How to provide RSASSA PSS parameters?

[OlivierBoheme1]

I would like to generate a XADES-T signature using a RSA PSS key with xades4j 2.3 I am able to switch from rsa-sha256 algorithm to rsa-ssa algorithm. But what about PSS parameters (salt length, hash method, ...). How to provide them?

[luisgoncalves]

It's currently not possible.

To change the signature algorithm you're using something like:

new SignatureAlgorithms()
        .withSignatureAlgorithm("RSA", "<RSASAA PSS algorithm URI>")

Right?

I can have a look at supporting this. It could probably be an overload of withSignatureAlgorithm which takes an additional parameter for the PSS parameters. WDYT?

A couple of additional questions to help me a bit:

• Can RSASSA-PSS be used with "regular" RSA keys, or are there any specific requirements?
• Where did you find the URI for this algorithm? Is there a spec that defines it, in extension to XML-DSIG?

[OlivierBoheme1]

Yes, right, I am using the following statement:

new SignatureAlgorithms()
        .withSignatureAlgorithm("RSA", XMLSignature.ALGO_ID_SIGNATURE_RSA_PSS)

Specifications are defined at [https://www.w3.org/2007/xmlsec/ws/papers/08-lanz-iaik/]

What is missing right now is to specify parameters in the GenericAlgorithm class, behing the withSignatureAlgorithm method.

Thank you to take care of this feature.

[luisgoncalves]

@OlivierBoheme1 out of curiosity, aren't other algorithm URIs like ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1 and ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1 enough for you? These already allow for variations of the hash algorithms. Seems that the salt length is pre-defined for each of those algos.

[luisgoncalves]

@OlivierBoheme1 I have a feature branch with changes that I think fit your needs. However, I'd like to understand if the more specific algorithms identifiers I mentioned above would work for you. There seem to be different algorithm URIs which have combinations of hash methods, salt lengths, etc.

If those are enough, I need to think if I really want to pull in the changes I did.

[OlivierBoheme1]

Thank you for your work.

Unfortunately my PKCS11 library doesn't support algorithm URIs like ALGO_ID_SIGNATURE_RSA_SHA3_256_MGF1 and ALGO_ID_SIGNATURE_RSA_SHA3_512_MGF1

[luisgoncalves]

Ah, I see. I thought all those would be mapped to the same Java Signature algorithm ID (like RSA-PSS), but it looks like specific algorithm IDs are used.

Can you please try this JAR? xades4j-2.3.1-SNAPSHOT.jar.zip

There's a new overload for withSignatureAlgorithm which allows specifying the algorithm parameters. Check this PR (from which I built the JAR) for details: https://github.com/luisgoncalves/xades4j/pull/313/files#diff-9235f09e36bc6a5fd46134fdd4be1c05d466a3b586c0eb1f4994d05e223f2edd

Does this solve your issue?

[OlivierBoheme1]

I have tested the xades4j-2.3.1-SNAPSHOT version , and I can generate a RSA-PSS signature.

Unfortunately my PKCS11 library is forcing me to use a HMAC SHA256 algo (instead of the standard SHA256).
I was able to force it in a debug mode, but I sounds this algo is not possible with openJDK 17 and cryptoki library

[luisgoncalves]

Great that it worked in general. Looks like that from the xades4j side the changes I did would suffice, right? Or is something missing wrt the md algorithm?

[OlivierBoheme1]

I think your implementation is sufficent to generate RSA-PSS signatures. Thanks for your work and support.

[luisgoncalves]

Great, I'll merge the PR and close this ticket.

I'll publish the 2.4.0 release soon, as there are already a few things lined up.

Glad to help!