Added support for RSASSA_PSS (sha256-rsa-MGF1)

[jochen-jung]

In my project I needed to sign with the http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1 algorithm.

To support this, I added phpseclib/phpseclib which has the possibility to create RSA keys in this format.

[tvdijen]

Doesn't openssl support this? I don't think it makes sense to pull in the entire phpseclib as a dependency just for this.

[tvdijen]

https://github.com/tvdijen/xmlseclibs/commit/a7ef849c57330e4ac5858212f2e490ba08a8ec02

This seems to work without the added dependency on phpseclibs.

[ferienwohnung-pfaelzer-wald]

Thanks for looking into it @tvdijen.

Unfortunately your code does not create a valid signature for me.

The reason I think is that it is missing the mask. openssl is only doing what my code is doing with

            $this->rsaPrivateKey->withHash('sha256');

It is however missing those two methods:

            $this->rsaPrivateKey->withMGFHash('sha256');
            $this->rsaPrivateKey->withPadding(RSA::SIGNATURE_PSS);

But if that is implementable with openssl, then I of course would favor this version without the added dependency. But I am not deep enough into the matter to know if that works with openssl as well.

[tvdijen]

Can you share an example of the expected signature xml? I am away for a couple of days, but I can try next weekend

[jochen-jung]

I created the keys using these commands from https://crypto.stackexchange.com/q/110953:

# create private key in RSA format
openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:4096

# create self-signed certificate with RSA-PSS signing algorithm from this private key
openssl req -x509 -new -key private_key.pem -out certificate.pem -days 3650 -sha256 \
    -sigopt rsa_padding_mode:pss \
    -sigopt rsa_pss_saltlen:32

# optionally create public key in RSA format from certificate
openssl x509 -pubkey -noout -in certificate.pem > public_key.pem

This is then the XML signed with those keys (using my solution):

