I need to use RSA-SHA256 signing. Unfortunately not all Microsoft CryptoAPI prov
ID: 647816 • Letter: I
Question
I need to use RSA-SHA256 signing. Unfortunately not all Microsoft CryptoAPI providers support that. It's possible that I might get a handle to a CryptoAPI provider that can just encrypt/decrypt with RSA, and maybe sign with SHA1, but not SHA256. Also, the private key might be unavailable (say, it could be in a smart card or some such device).
Is it then possible for me to "fill the gaps" myself? I can, after all, calculate the SHA256 hash of the data myself. Can I then somehow encrypt it with the provider and get a valid signature? Simply encrypting the hash doesn't seem to work (it produces the wrong result).
Or is the signing algorithm a modification of the encryption algorithm, and if the provider doesn't support it, then there's physically nothing that I can do?
Explanation / Answer
The only way you could do this if if you could affect the padding schemes appropriately. Mathematically, textbook RSA encryption with the private key is the same as textbook RSA signature generation.
Nobody should use textbook RSA, however. In practice, padding schemes are used and they differ between the two operations. So unless you can turn off padding (and padding checks) and implement the signature padding yourself, the answer is no.
The reason I mention padding checks is that theoretically, RSA decryption (which is the same as the RSA encryption operation but with the private key) does not add padding. The RSA decryption operation may check padding and throw an error if it is incorrect or it will strip away padding, which is something you don't want.