Support RSASSA-PSS parameters on .NET with BC

DEVSIX-8417

Author: vitali-pr

itext.tests/itext.sign.tests/itext/signatures/PdfPKCS7ManuallyPortedTest.cs

@@ -72,5 +72,16 @@ public virtual void VerifyRsaSha3SignatureTest() {
                 VerifyIsoExtensionExample("SHA3-256withRSA", "sample-rsa-sha3_256.pdf");
             }
         }
+
+        [NUnit.Framework.Test]
+        public virtual void VerifyRsaPssSha3SignatureTest()
+        {
+            if ("BC".Equals(BOUNCY_CASTLE_FACTORY.GetProviderName())) {
+                VerifyIsoExtensionExample("RSASSA-PSS", "sample-pss-sha3_256.pdf");
+            } else {
+                // Signer "RSASSA-PSS not recognised in BCFIPS mode
+                NUnit.Framework.Assert.Catch(typeof(PdfException), () => VerifyIsoExtensionExample("RSASSA-PSS", "sample-pss-sha3_256.pdf"));
+            }
+        }
     }
 }

itext.tests/itext.sign.tests/itext/signatures/sign/IsoSignatureExtensionsRoundtripTest.cs

@@ -142,7 +142,18 @@ public virtual void TestRsaWithSha3_512() {
         }
 
         [NUnit.Framework.Test]
-        public virtual void TestRsaWithSha3_256() {
+        public virtual void TestRsaSsaPssWithSha3_256()
+        {
+            if ("BC".Equals(BOUNCY_CASTLE_FACTORY.GetProviderName())) {
+                DoRoundTrip("rsa", DigestAlgorithms.SHA3_256, "RSASSA-PSS", new DerObjectIdentifier(SecurityIDs.ID_RSASSA_PSS));
+            } else {
+                // Signer RSASSA-PSS not recognised in BCFIPS mode
+                NUnit.Framework.Assert.Catch(typeof(PdfException), () => DoRoundTrip("rsa", DigestAlgorithms.SHA3_256, "RSASSA-PSS", new DerObjectIdentifier(SecurityIDs.ID_RSASSA_PSS)));
+            }
+        }
+
+        [NUnit.Framework.Test]
+        public virtual void TestDsaWithSha3_256() {
             if ("BCFIPS".Equals(BOUNCY_CASTLE_FACTORY.GetProviderName())) {
                 DoRoundTrip("dsa", DigestAlgorithms.SHA3_256, NistObjectIdentifiers.IdDsaWithSha3_256);
             } else {

itext.tests/itext.sign.tests/itext/signatures/sign/RSASSAPSSTest.cs

@@ -65,7 +65,7 @@ public virtual void SignWithRsaSsaPssTest()
             String cmpFileName = "cmp_simplePssSignature.pdf";
             if ("BCFIPS".Equals(BOUNCY_CASTLE_FACTORY.GetProviderName()))
             {
-                // Signer RSASSA-PSS not recognised in BC mode
+                // Signer RSASSA-PSS not recognised in BCFIPS mode
                 NUnit.Framework.Assert.Catch(typeof(PdfException), () =>
                 {
                     DoRoundTrip(digestName, "RSASSA-PSS", outFileName, 
@@ -91,7 +91,7 @@ public virtual void SignWithRsaSsaPssAlternativeNomenclatureTest()
 
             if ("BCFIPS".Equals(BOUNCY_CASTLE_FACTORY.GetProviderName()))
             {
-                // Signer RSASSA-PSS not recognised in BC mode
+                // Signer RSASSA-PSS not recognised in BCFIPS mode
                 NUnit.Framework.Assert.Catch(typeof(PdfException), () =>
                 {
                     DoRoundTrip(digestName,
@@ -116,7 +116,7 @@ public virtual void SignWithRsaSsaSha384PssTest() {
             String outFileName = "simplePssSignatureSha384.pdf";
             if ("BCFIPS".Equals(BOUNCY_CASTLE_FACTORY.GetProviderName()))
             {
-                // Signer RSASSA-PSS not recognised in BC mode
+                // Signer RSASSA-PSS not recognised in BCFIPS mode
                 NUnit.Framework.Assert.Catch(typeof(PdfException), () =>
                 {
                     DoRoundTrip(digestName, "RSASSA-PSS", outFileName,
@@ -137,7 +137,7 @@ public virtual void SignWithRsaSsaCustomSaltLengthTest() {
             String cmpFileName = "cmp_simplePssSignature.pdf";
 
             if ("BCFIPS".Equals(BOUNCY_CASTLE_FACTORY.GetProviderName())) {
-                // Signer RSASSA-PSS not recognised in BC mode
+                // Signer RSASSA-PSS not recognised in BCFIPS mode
                 NUnit.Framework.Assert.Catch(typeof(PdfException), () =>
                 {
                     DoRoundTrip(digestName, "RSASSA-PSS", outFileName, new RSASSAPSSMechanismParams(

itext/itext.bouncy-castle-adapter/itext/bouncycastle/crypto/SignerBC.cs

@@ -66,6 +66,23 @@ public void InitSign(IPrivateKey key) {
             InitSign(key, lastHashAlgorithm, lastEncryptionAlgorithm);
         }
 