<?xml version="1.0" encoding="UTF-8"?>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1"/><ds:Reference URI="#pfx7d238ab8-e967-e77f-5c61-84c028225050"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>HW/oIFNuLHgZ/Xrruu4q2GczyUxXwOtJxs4BqNT0/2A=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>CboXYydFJkUBpfE3GTQVpGQPZ4DX5G4m37xzKxAcCLV/fEmbOXX286dkXtyZ23BQKi4zg68kDWLzHpLkj4u6EkCGW4R+cRH67BcuDiXRmBIvwHF/R0vOyzOzzYuTQ2cwU/oN/qvOy6co0+4fnruWsLCa3/oCqCprfrn/qPPGwrEFIunyAm54rHqmRaZuhrBv7kSG9QlnOBwBZHEX7PZinbnwE9ZeBmcoI6IzfapMxaZ/aDBR1n9Z9o2FZQT9Bmr/vuj8DflyX1szsmCtiM4ybpZ07X2VEUlMiUTzoaaS+fFnCr3YhcX6uHXm6x7ci/AcGcFjP7aFj0tU2f2jOP17+wNtldCiHeCboxlfC0GET5cBVlaWK9u/B+nUMigwDzqvfO75/sbeC3ObVdfo+GzpnqZVomxkK7I65UIwD0s8wCuzEYiP8zJJiZa7g3SY6CIp7ze00E+dD3zRdNsDAp4iK3ftueqjsR8H0PGnHr0htZNIACneIcbAnwBbLemQp8nuNu49HrHFLKAOAgeNFx/fSwmcUKaxoh+d6zH1Q+7pfWtV0mvdZWn/dY+3lC0B+5WeLm8SnAHY6fbnbnzUfX2pqbq8xlefTGMh3d/uT73iXXe0XtnnHDqgfeRdY39xpToYyAwPBnYaT3Bgb1sfj9FLu1XweVdVtL00+nt9NkwN8ok=</ds:SignatureValue>\n
<ds:KeyInfo><ds:X509Data><ds:X509SubjectName>O=Internet Widgits Pty Ltd,L=Kaiserslautern,ST=Some-State,C=DE</ds:X509SubjectName><ds:X509Certificate>MIIGBTCCA7mgAwIBAgIUDSe0QTZwA43YHLXeSdeb1cpqVJUwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMF4xCzAJBgNVBAYTAkRFMRMwEQYDVQQIDApTb21lLVN0YXRlMRcwFQYDVQQHDA5LYWlzZXJzbGF1dGVybjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTI0MDUxNTA3MDkxN1oXDTM0MDUxMzA3MDkxN1owXjELMAkGA1UEBhMCREUxEzARBgNVBAgMClNvbWUtU3RhdGUxFzAVBgNVBAcMDkthaXNlcnNsYXV0ZXJuMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJMdQqj5en5KZjfGrCxcVs1+BuwH1NYnXt2zhxZOq/lpIcWSKh+o5ZPndlbxWshv7w6UUrdnz/JJiywA/XpRGU01kbxgTXE24tofxccpPAQe5jmMQSO/ocKnkSKi10R/JBoK5Py+0L20jfNMO5EZWkhfCHHp6hxHjSN8fievui2s/pkSpnouM/+tt3HgMXnpqNAnOGcyzSrNM91UZw2cio9tFSKUq4cHyPj4ioE0S4j4Kk0CSl62GtH4IPe/kaPdcjBTrWerMsY6SiCRdJj2uQprm5omANpU/yaW4uPeStxPaJLQEOsU4s9TdI1m6315anhor1IMtFQhvWo3qqpC1AigRsnLSoka49ndnPzR/+gIKpOf4HAJWAeF3humPV43CkAXpGCYuxsmWeO8nl0CWamhoFf64X8sFMpg7OQ22bBBUr9C7G21IqAisFLjI5dyuXsJC0eewDp6pxBJJl0+KojhP2Bbr3iogW+1nZMbkl7tIpM78P4gPVE+7A1eITBt+jyE1vuSnMquv6j6kmS2W/6/7mvRAdDCPPxZZl07De0TbRpVjCpuXwz3iDCWdg8SCo2vhqOaTfb+clBDUB7a01bPmHlUKsAVpRbQ7nWfjCyzjBFDXjn+/egtAzAPBbjBz4xpoa1+nTtWFHLLTXkSUKSu44fJ2hzdbrsjJ7rCnFVQIDAQABo1MwUTAdBgNVHQ4EFgQUSUwDdIC5nIATqBuxpkCZ4QSJ6uUwHwYDVR0jBBgwFoAUSUwDdIC5nIATqBuxpkCZ4QSJ6uUwDwYDVR0TAQH/BAUwAwEB/zBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggIBABaeceH5gxgIhym+2g3dYk2N/HKf/vCug/sfGD5qfulP3eY+nRl0A0rqukhA8LE7CcAL+JVnfjPK4tSRKrxI+tJlf6ZTijJPhWhS1X2i1lJ/VYJZHUN5/MAxsOVlTSLYPl0yGiecRV2+coxNUoiXNHt8s/bT54YnX3VA0E47aRfCV8+aSNdZCU+xWVWYjaK67eQSeJtiUe+pNwwwIqOfsQnpNSRxGuOj0gowZIa+b0IXJ89Uii4YNQFmQGLDI/iPLpUUaEQkTzN9yiFJUQrk/TXnFRyo9nV74nh1BlgXhcBfRVb0p8wOHlusOu4SYohR5Lap9MsHkDNA8iH0GxFxhyUw64hgB5I0ubDCXc01YJ+FGWzzwoPxdW43uWu+objNTP2yOWWt9pg9C4XVCIad7Gtd7wAxxMb/ORZ2mBsXfGAZElLdbteo/R3nad/C5eBusoCNhUOSx/HwSHxeL1SjWyz34LgvJJ/dgfUdNzoSSnY4KB9BHFQmLHB8Ej/LVbUF8hsE0WUxspelbrs6KPujbF7kmjvwAqLDF+MDwp2TAJCO1zQrLwm67W7kLFkW+rMAfEwILvCAygU6JMrRSqyGJAz+W2nCq8a7AFaTa95KmUs2W/jVOY3NVVIDFRrL8rcw9D+SdcZ6pLMT9gqBqrRoiNOV3DBtdIUFWy5ttdmNdjjX</ds:X509Certificate></ds:X509Data></ds:KeyInfo><ds:Object Id="pfx7d238ab8-e967-e77f-5c61-84c028225050"/></ds:Signature>

Checking the signature on https://tools.chilkat.io/xmlDsigVerify.cshtml it says that it is valid.

