Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

RSASSA-PSS in C#

Does anyone know which signature algorithm is used for RSACryptoServiceProvider.SignHash? I believe it is RSAPKCS1, is that still secure?

Does anyone have an idea of configuring RSASSA-PSS as the signature algorithm for the RSACryptoServiceProvider without using some third-party library like BouncyCastle?

Thanks in advance.

like image 617
hl3mukkel Avatar asked Jun 17 '14 12:06

hl3mukkel


People also ask

How does RSA PSS work?

RSASSA-PSS is an improved probabilistic signature scheme with an appendix. This means that a private RSA key can be used to sign the data in combination with random input. The other side of the communication can then verify the signature using the corresponding public RSA key.

What is PSS Crypto?

Probabilistic Signature Scheme (PSS) is a cryptographic signature scheme designed by Mihir Bellare and Phillip Rogaway. RSA-PSS is an adaptation of their work and is standardized as part of PKCS#1 v2. 1. In general, RSA-PSS should be used as a replacement for RSA-PKCS#1 v1.


1 Answers

RSACryptoServiceProvider can only do PKCS-1 signatures.

In .NET 4.6 a new set of methods was added on the RSA base class which added an RSASignaturePadding parameter. The RSACng class can do RSASSA-PSS via the RSASignaturePadding.Pss value (PSS with MGF-1, MGF digest and PSS digest are both the message digest, and the salt size is the digest size).

.NET 4.6 also added better type-safety to getting keys from certificates, and the new approaches will most likely return RSACng:

using (RSA privateKey = cert.GetRSAPrivateKey())
{
    return privateKey.SignHash(hash, HashAlgorithmName.SHA256, RSASignaturePadding.Pss);
}
like image 166
bartonjs Avatar answered Oct 17 '22 11:10

bartonjs