PssSigner is based on the lightweight BC API not the JCA. There's some examples of using PSSSigner in the PSSTest classes.
For what's below you would use: PssSigner eng = new PssSigner(new RsaEngine(), new Sha256Digest(), new Sha256Digest(), 32, PssSigner.TrailerImplicit); Or put another way, the different constructors fulfill the role of Signature.setParameter() Regards, David On 2/6/20 8:00 pm, Mickey Zarev wrote: > > Hi Bouncy Castle C# Devs, > > First of all I would like to thank you for doing such a great job with > Bouncy Castle library. > > I need to code following openssl-sign-instruction in C# with BouncyCastle: > > openssl dgst -sha256 -binary -out "signaturefile".sig -sigopt > rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -sign "privatekey".pem > "file2sign" > > There is a Java solution in: > https://stackoverflow.com/questions/53728536/how-to-sign-with-rsassa-pss-in-java-correctly > > > |Security.addProvider(newBouncyCastleProvider());SignaturesignatureSHA256Java > =Signature.getInstance("SHA256withRSA/PSS");signatureSHA256Java.*setParameter*(new*PSSParameterSpec*("SHA-256","MGF1",MGF1ParameterSpec.SHA256,32,1));signatureSHA256Java.initSign(KeyManagerHelper.getPrivateKeyFromKeyStore("privatekey"));signatureSHA256Java.update(byteArray);byte[]signSHA256Java > =signatureSHA256Java.sign();// after that I compare the > Java-sign-bytearry with the openssl > oneSystem.out.println("signSHA256Java == > signSHA256Openssl:\n"+Arrays.equals(signSHA256Java,signSHA256Openssl));| > However when I checked your C# code it seems that *PSSParameterSpec > and Signature.setParameter are* still not yet implemented, although > you have placeholders in the code -e.g. > // try > // { > // > signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class)); > // } > > I wonder if there is a newer version that has this implemented or > there is some other way how to implement above openSSL command ( > openssl dgst -sha256 -binary -out "signaturefile".sig -sigopt > rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -sign "privatekey".pem > "file2sign" ) with BouncyCastle? > > Many Thanks > Mickey > > P.S. I am using bccrypto-csharp-1.8.6 (the latest version I found on > your site)
