Fix MSCAPISignatureToken compatibility with RSASSA-PSS (SunMSCAPI delegation)#188
Fix MSCAPISignatureToken compatibility with RSASSA-PSS (SunMSCAPI delegation)#188gustavoam-asdf wants to merge 2 commits into
Conversation
612f5c9 to
f811053
Compare
|
Hello, Thank you for the ticket and identifying the issue. I indeed was able to reproduce it locally. It looks like a limitation in BouncyCastle, not explicitly supporting the MS-CAPI keystore. I have created a ticket #2280 addressing the issue. I stay reluctant on hardcoding the security provider and corresponding logic directly in DSS, and would prefer first to wait for a response from BouncyCastle. KR, |
|
Hello @gustavoam-asdf, Thank you again for identifying the issue. Following the response from BouncyCastle, the solution is indeed to explicitly use the SunMSCAPI provider for signing with RSASSA-PSS. We have reviewed your pull request and included it in the develop branch with a few changes:
This change will be included in the release 6.6 of DSS. Kind regards, |
Problem Description
When using
MSCAPISignatureTokenwith certificates stored in the Windows Certificate Store (MY) with high level of security in Crypto API, signing operations fail with aDSSExceptionwhen attempting to use RSASSA-PSS algorithms (e.g.,SHA256withRSAandMGF1), even if the certificate itself is a standardSHA256withRSA.Observation
SHA256withRSA) works correctly because the default provider selection might favor a compatible engine or a simple RSA implementation.RSAPrivateKeyinstance, but the Windows Certificate Store provides native keys (CAPI/KSP) which are opaque handles.Error Stack Trace
Proposed Solution
The
MSCAPISignatureTokenis inherently tied to the Windows environment. To ensure maximum compatibility with native keys, it should prioritize theSunMSCAPIprovider for all signing operations.Key Changes
getSignatureInstanceto explicitly request theSunMSCAPIprovider. This ensures that the native Windows engine, which "owns" the key handle, is the one performing the cryptographic operation.MGF1orPSS) to the standardRSASSA-PSSname recognized bySunMSCAPI(available since Java 11).SunMSCAPIis not available or doesn't support the requested algorithm (e.g., on very old Java versions), it falls back to the default implementation inAbstractSignatureTokenConnection.Implementation
Benefits
SunMSCAPImight be restricted or outdated.