I have official test vectors (FIPS 186-4 https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/digital-signatures#rsavs, SigGenPSS_186-3.txt) for PSS, I need to add a specific salt to test PSS. Is there any way I could add custom salt to RSACng?
Nope.
CNG doesn’t allow it, so RSACng can’t allow it, either.
NCryptSignHash takes a BCRYPT_PSS_PADDING_INFO, which only asks how many bytes to use for a salt, not what the bytes should be.
RSACng doesn’t even expose that, sticking with the “as many as the size of the hash algorithm” recommendation (as stated in the RSASignaturePadding.Pss property documentation).