[Feature Request] AAD client assertions should be computed using SHA 256 and an approved padding scheme

### MSAL client type

Confidential

### Problem Statement

When MSAL creates the client assertion, it uses PKCS1 padding for digital signature and SHA1 as x5t claim. These are old crypto algorithms and we need to move to newer versions. The STS is building support.

See ESTS work items :

https://identitydivision.visualstudio.com/Engineering/_workitems/edit/2655345
https://identitydivision.visualstudio.com/Engineering/_workitems/edit/2704466

### Proposed solution

Use x5t#s256 and PSS padding when talking to ESTS, CIAM, B2C(?) but not with ADFS.

 ### Original issue

 https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4428

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Feature Request] AAD client assertions should be computed using SHA 256 and an approved padding scheme #639

MSAL client type

Problem Statement

Proposed solution

Original issue

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Feature Request] AAD client assertions should be computed using SHA 256 and an approved padding scheme #639

Description

MSAL client type

Problem Statement

Proposed solution

Original issue

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions