How to use signtool to create PKCS#7 file with RSASSA-PSS signature?

Question

Hi All,
I use Signtool to sign specific file to get PKCS#7 file and extract signature from PKCS#7 file.
My command is like below.
"signtool.exe sign /p7 . /fd SHA384 /p7co 1.2.840.113549.1.7.1 /p7ce DetachedSignedData /p "" /f rsa3072DebugRsaPss.key.pfx Debug.bin"

But the signature get from PKCS#7 (Debug.bin.p7) is use RSASSA-PKCS#1_1.5 padding method.
For ca connect to pfx (rsa3072DebugRsaPss.key.pfx) already set to RSASSA-PSS (ca signature algorithm).

How could I get signature for signtool PKCS#7 file with RSASSA-PSS padding method?

Thanks.

Answer 1

Hi,
Hope this will help:
https://learn.microsoft.com/en-us/windows/win32/seccrypto/signtool

Thanks for your time.
Best regards,
Danny

-----------------------------

If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

Hi,
Based on your description, this issue seems related to windows api, thus we added windows-api-general related tag so that it would be easier for you to get support from windows api engineers.

Thanks for your understanding.
Best regards,
Danny

-----------------------------

If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.