0

The security check tool Fortify has detected vulnerability on the lines

RSAPKCS1SignatureDeformatter deformatter = new RSAPKCS1SignatureDeformatter(key);
deformatter.SetHashAlgorithm("SHA256");

The CreateDeformatter() method performs public key RSA encryption without OAEP padding, thereby making the encryption weak.

Could someone please share some light to find the exact problem for this. Iā€™m relatively new to the area of RSA.

dilla
  • 1
  • 3
  • If this is a signature, Fortify should complain that you are not using RSA-PSS, and not mention OAEP. This would be an PKCS #1 v. 2.1 signature scheme, rather than the v. 1.5 scheme you are using. I am not familiar with .NET but it doesn't appear that they provide a formatter for PSS. ā€“ erickson Sep 17 '20 at 22:03
  • @erickson Would you be able to further elaborate on your answer. SignatureDescription is a core .NET dll and we have inherited and overrided the methods. In your opinion where should this padding be incorporated ā€“ dilla Sep 18 '20 at 00:44
  • 1
    PSS Padding is the more modern padding compared to PKCS#1 v1.5 Padding. Probably Fortify requires this for security reasons. Therefore [this answer](https://stackoverflow.com/a/51892714/9014097) might be of interest as it implements a `SignatureDescription` for PSS. By the way, the term PSS refers to padding in the context of signing, in the context of encryption OAEP is used, so Fortify's message is not quite correct, as already mentioned in the first comment. ā€“ Topaco Sep 18 '20 at 10:06

0 Answers0