Skip to content

Fallback to RS256 when certificate PSS signing fails#6126

Merged
bgavrilMS merged 3 commits into
mainfrom
bgavril/legacy-csp-client-assertions
Jul 15, 2026
Merged

Fallback to RS256 when certificate PSS signing fails#6126
bgavrilMS merged 3 commits into
mainfrom
bgavril/legacy-csp-client-assertions

Conversation

@bgavrilMS

@bgavrilMS bgavrilMS commented Jul 15, 2026

Copy link
Copy Markdown
Member

Summary

  • attempt the preferred PS256 / PSS certificate assertion first
  • fall back to an RS256 / PKCS#1 assertion when PSS signing throws CryptographicException
  • rebuild the JWT header as RS256 with x5t while reusing the original encoded payload
  • preserve PS256 / PSS for providers that support it
  • keep request-level x5c behavior independent from signing fallback

Test coverage

  • performs the normal AcquireTokenForClient flow through the mocked HTTP pipeline
  • injects a cryptography manager that rejects PSS but performs real PKCS#1 signing
  • inspects the posted client_assertion
  • verifies RS256, x5t, x5c, and the PKCS#1 SHA-256 signature
  • verifies the existing PS256 client assertion remains unchanged

Closes #6125

Copilot AI review requested due to automatic review settings July 15, 2026 16:21
@bgavrilMS
bgavrilMS requested a review from a team as a code owner July 15, 2026 16:21

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses token acquisition failures on .NET Framework when using certificates whose private keys are backed by legacy Windows CSP providers (exposed as RSACryptoServiceProvider), by falling back from PS256/PSS to RS256/PKCS#1 for client assertions while keeping x5c emission governed solely by the request option.

Changes:

  • Add legacy CSP-backed certificate detection and reuse of resolved RSA providers in CommonCryptographyManager.
  • Downgrade assertion signing from PS256 to RS256 when a legacy CSP-backed key is detected to avoid PSS padding failures.
  • Add a .NET Framework unit test that creates a CertEnroll CSP certificate and validates the outgoing client_assertion header and PKCS#1 signature through the mocked HTTP pipeline.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
tests/Microsoft.Identity.Test.Unit/PublicApiTests/ClientCredentialWithCertTest.cs Adds a net48-only test creating a legacy CSP-backed cert via CertEnroll and validating an RS256/PKCS#1 client assertion.
src/client/Microsoft.Identity.Client/PlatformsCommon/Shared/CommonCryptographyManager.cs Introduces legacy CSP detection and refactors RSA provider caching into helpers reused by signing and detection.
src/client/Microsoft.Identity.Client/PlatformsCommon/Interfaces/ICryptographyManager.cs Extends the internal crypto interface with legacy CSP certificate detection.
src/client/Microsoft.Identity.Client/Internal/JsonWebToken.cs Switches to RS256 when legacy CSP is detected while preserving request-level sendX5C behavior.

@gladjohn gladjohn left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are SHA‑256-incapable CSPs (PROV_RSA_FULL, PROV_RSA_SCHANNEL) are in or out of scope?

Copilot AI review requested due to automatic review settings July 15, 2026 18:12
@bgavrilMS bgavrilMS changed the title Support legacy CSP-backed certificate assertions Fallback to RS256 when certificate PSS signing fails Jul 15, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

Copilot AI review requested due to automatic review settings July 15, 2026 20:26

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.

Copilot AI review requested due to automatic review settings July 15, 2026 21:12
@bgavrilMS
bgavrilMS force-pushed the bgavril/legacy-csp-client-assertions branch from 861ca12 to 44cfa8e Compare July 15, 2026 21:12
@bgavrilMS bgavrilMS changed the title Fallback to RS256 when certificate PSS signing fails Fallback when RSACryptoServiceProvider rejects PSS signing Jul 15, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

Copilot AI review requested due to automatic review settings July 15, 2026 21:17
@bgavrilMS bgavrilMS changed the title Fallback when RSACryptoServiceProvider rejects PSS signing Fallback to RS256 when certificate PSS signing fails Jul 15, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

Comment thread src/client/Microsoft.Identity.Client/Internal/JsonWebToken.cs
Comment thread tests/Microsoft.Identity.Test.Unit/PublicApiTests/ClientCredentialWithCertTest.cs Outdated
Copilot AI review requested due to automatic review settings July 15, 2026 21:46

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

Wrap only the invalid PSS operation performed by RSACryptoServiceProvider and rebuild the client assertion as RS256. Preserve unrelated cryptographic failures and cover both paths.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Copilot-Session: 0ed0719e-5c4e-43db-8301-6fa74cec98e1
Keep the fallback localized to JsonWebToken: retry the assertion as RS256 after a PSS CryptographicException, without provider-specific product-code changes.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Copilot-Session: 0ed0719e-5c4e-43db-8301-6fa74cec98e1
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Copilot-Session: 0ed0719e-5c4e-43db-8301-6fa74cec98e1
@bgavrilMS
bgavrilMS force-pushed the bgavril/legacy-csp-client-assertions branch from a866d1a to 7d21759 Compare July 15, 2026 21:51
@bgavrilMS

Copy link
Copy Markdown
Member Author

are SHA‑256-incapable CSPs (PROV_RSA_FULL, PROV_RSA_SCHANNEL) are in or out of scope?

I don't know. There doesn't seem to be a clear repro of this bug. So I pivoted to a try PSS / fallback to PKCS1.

@bgavrilMS
bgavrilMS enabled auto-merge (squash) July 15, 2026 21:54
@bgavrilMS
bgavrilMS merged commit d1ac9d0 into main Jul 15, 2026
15 checks passed
@bgavrilMS
bgavrilMS deleted the bgavril/legacy-csp-client-assertions branch July 15, 2026 22:15
This was referenced Jul 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Fallback to RS256 when certificate PSS signing is unsupported

4 participants