Signing smime with RSASSA-PSS

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Signing smime with RSASSA-PSS

revolct
Hi everyone, please forgive me my ignorance, since I'm very new to the bouncycastle.
I need to sign MimeMessage with the RSASSA-PSS, PKCS#1 v2.1

This is how I create signer:
	    SignerInfoGenerator signer
		    = new JcaSimpleSignerInfoGeneratorBuilder()
		    .setProvider("BC")
		    .build("SHA256withRSAandMGF1", pk.getPrivateKey(), pk.getCertificate()

Now, when I check outlook (2013), it shows that the message is signed, tho it shows exclamation mark and says that the digital signature is not valid or cannot be trusted.
When I change "SHA256withRSAandMGF1" to the "SHA256withRSAEncryption" everything is fine.

openssl x509 -text -in certificate.cer | find "Alg"
    Signature Algorithm: rsassaPss
         Hash Algorithm: sha256
         Mask Algorithm: mgf1 with sha256
            Public Key Algorithm: rsaEncryption

with this openssl command I created my p12 file:
openssl req -new -x509 -nodes -sha256 -days 365 -newkey rsa:2048 -out certificate.cer -keyout private.key -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 -passin pass:mypassword -utf8 -config _openssl.cfg -extensions v3_req



Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: Signing smime with RSASSA-PSS

Eckenfels. Bernd
On my site your mail was missing the snippets.

Besides, did you do some research if Outlook supports this (I think it does not but I cannot find the table I seem to remember where this was documented). On MSDN I see an API which has only a x9.31 alternative flag, not sure if that triggers PSS (but I think not): https://msdn.microsoft.com/en-us/library/windows/desktop/aa380280(v=vs.85).aspx
--
http://www.seeburger.com
________________________________________
From: revolct [[hidden email]]
Sent: Tuesday, March 21, 2017 10:42
To: [hidden email]
Subject: [dev-crypto] Signing smime with RSASSA-PSS

Hi everyone, please forgive me my ignorance, since I'm very new to the
bouncycastle.
I need to sign MimeMessage with the RSASSA-PSS, PKCS#1 v2.1

This is how I create signer:


Now, when I check outlook (2013), it shows that the message is signed, tho
it shows exclamation mark and says that the digital signature is not valid
or cannot be trusted.
When I change "SHA256withRSAandMGF1" to the "SHA256withRSAEncryption"
everything is fine.



with this openssl command I created my p12 file:








--
View this message in context: http://bouncy-castle.1462172.n4.nabble.com/Signing-smime-with-RSASSA-PSS-tp4658586.html
Sent from the Bouncy Castle - Dev mailing list archive at Nabble.com.








SEEBURGER AG            Vorstand/SEEBURGER Executive Board:
Sitz der Gesellschaft/Registered Office:                Axel Haas, Michael Kleeberg, Friedemann Heinz, Dr. Martin Kuntz, Matthias Feßenbecker
Edisonstr. 1
D-75015 Bretten         Vorsitzende des Aufsichtsrats/Chairperson of the SEEBURGER Supervisory Board:
Tel.: 07252 / 96 - 0            Prof. Dr. Simone Zeuchner
Fax: 07252 / 96 - 2222
Internet: http://www.seeburger.de               Registergericht/Commercial Register:
e-mail: [hidden email]               HRB 240708 Mannheim


Dieses E-Mail ist nur für den Empfänger bestimmt, an den es gerichtet ist und kann vertrauliches bzw. unter das Berufsgeheimnis fallendes Material enthalten. Jegliche darin enthaltene Ansicht oder Meinungsäußerung ist die des Autors und stellt nicht notwendigerweise die Ansicht oder Meinung der SEEBURGER AG dar. Sind Sie nicht der Empfänger, so haben Sie diese E-Mail irrtümlich erhalten und jegliche Verwendung, Veröffentlichung, Weiterleitung, Abschrift oder jeglicher Druck dieser E-Mail ist strengstens untersagt. Weder die SEEBURGER AG noch der Absender (Eckenfels. Bernd) übernehmen die Haftung für Viren; es obliegt Ihrer Verantwortung, die E-Mail und deren Anhänge auf Viren zu prüfen.


This email is intended only for the recipient(s) to whom it is addressed. This email may contain confidential material that may be protected by professional secrecy. Any fact or opinion contained, or expression of the material herein, does not necessarily reflect that of SEEBURGER AG. If you are not the addressee or if you have received this email in error, any use, publication or distribution including forwarding, copying or printing is strictly prohibited. Neither SEEBURGER AG, nor the sender (Eckenfels. Bernd) accept liability for viruses; it is your responsibility to check this email and its attachments for viruses.

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: Signing smime with RSASSA-PSS

revolct
I think I got it.
The Public Key Algorithm refers to the public key inside the certificate:
This certificate is used together with the matching private key to prove the identity of the peer (authentication).
In this case it is an RSA key (rsaEncryption) which means that this is an RSA certificate.
       
The Signature Algorithm refers to the signature of the certificate created by the issuer:
This signature proves that the claimed issuer of the certificate is the real issuer since the signature can be verified by using the public key from the issuers certificate.
By verifying the link to the issuer a verified trust chain can be built up to a locally trust certificate (i.e. local trust store, root CA).
In this case rsassaPss is used which means that the issuer has an RSA public key inside its issuers certificate and that the hash used for signing the leaf certificate by the issuer is SHA-256.

So in this case signing should be done with "SHA256withRSAEncryption" even though the Signature Algorithm is "RSASSA-PSS"
Loading...