-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SignedCms: does not enable RSASSA-PSS signing #60125
Comments
Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq, @GrabYourPitchforks Issue DetailsWhen signing with an RSA public key certificate, SignedCms does not support generating an RSSASSA-PSS signature. In this case, SignedCms always generates an RSASSA-PKCS1-v1_5 signature.
|
Yeah. Looks like it will always use PKCS1 now. I think we probably need a new API that accepts namespace System.Security.Cryptography.Pkcs
{
public sealed class CmsSigner
{
public CmsSigner(
SubjectIdentifierType signerIdentifierType,
X509Certificate2? certificate,
AsymmetricAlgorithm? privateKey,
RSASignaturePadding? signaturePadding);
public RSASignaturePadding? SignaturePadding { get; set; }
}
} This would be similar to the changes in The constructor would throw if the cert is not an RSA cert, similar to how |
Assuming I'm reading things right, CmsSigner is a fully tweakable object (everything's get+set) whereas CmsRecipient is readonly. (I'm guessing they were both readonly at initial design, then since CmsSigner is mutable because of attributes it went full property panel.. but that's before my time.) For local consistency, SignaturePadding would probably want to bet get/set (so you can use the default ctor + object initialization). The property set shouldn't validate (other than it's not an unknown value), but any accelerator ctors could. Since the property set can't validate it means that it'd be an exception that pops out of SignedCms.CreateSignature. I'm not sure that I remember why we added the |
@bartonjs something like that then? (see edit). I also made the constructor parameter a nullable reference type which will mean "Pkcs1" when null. |
Given how much is marked as nullable in that ctor, I think that there aren't early exceptions (aside from an ArgumentException that the padding is a gibberish value). "Your key object isn't RSA, but you specified RSA padding" would only come from the Sign/CounterSign methods. Oh well, that's the problem with property bag objects. |
Why use |
Hm, well, we already expose the Line 22 in 51b4e3e
So we could for this one constructor make it Having the constructor argument be On the other hand, typing the constructor arg as |
On the ctor it could certainly be Yeah, I might like that better. |
@bartonjs I took a stab at implementing this over lunch and stumbled upon Line 282 in 3649506
I don't know the context around this |
namespace System.Security.Cryptography.Pkcs
{
public partial class CmsSigner
{
// Existing ctors:
// public CmsSigner();
// public CmsSigner(SubjectIdentifierType signerIdentifierType);
// public CmsSigner(X509Certificate2? certificate);
// public CmsSigner(SubjectIdentifierType signerIdentifierType, X509Certificate2? certificate);
//
// public CmsSigner(
// SubjectIdentifierType signerIdentifierType,
// X509Certificate2? certificate,
// AsymmetricAlgorithm? privateKey);
public CmsSigner(
SubjectIdentifierType signerIdentifierType,
X509Certificate2? certificate,
RSA? privateKey,
RSASignaturePadding? signaturePadding);
public RSASignaturePadding? SignaturePadding { get; set; }
}
} |
My comments were addressed in the API review, so, I'm mostly done with this then and will open a PR soon. |
When signing with an RSA public key certificate, SignedCms does not support generating an RSSASSA-PSS signature. In this case, SignedCms always generates an RSASSA-PKCS1-v1_5 signature.
API Proposal
The text was updated successfully, but these errors were encountered: