- edited description
Can't sign with RSA/PSS on Android using AndroidKeyStore generated keys
Issue #541
resolved
Hi.
I was trying to sign with SHA512withRSA/PSS
algo on Android device but it fails with error:
com.nimbusds.jose.JOSEException: Invalid private RSA key: No installed provider supports this key: android.security.keystore2.AndroidKeyStoreRSAPrivateKey
at com.nimbusds.jose.crypto.RSASSASigner.getInitiatedSignature(RSASSASigner.java:291)
at com.nimbusds.jose.crypto.RSASSASigner.sign(RSASSASigner.java:258)
....
The key was generated using AndroidKeyStore
so it can’t be used for signing using external provider like BC.
For som reason Android specifies these algo names differently (https://developer.android.com/reference/java/security/Signature)
They are:
SHA224withRSA/PSS
SHA224withRSA/PSS
SHA256withRSA/PSS
SHA384withRSA/PSS
SHA512withRSA/PSS
Library expects RSASSA-PSS
.
I replaced RSASSA-PSS
to SHA512withRSA/PSS
while debugging and it worked.
Is there any chance to extend the code with support of Android specific algo names?
Example:
} else if (alg.equals(JWSAlgorithm.PS512) // JWA mandates salt length equals hash
&& (signature = getSignerAndVerifier("RSASSA-PSS", provider, new PSSParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, 64, 1))) != null) {
return signature;
} else if(alg.equals(JWSAlgorithm.PS512))
&& (signature = getSignerAndVerifier("SHA512withRSA/PSS", provider)) != null) {
return signature;
} else if (alg.equals(JWSAlgorithm.PS512)
&& (signature = getSignerAndVerifier("SHA512withRSAandMGF1", provider)) != null) {
return signature;
}
Comments (4)
-
reporter -
reporter -
- changed status to open
Hi Gennadi,
Thanks for this report. It's extremely annoying that JCA provider people keep inventing new names for the PSS algs :) I'll check the proposed patch.
-
- changed status to resolved
Released in
version 9.38-rc4 (2024-04-28) * Adds KeyRevocation class to support OpenID Federation 1.0. * Adds Android "SHA{256|384|512}withRSA/PSS" JCA algorithm support (iss #541). * Adds JWKSet.containsNonPublicKeys helper method. * The RSAKey and ECKey.Builder.privateKey methods must accept and correctly apply null arguments (iss #543). * Switches to Object.requireNonNull where appropriate to reduce code and use of exception message strings. * Updates to com.google.crypto.tink:tink:1.13.0 * Updates to BouncyCastle 1.78 (JDK 1.8 on)
- Log in to comment