Hi Brent,
You need to pass the MGF and other parameters in a PSSParameterSpec to
the Signature algorithm, like so:
Signature sig = Signature.getInstance("RSASSA-PSS", "SunRsaSign")
sig.setParameter(new PSSParameterSpec("SHA-256", "MGF1",
MGF1ParameterSpec.SHA256, 32, PSSParameterSpec.TRAILER_FIELD_BC));
I think the JDK docs could be improved to clarify this, so I'll file a
bug to have this fixed.
--Sean
On 8/4/23 12:27 AM, Brent Putman wrote:
This is not a Santuario issue per se, but it's sort of related and there
are people on the list like Colm and Sean who might have info...
In OpenSAML was working on adding support for the RSASSA-PSS algorithms
(only those with implicit params) from RFC 9231:
https://shibboleth.atlassian.net/browse/OSJ-372
The TL/DR is: The docs for the SunRsaSign provider in at least Java 17
claim to support algorithm IDs like "SHA256withRSAandMGF1". But in
practice they all throw NoSuchAlgorithmException.
Iterating the providers in the JDK and the algorithm IDs supported
confirms that they are not listed.
Those are the algorithm IDs expected by Santuario in JCEMapper for the
corresponding URIs from RFC 9231, such as
http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1.
This seems like a huge discrepancy between the JDK docs and the JDK
behavior. Anyone know anything? Unless I'm missing something, seems
like a possible bug in the JDK, at least with respect to the docs.
(Such algorithm IDs are supported and do work when using Bouncy Castle
as a security provider.)
Thanks,
Brent
