From df21050d0391bf826f2b85021d8ee429ec7e911a Mon Sep 17 00:00:00 2001
From: terrafrost <terrafrost@gmail.com>
Date: Fri, 23 Sep 2022 18:48:55 -0500
Subject: [PATCH 1/2] Tests/X509: add test for PSS signed CRL signed by PKCS1
 X509

---
 tests/Unit/File/X509/CRLTest.php | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/tests/Unit/File/X509/CRLTest.php b/tests/Unit/File/X509/CRLTest.php
index 97742f53..d28c835a 100644
--- a/tests/Unit/File/X509/CRLTest.php
+++ b/tests/Unit/File/X509/CRLTest.php
@@ -60,4 +60,33 @@ class CRLTest extends PhpseclibTestCase
         $this->assertArrayHasKey('parameters', $r['signatureAlgorithm']);
         $this->assertTrue($x509->validateSignature());
     }
+
+    public function testPSSSigWithPKCS1Cert()
+    {
+        $x509 = new X509();
+        $x509->loadCA('-----BEGIN CERTIFICATE-----
+MIICADCCAWmgAwIBAgIUH+4+TBK2Iq+xTOuixlxSuMbPXPkwDQYJKoZIhvcNAQEL
+BQAwHDEaMBgGA1UECgwRcGhwc2VjbGliIENBIGNlcnQwHhcNMjIwOTIzMjIyNTE3
+WhcNMjMwOTIzMjIyNTE3WjAcMRowGAYDVQQKDBFwaHBzZWNsaWIgQ0EgY2VydDCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxugfdcHvQmI+1yXG6gAWZIzNu9DF
+DLW425OxnYItztzAadZUBX0hmlv2r08Zc8cz0jvkgqu1fbWbKnPlm6RT2MQyTasF
+oNcsqPboVUPS/i2aT4AY0KYbD0lD+xj1+8ZnvMvUUXngOB0t2nOE+P4oksImB3hu
+LUeDOHayGYbUtTcCAwEAAaM/MD0wCwYDVR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMB
+Af8wHQYDVR0OBBYEFHMLbQFPm/meQfDSApMLorFe6reZMA0GCSqGSIb3DQEBCwUA
+A4GBACQPK28znZ0+OgOS3vLoFvulom5nHhjtQFY/eunA55ZeyaaHXP2mw0GD9r0m
+Hhx6hB0t2yoX8C2TdgaAgkLhfDbv3clqrSxFDk9PQ4fojvdUdeWn4/X6guhxON+6
+Sf6AuHojwnMy6vC++ADABcqhsHwOOqB+nbRvCc+xXg1bmxtY
+-----END CERTIFICATE-----');
+        $x509->loadCRL('-----BEGIN X509 CRL-----
+MIIBVDCBiTBCBgkqhkiG9w0BAQowNaANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3
+DQEBCDALBglghkgBZQMEAgGiAwIBIKMDAgEBMBwxGjAYBgNVBAoMEXBocHNlY2xp
+YiBDQSBjZXJ0Fw0yMjA5MjMyMjI1MTdaMBYwFAIDenp6Fw0yMzA5MjMyMjI1MTda
+MEIGCSqGSIb3DQEBCjA1oA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsG
+CWCGSAFlAwQCAaIDAgEgowMCAQEDgYEAZcN+8iKHAZiARPlx3rj1NpRoanrljSsH
+F5C4wjjz936D0o3lLgSGwfDLKOBI8wu5BVYQMnBVtpI6be+QcTjrFbsbuB9IonG9
+uY1UHwoR+HohPes2wPUOV931ds6TufSxxcGgvwdaMacBfj/AD6M2ylxtqXY4EtVc
+xbyT0osik+w=
+-----END X509 CRL-----');
+        $this->assertTrue($x509->validateSignature());
+    }
 }

From f0a146eaa1ecc5e152a893e9ff2389a2b9024a25 Mon Sep 17 00:00:00 2001
From: terrafrost <terrafrost@gmail.com>
Date: Fri, 23 Sep 2022 22:33:30 -0500
Subject: [PATCH 2/2] X509: make it so PKCS1 X509 certs can create PSS sigs

---
 phpseclib/File/X509.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php
index 8af3b772..ebb5e67e 100644
--- a/phpseclib/File/X509.php
+++ b/phpseclib/File/X509.php
@@ -1397,6 +1397,8 @@ class X509
             case 'rsaEncryption':
                 $key = RSA::loadFormat('PKCS8', $publicKey);
                 switch ($signatureAlgorithm) {
+                    case 'id-RSASSA-PSS':
+                        break;
                     case 'md2WithRSAEncryption':
                     case 'md5WithRSAEncryption':
                     case 'sha1WithRSAEncryption':