Closed filmar25 closed 2 years ago
RSA.Create()
on .NET Framework will use RSACryptoServiceProvider
as the underlying implementation which doesn't support this mode: https://stackoverflow.com/questions/45696437/net-rsa-sign-data-error-with-pss-padding
It looks like if you pass a key size e.g. RSA.Create(4096)
then .NET Framework will use RsaCng
underneath which supports that mode.
Thank you for your answer akoeplinger !
RSA.Create(4096) is not a valid construction in .NET Standard.
But, I change implementation to use RSACng and now it is working well.
Thank you again !
Hello,
Our architecture is like that :
So we have a solution that contains all work to manage Licensing. We generate two nuget package for the two dlls, then we add package to both applications.
The .NET 6 Web Application references both dll generator and validator
Our ASP.NET MVC 4.7.2 distributed application references only the dll validator
The byte[] license generated by .NET 6 is signed with Azure Key Vault key 4096 bits:
CryptographyClient.SignData(SignatureAlgorithm.PS512...
The dll validator make this operation :
using (var rsa = RSA.Create()) { rsa.FromXmlString(LicensePublicKeyXml); return rsa.VerifyData(license.ToBytes(), license.Signature, HashAlgorithmName.SHA512, RSASignaturePadding.Pss); }
This code is working well if I use a console application .NET 6, but not with a console application .NET Framework 4.7.2 or 4.8 :
System.Security.Cryptography.CryptographicException: 'Specified padding mode is not valid for this algorithm.'
For both console applications I use the same license byte[]
Can anyone can explain why it is not working in .NET 4.7.2 or 4.8 ?
Thank you !