+        /// <summary><inheritDoc/></summary>
+        public void InitRsaPssSigner(string digestAlgoName, int saltLen, int trailerField) {
+            if (iSigner != null) {
+                return;
+            }
+            // If trailerField == 1 then trailer = 0xBC (it's the default one)
+            if (trailerField != 1) {
+                throw new ArgumentException("unknown trailer field");
+            }
+
+            Org.BouncyCastle.Crypto.IDigest digest = Org.BouncyCastle.Security.DigestUtilities.GetDigest(digestAlgoName);
+            Org.BouncyCastle.Crypto.ISigner signer = new Org.BouncyCastle.Crypto.Signers.PssSigner(
+                new Org.BouncyCastle.Crypto.Engines.RsaBlindedEngine(), digest, digest, saltLen, 0xBC);
+
+            this.iSigner = signer;
+        }
+
         /// <summary><inheritDoc/></summary>
         public void Update(byte[] buf, int off, int len) {
             iSigner.BlockUpdate(buf, off, len);
@@ -130,23 +147,24 @@ public override String ToString() {
         }
 
         private void InitVerify(IPublicKey publicKey, string hashAlgorithm, string encrAlgorithm) {
-            if (string.IsNullOrEmpty(hashAlgorithm)) {
-                iSigner = SignerUtilities.GetSigner(encrAlgorithm);
-            } else {
-                iSigner = SignerUtilities.GetSigner(hashAlgorithm + "with" + encrAlgorithm);
+            if (iSigner == null) {
+                if (string.IsNullOrEmpty(hashAlgorithm)) {
+                    iSigner = SignerUtilities.GetSigner(encrAlgorithm);
+                } else {
+                    iSigner = SignerUtilities.GetSigner(hashAlgorithm + "with" + encrAlgorithm);
+                }
             }
-            
+
             iSigner.Init(false, ((PublicKeyBC) publicKey).GetPublicKey());
         }
 
         private void InitSign(IPrivateKey key, string hashAlgorithm, string encrAlgorithm) {
-            if (string.IsNullOrEmpty(hashAlgorithm))
-            {
-                iSigner = SignerUtilities.GetSigner(encrAlgorithm);
-            }
-            else
-            {
-                iSigner = SignerUtilities.GetSigner(hashAlgorithm + "with" + encrAlgorithm);
+            if (iSigner == null) {
+                if (string.IsNullOrEmpty(hashAlgorithm)) {
+                    iSigner = SignerUtilities.GetSigner(encrAlgorithm);
+                } else {
+                    iSigner = SignerUtilities.GetSigner(hashAlgorithm + "with" + encrAlgorithm);
+                }
             }
 
             iSigner.Init(true, ((PrivateKeyBC) key).GetPrivateKey());

itext/itext.bouncy-castle-fips-adapter/itext/bouncycastlefips/crypto/SignerBCFips.cs

@@ -69,6 +69,12 @@ public void InitSign(IPrivateKey key) {
             InitSign(key, lastHashAlgorithm, lastEncryptionAlgorithm);
         }
 
+        /// <summary><inheritDoc/></summary>
+        public void InitRsaPssSigner(string digestAlgoName, int saltLen, int trailerField) {
+            // Not supported yet
+            // Leave empty, we will throw in another place
+        }
+
         /// <summary><inheritDoc/></summary>
         public void Update(byte[] buf, int off, int len) {
             if (digest != null) {

itext/itext.commons/itext/commons/bouncycastle/crypto/ISigner.cs

@@ -41,7 +41,15 @@ public interface ISigner {
         /// </summary>
         /// <param name="publicKey">public key</param>
         void InitSign(IPrivateKey key);
-        
+
+        /// <summary>
+        /// Creates actual signer object to create RSASSA-PSS signature
+        /// </summary>
+        /// <param name="digestAlgoName">digect algorithm</param>
+        /// <param name="saltLen">salt length</param>
+        /// <param name="trailerField">trailer field</param>
+        void InitRsaPssSigner(string digestAlgoName, int saltLen, int trailerField);
+
         /// <summary>
         /// Calls actual
         /// <c>Update</c>

itext/itext.sign/itext/signatures/SignUtils.cs

@@ -267,12 +267,9 @@ internal static IEnumerable<IX509Certificate> GetCertificates(List<IX509Certific
             return rootStore;
         }
 
-        internal static void SetRSASSAPSSParamsWithMGF1(ISigner signature, String digestAlgoName, int saltLen, int trailerField)
-        {
-         //     var mgf1Spec = new MgfParameters() MGF1ParameterSpec(digestAlgoName);
-         //    PSSParameterSpec spec = new Pss  PSSParameterSpec(digestAlgoName, "MGF1", mgf1Spec, saltLen, trailerField);
-         // signature.  setParameter(spec);
-         }
+        internal static void SetRSASSAPSSParamsWithMGF1(ISigner signature, String digestAlgoName, int saltLen, int trailerField) {
+            signature.InitRsaPssSigner(digestAlgoName, saltLen, trailerField);
+        }
 
         internal static void UpdateVerifier(ISigner sig, byte[] digest) {
             sig.UpdateVerifier(digest);