Using your code the XML is:

<?xml version="1.0" encoding="UTF-8"?>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1"/>
  <ds:Reference URI="#pfx381dab67-95f0-a42b-aaf8-c7c30d7cf772"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>iQUXSsDYJZcwby0sVepIvSSg8Xkf9S3Jo7VDqU8fcTg=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue/>
<ds:KeyInfo><ds:X509Data><ds:X509SubjectName>O=Internet Widgits Pty Ltd,L=Kaiserslautern,ST=Some-State,C=DE</ds:X509SubjectName><ds:X509Certificate>MIIGBTCCA7mgAwIBAgIUDSe0QTZwA43YHLXeSdeb1cpqVJUwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMF4xCzAJBgNVBAYTAkRFMRMwEQYDVQQIDApTb21lLVN0YXRlMRcwFQYDVQQHDA5LYWlzZXJzbGF1dGVybjEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTI0MDUxNTA3MDkxN1oXDTM0MDUxMzA3MDkxN1owXjELMAkGA1UEBhMCREUxEzARBgNVBAgMClNvbWUtU3RhdGUxFzAVBgNVBAcMDkthaXNlcnNsYXV0ZXJuMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJMdQqj5en5KZjfGrCxcVs1+BuwH1NYnXt2zhxZOq/lpIcWSKh+o5ZPndlbxWshv7w6UUrdnz/JJiywA/XpRGU01kbxgTXE24tofxccpPAQe5jmMQSO/ocKnkSKi10R/JBoK5Py+0L20jfNMO5EZWkhfCHHp6hxHjSN8fievui2s/pkSpnouM/+tt3HgMXnpqNAnOGcyzSrNM91UZw2cio9tFSKUq4cHyPj4ioE0S4j4Kk0CSl62GtH4IPe/kaPdcjBTrWerMsY6SiCRdJj2uQprm5omANpU/yaW4uPeStxPaJLQEOsU4s9TdI1m6315anhor1IMtFQhvWo3qqpC1AigRsnLSoka49ndnPzR/+gIKpOf4HAJWAeF3humPV43CkAXpGCYuxsmWeO8nl0CWamhoFf64X8sFMpg7OQ22bBBUr9C7G21IqAisFLjI5dyuXsJC0eewDp6pxBJJl0+KojhP2Bbr3iogW+1nZMbkl7tIpM78P4gPVE+7A1eITBt+jyE1vuSnMquv6j6kmS2W/6/7mvRAdDCPPxZZl07De0TbRpVjCpuXwz3iDCWdg8SCo2vhqOaTfb+clBDUB7a01bPmHlUKsAVpRbQ7nWfjCyzjBFDXjn+/egtAzAPBbjBz4xpoa1+nTtWFHLLTXkSUKSu44fJ2hzdbrsjJ7rCnFVQIDAQABo1MwUTAdBgNVHQ4EFgQUSUwDdIC5nIATqBuxpkCZ4QSJ6uUwHwYDVR0jBBgwFoAUSUwDdIC5nIATqBuxpkCZ4QSJ6uUwDwYDVR0TAQH/BAUwAwEB/zBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggIBABaeceH5gxgIhym+2g3dYk2N/HKf/vCug/sfGD5qfulP3eY+nRl0A0rqukhA8LE7CcAL+JVnfjPK4tSRKrxI+tJlf6ZTijJPhWhS1X2i1lJ/VYJZHUN5/MAxsOVlTSLYPl0yGiecRV2+coxNUoiXNHt8s/bT54YnX3VA0E47aRfCV8+aSNdZCU+xWVWYjaK67eQSeJtiUe+pNwwwIqOfsQnpNSRxGuOj0gowZIa+b0IXJ89Uii4YNQFmQGLDI/iPLpUUaEQkTzN9yiFJUQrk/TXnFRyo9nV74nh1BlgXhcBfRVb0p8wOHlusOu4SYohR5Lap9MsHkDNA8iH0GxFxhyUw64hgB5I0ubDCXc01YJ+FGWzzwoPxdW43uWu+objNTP2yOWWt9pg9C4XVCIad7Gtd7wAxxMb/ORZ2mBsXfGAZElLdbteo/R3nad/C5eBusoCNhUOSx/HwSHxeL1SjWyz34LgvJJ/dgfUdNzoSSnY4KB9BHFQmLHB8Ej/LVbUF8hsE0WUxspelbrs6KPujbF7kmjvwAqLDF+MDwp2TAJCO1zQrLwm67W7kLFkW+rMAfEwILvCAygU6JMrRSqyGJAz+W2nCq8a7AFaTa95KmUs2W/jVOY3NVVIDFRrL8rcw9D+SdcZ6pLMT9gqBqrRoiNOV3DBtdIUFWy5ttdmNdjjX</ds:X509Certificate></ds:X509Data></ds:KeyInfo><ds:Object Id="pfx381dab67-95f0-a42b-aaf8-c7c30d7cf772"></ds:Object></ds:Signature>

