RSA-PSS test coverage

Transport Layer Security (TLS) version 1.3 brought support for Rivest–Shamir–Adleman Signature Scheme with Appendix – Probabilistic Signature Scheme (RSASSA-PSS) algorithm. Support for this algorithm requires support for new key type and new signature type (in X.509 certificates).

Specification of the signatures and limitations of the keys themselves is much more complex than any other algorithm (like the RSA signatures specified in the Public-Key Cryptography Standard (PKCS) #1 version 1.5 or the Elliptic Curve Digital Signatures (ECDSA)), with every signature including 4 variables and the public key that made the signature can have additional 4 variables specifying the key limitations.

The goal of the work is to create a set of certificates and certificate chains that could be used to test certificate parsing and verification routines in popular open source libraries. The tests should check corner cases of both acceptable and unacceptable certificates as well as completely malformed certificates.