RSASSASigner cannot read private keys with algorithm RSASSA-PSS
I created keypars with openssl e.g.
openssl genpkey -algorithm rsa-pss \
-pkeyopt rsa_keygen_bits:2048 \
-pkeyopt rsa_pss_keygen_md:sha256 \
-pkeyopt rsa_pss_keygen_mgf1_md:sha256 \
-pkeyopt rsa_pss_keygen_saltlen:32 \
-out privateKey.pem
Using this key for signature with PS256 fails with error “The private key algorithm must be RSA”
In source I see why, e.g.
if (!"RSA".equalsIgnoreCase(privateKey.getAlgorithm())) {
throw new IllegalArgumentException("The private key algorithm must be RSA");
the PrivateKey object has key.getAlgorithm() == RSASSA-PSS
To me this should work or is there another class next to RSASSASigner which would allow algorithm RSASSA-PSS instead of RSA only
Thanks in advance
Comments (8)
-
-
reporter Hi Vladimir,
From this key I generated a PKCS8 pem file + cert and later on p12 , so I load it from KeyManager (p12) but also from PEMParser (BC)
I played and managed to load it with the workaround of
means if I create first a RSAKey , add privateKey and use this to create RSASSASigner, then it works, so I think in RSASSASigner there should be same as in RSAKey, e.g.
if (priv instanceof RSAPrivateKey) { return this.privateKey((RSAPrivateKey)priv); } else if (!"RSA".equalsIgnoreCase(priv.getAlgorithm())) { throw new IllegalArgumentException("The private key algorithm must be RSA"); }
What do you think?
-
reporter -
Thanks for the PR, I’ll check it out.
BTW, one super simple work around that doesn’t require a mod to the lib is to wrap the object and override the
getAlgorithm
to return “RSA”. Or recreating the object with the “RSA” alg with https://docs.oracle.com/javase/8/docs/api/java/security/spec/RSAPrivateKeySpec.html -
- changed status to open
-
reporter I tried this and yes, if I omit AlgorithmParameterSpec
params
then it is again a pure RSA key, but then I loose the salt and security enhancements from https://docs.oracle.com/javase/8/docs/api/java/security/spec/PSSParameterSpec.htmlTested this with https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/src/main/java/com/nimbusds/jose/jwk/RSAKey.java#lines-2319 and later on params resetted to null, so I would appreciate if “privateKey
instanceof RSAPrivateKey” would be enought to create a RSASigner
-
Hi Markus,
The PR was merged and is now out as
version 9.30.1 (2023-01-31)
That the MGF params are not swallowed in the PEM import with BC is good news, I verified this with a test (not included in the suite because it’s above the Java 7 API).
Thanks for the contribution!
-
- changed status to resolved
- Log in to comment
Hi Markus,
How was the openssl key imported into the Java runtime?