Is there a way to handle this with signature algorithm ?
Hi Freddy,
The RSACryptoServiceProvider class actually is a pretty thin wrapper around Windows' crypto implementation (like all of the *CryptoServiceProvider classes are). When you call SignData, RSACryptoServiceProvider is going to turn around and ask Windows to do the actual signing operation. However, Windows cannot use managed crypto algorithms, so you'll have to specify a hash algorithm that Windows does understand.
In this case, Windows knows about SHA1 (since SHA1CryptoServiceProvider is a wrapper around Windows again), but does not know about SHA256 (Notice that you are using SHA256Managed here). .... this leads to RSACrytpoServiceProvider being unable to sign with SHA256.
-Shawn
So, how do we use .net 2.0 to sign and XML doc such that we get the following SignatureMethod in the XML:
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256">
I can apparently do this with HMACSHA256. Is there an equivelant keyedhashalgorithm that uses SHA256 with RSA? ie, and RSASHA256 object?
thanks
With the 2.0 release of the CLR, there is no way to use the RSA-SHA256 signature type with SignedXml. Adding a SHA-256 CryptoServiceProivder implemenation is high on our list of items to look at in the next version, which should enable this scenario.
-Shawn