And checking that on https://tools.chilkat.io/xmlDsigVerify.cshtml it says that it is invalid.

[tvdijen]

Ah right, so if I compare the two, the only difference is that my code produces an empty <SignatureValue>.. I must have missed something, but it seems to me that this should be fixable.

[tvdijen]

I think I've already fixed it.. Can you try https://github.com/tvdijen/xmlseclibs/commit/4e9c983d6b8bcc18fde55af18ab5d82ce6bf799e ?

I think the issue still exists.. From what I understand, PSS is just not supported in openssl..

[jochen-jung]

SignatureValue is now no longer empty. But still it is invalid.

This is the XML with your new code:

<?xml version="1.0" encoding="UTF-8"?>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <ds:SignatureMethod Algorithm="http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1"/>
  <ds:Reference URI="#pfxddb7c393-9632-d3e0-0605-9e03d7f8c11a"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>F5ERIUROtwhr+Nqj2QHLfYxpjg/yzQgOu+d8mKi3qXI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>FG2PGFY65IjerhVhFygssIpYZVpjzEcgtB3A65UHyG6P9Qt7xjK+UIt4+KavLRrMJQhy53oliLuJQlYRB+TaF13KxPZ9ulXCA/iOFOl+aENCG2lIQNT0I+ZDMwihvy5KJ+KYIjAAS2FSjlDoDo6y8bowml54kxMTkC6RV2hG+1OtYD5/gXVNAucYAwhs/gwb0Mqw4bwo16gencY4ogFoY0aoW8m2B1NcFOp1ZCdftUrYQd6h5A1FKeVn29a1So/129b7qHjDFv9DOY7WsnZs27C6INTf7KToSqUs0ZKzggfim0rBFZ/Sn4/SfZTVTjieADv7pRdp6T/6DAoypUDjhqSIFuCm/CTmjwa3CgnI85YzZoe3jsoAatgb/fl/JkoDnH8AafCkraoJmZ4OcOHZlSl+nWTCWIRri49AYnW3EzSEPdPkoBrLtT9waZbGIta2prxIWinahwOR7IS0OHXcWeHDXHsdxrcIg+ml3jxwOufD7jeNfFrdurUykeM0ksLrvLq3eNbyZEZofNmu1IlZWeTjH1xyM3E515TgRmqu2bETzAQbUhgwzjogwQTaxgCtjPJ6oe2yiMVagNLHWyciR1LOcxGDHHQpnaiNaPqRiwY2inUXChgFkY7cbXgBklteueHNHv11N3LiFgjyFM8uPG6qukjKaYmxz0xAoxLiqDo=</ds:SignatureValue>\n
