hl=2 l= 15 cons: cont [ 0 ] 17:d=3 hl=2 l= 13 cons: SEQUENCE 19:d=4 hl=2 l= 9 prim: OBJECT :sha256 30:d=4 hl=2 l= 0 prim: NULL 32:d=2 hl=2 l= 28 cons: cont [ 1 ] 34:d=3 hl=2 l= 26 cons: SEQUENCE 36:d=4 hl=2 l= 9 prim: OBJECT :mgf1 47:d=4 hl=2 l= 13 cons: SEQUENCE 49:d=5 hl=2 l= 9 prim: OBJECT :sha512 60:d=5 hl=2 l= 0 prim: NULL 62:d=2 hl=2 l= 3 cons: cont [ 2 ] 64:d=3 hl=2 l= 1 prim: INTEGER :21 -----BEGIN DATA----- VGVzdCBtZXNzYWdlIHRvIGJlIHNpZ25lZC4uLg== -----END DATA----- -----BEGIN SIGNATURE----- A4GBAFob0HSC5uuTqKu4J/lj+5bDa+Hhij4H3klWnvt6Yc+wwPza7/UC4lgGGyvZqD32RUEdt7v Z14qqYNk53b5aj4C2gBMvLzV7Pay4mmQM4DSWa5JHMxTILqE3DDqihrbMcBw2q3XAsLcjeqLWQ9 yp8tfnV21h98qsCLtErrxZWHRr -----END SIGNATURE----- $ openssl asn1parse -i < [SIGNATURE] 0:d=0 hl=3 l= 129 prim: BIT STRING