<ds:KeyInfo><ds:X509Data><ds:X509SubjectName>O=Internet Widgits Pty Ltd,ST=Some-State,C=AU</ds:X509SubjectName><ds:X509Certificate>MIIF0zCCA4egAwIBAgIUAT4xgNPYSFFlwlKzPodugR0Tle0wQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjQwNTE1MTEwNDM1WhcNMzQwNTEzMTEwNDM1WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnfy9BZKj9nTHAoapXCtsv/6KTNu43pV8PV8HxSvmldpVMytV4XudqdQvuve1pYH9L1zKezs0GQ5o/hpgfftc2B3p2kNAaKYRyhoKjZVKomwrjRcVkB96C+aB6QjoNXFNZFYWKOMS+kYTF+kic55jL8yJtVeTpz3hGNmm1Np1vqa6jptgc8dSDC5ig1WsWSrX6AgWTseSQwggp44bBG90lciiC0v/W8wBo1LDuUEBK5DE71ByQL4rtiw8UF4OFBsWs8Ge13PG4n2umSM0fu5CcD0Dld9ec/sLHUyP5zMd8i4FDYMVGJRwBVpBUv0fQ2/1LjrHT5Plgcw5OA6yG6RfFh/+cBQbRCT+U8TNftp893L5/fuVSH/n+c5TCWkzueMww/9awgM90hX1wukNSczKcQxvgF4am6Sv6y9XtO3+wQN9GMkKbChLkcD6yhHUatisnJcr8QT+MtG0Vx3sT1OEtnJuqraNlB7VcE8QUrRrV00iEQ1XeJK9ASJdB44sGjfcceDc4byFSbevz3s0qN6qQ9s4uJO0Rf0KniODgiEBQ/lHwRMFX8g2a8lE2Ms6XJOfMT5xw6MHvnXu/woz2T+lGWA4o/ugcc3ln6tzYgqhD7NJT1pOWPW3aUeEia59DHHpcX1AYoXwCa8892cEeC/KYsOuN55jX+lp74fcbGc6vCsCAwEAAaNTMFEwHQYDVR0OBBYEFAAvdHS4yMWYEB0ANJW8KELjd1c+MB8GA1UdIwQYMBaAFAAvdHS4yMWYEB0ANJW8KELjd1c+MA8GA1UdEwEB/wQFMAMBAf8wQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4ICAQANXSXIDUThJIxkwyNuLIdt12TFf5K+WoZ0dX8WOosVwt9AwsklM12AjcVecsEo5UUPSoMEK/jJCjooSz2T6IBQE89a9FEeiQRdIunfZlrUJdmMwRXJml4sVn/+qMmNSyyzHBG4ivcJJRWCGW/iV91jAx+/jf+qACTvH4fwfovs868uRBpSON6AKyWuoaTiCnmSop0PdlNc5HEUfoMfoRfTZxyaiEgbXXOgHZ8CXAqvelaSCSWxhPsrF7KHBgi/G9rloucuS6sewQ46GxKx0ozrsGmnHoTFCp87QKcXpAb468kuOwIreb9jTzZjeEMloJ+W9H73WYnGD9/gAjCsLgCH2cvq635zaWa9d/+oH7PXJXArmxlhkxfXUK49lXkBMzEFSA1M2PMpjNVGU1HfbKUhXiWDqABMzLOSCcFkPLpmoSpmPQAb0XT2WbjTBETwe0tT2M9Pzs2MZxMgtdy1Q1+uWlD92S9X5/Km3G+JGAGqbNe+Vl/yyOvWAUJqwbgADIwhEawbcCfUiNH/LVjHhbTW8feolST/aeYKrpnLDuHXIajE/9CSpSfZjJ2u+Sh6/gGDlDCnXMI8INBbuiODbbbWYbTXZLzM0uUo4cyfqi9fU5GJ2xmSMwH9KwZBC7JrDGQP3Ilqz4OvrGMJ0MZnqskMuKWFEHJfCWKVNwxu6Eo9mg==</ds:X509Certificate></ds:X509Data></ds:KeyInfo><ds:Object Id="pfxddb7c393-9632-d3e0-0605-9e03d7f8c11a"></ds:Object></ds:Signature>

According to https://www.openssl.org/docs/man3.3/man7/RSA-PSS.html : "Signing and verification is similar to the RSA algorithm except the padding mode is always PSS"

How do we set this padding mode?

From the docs of openssl_public_encrypt():

 * @param int $padding [optional] <p>
 * <i>padding</i> can be one of
 * <b>OPENSSL_PKCS1_PADDING</b>,
 * <b>OPENSSL_SSLV23_PADDING</b>,
 * <b>OPENSSL_PKCS1_OAEP_PADDING</b>,
 * <b>OPENSSL_NO_PADDING</b>.

None of those are working. But they all do not seem to be PSS, right?

However openssl on the command line seems to support it:

 -pkeyopt rsa_padding_mode:pss

See: https://stackoverflow.com/a/44430091/351893

So how can the PSS padding mode be used in openssl_public_encrypt() ?

[robrichards]

Try passing the number 6 as the padding type. This should correspond to the PSS padding type

On 5/15/24 7:13 AM, Jochen wrote:

SignatureValue is now no longer empty. But still it is invalid.

This is the XML with your new code:

|<?xml version="1.0" encoding="UTF-8"?> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

F5ERIUROtwhr+Nqj2QHLfYxpjg/yzQgOu+d8mKi3qXI=FG2PGFY65IjerhVhFygssIpYZVpjzEcgtB3A65UHyG6P9Qt7xjK+UIt4+KavLRrMJQhy53oliLuJQlYRB+TaF13KxPZ9ulXCA/iOFOl+aENCG2lIQNT0I+ZDMwihvy5KJ+KYIjAAS2FSjlDoDo6y8bowml54kxMTkC6RV2hG+1OtYD5/gXVNAucYAwhs/gwb0Mqw4bwo16gencY4ogFoY0aoW8m2B1NcFOp1ZCdftUrYQd6h5A1FKeVn29a1So/129b7qHjDFv9DOY7WsnZs27C6INTf7KToSqUs0ZKzggfim0rBFZ/Sn4/SfZTVTjieADv7pRdp6T/6DAoypUDjhqSIFuCm/CTmjwa3CgnI85YzZoe3jsoAatgb/fl/JkoDnH8AafCkraoJmZ4OcOHZlSl+nWTCWIRri49AYnW3EzSEPdPkoBrLtT9waZbGIta2prxIWinahwOR7IS0OHXcWeHDXHsdxrcIg+ml3jxwOufD7jeNfFrdurUykeM0ksLrvLq3eNbyZEZofNmu1IlZWeTjH1xyM3E515TgRmqu2bETzAQbUhgwzjogwQTaxgCtjPJ6oe2yiMVagNLHWyciR1LOcxGDHHQpnaiNaPqRiwY2inUXChgFkY7cbXgBklteueHNHv11N3LiFgjyFM8uPG6qukjKaYmxz0xAoxLiqDo=\n O=Internet Widgits Pty Ltd,ST=Some-State,C=AUMIIF0zCCA4egAwIBAgIUAT4xgNPYSFFlwlKzPodugR0Tle0wQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjQwNTE1MTEwNDM1WhcNMzQwNTEzMTEwNDM1WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnfy9BZKj9nTHAoapXCtsv/6KTNu43pV8PV8HxSvmldpVMytV4XudqdQvuve1pYH9L1zKezs0GQ5o/hpgfftc2B3p2kNAaKYRyhoKjZVKomwrjRcVkB96C+aB6QjoNXFNZFYWKOMS+kYTF+kic55jL8yJtVeTpz3hGNmm1Np1vqa6jptgc8dSDC5ig1WsWSrX6AgWTseSQwggp44bBG90lciiC0v/W8wBo1LDuUEBK5DE71ByQL4rtiw8UF4OFBsWs8Ge13PG4n2umSM0fu5CcD0Dld9ec/sLHUyP5zMd8i4FDYMVGJRwBVpBUv0fQ2/1LjrHT5Plgcw5OA6yG6RfFh/+cBQbRCT+U8TNftp893L5/fuVSH/n+c5TCWkzueMww/9awgM90hX1wukNSczKcQxvgF4am6Sv6y9XtO3+wQN9GMkKbChLkcD6yhHUatisnJcr8QT+MtG0Vx3sT1OEtnJuqraNlB7VcE8QUrRrV00iEQ1XeJK9ASJdB44sGjfcceDc4byFSbevz3s0qN6qQ9s4uJO0Rf0KniODgiEBQ/lHwRMFX8g2a8lE2Ms6XJOfMT5xw6MHvnXu/woz2T+lGWA4o/ugcc3ln6tzYgqhD7NJT1pOWPW3aUeEia59DHHpcX1AYoXwCa8892cEeC/KYsOuN55jX+lp74fcbGc6vCsCAwEAAaNTMFEwHQYDVR0OBBYEFAAvdHS4yMWYEB0ANJW8KELjd1c+MB8GA1UdIwQYMBaAFAAvdHS4yMWYEB0ANJW8KELjd1c+MA8GA1UdEwEB/wQFMAMBAf8wQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4ICAQANXSXIDUThJIxkwyNuLIdt12TFf5K+WoZ0dX8WOosVwt9AwsklM12AjcVecsEo5UUPSoMEK/jJCjooSz2T6IBQE89a9FEeiQRdIunfZlrUJdmMwRXJml4sVn/+qMmNSyyzHBG4ivcJJRWCGW/iV91jAx+/jf+qACTvH4fwfovs868uRBpSON6AKyWuoaTiCnmSop0PdlNc5HEUfoMfoRfTZxyaiEgbXXOgHZ8CXAqvelaSCSWxhPsrF7KHBgi/G9rloucuS6sewQ46GxKx0ozrsGmnHoTFCp87QKcXpAb468kuOwIreb9jTzZjeEMloJ+W9H73WYnGD9/gAjCsLgCH2cvq635zaWa9d/+oH7PXJXArmxlhkxfXUK49lXkBMzEFSA1M2PMpjNVGU1HfbKUhXiWDqABMzLOSCcFkPLpmoSpmPQAb0XT2WbjTBETwe0tT2M9Pzs2MZxMgtdy1Q1+uWlD92S9X5/Km3G+JGAGqbNe+Vl/yyOvWAUJqwbgADIwhEawbcCfUiNH/LVjHhbTW8feolST/aeYKrpnLDuHXIajE/9CSpSfZjJ2u+Sh6/gGDlDCnXMI8INBbuiODbbbWYbTXZLzM0uUo4cyfqi9fU5GJ2xmSMwH9KwZBC7JrDGQP3Ilqz4OvrGMJ0MZnqskMuKWFEHJfCWKVNwxu6Eo9mg== | According to https://www.openssl.org/docs/man3.3/man7/RSA-PSS.html : "Signing and verification is similar to the RSA algorithm except the padding mode is always PSS" How do we set this padding mode? From the docs of openssl_public_encrypt(): |* @param int $padding [optional]

* padding can be one of * OPENSSL_PKCS1_PADDING, * OPENSSL_SSLV23_PADDING, * OPENSSL_PKCS1_OAEP_PADDING, * OPENSSL_NO_PADDING. | None of those are working. But they all do not seem to be PSS, right? However openssl on the command line seems to support it: |-pkeyopt rsa_padding_mode:pss | See: https://stackoverflow.com/a/44430091/351893 So how can the PSS padding mode be used in openssl_public_encrypt() ? — Reply to this email directly, view it on GitHub , or unsubscribe . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[jochen-jung]

I can pass 6 as the padding type. But it is still invalid.

The I guess in addition we need, what this code is doing:

$this->rsaPrivateKey->withMGFHash('sha256');

[tvdijen]

@robrichards I don't think the padding-option is used at all for signing.. We only pass it to the encryption/decryption methods. ext-openssl doesn't seem to support padding for signatures.