SHA-256, SHA-384 and SHA-512 XML signatures require the Microsoft Enhanced RSA and AES Cryptographic Provider. This provider's type is 24. More details about cryptographic service providers (CSPs) and their capabilities may be found at: https://msdn.microsoft.com/en-us/library/windows/desktop/bb931357(v=vs.85).aspxThe following code displays various information about an X.509 certificate and its associated private key. var x509Certificate = new X509Certificate2("test.pfx", "password", X509KeyStorageFlags.Exportable); Console.WriteLine(x509Certificate.ToString(true));
The output includes information about the cryptographic provider. The following output shows the Microsoft Enhanced RSA and AES Cryptographic Provider (type 24) is used and this private key may be used to generate SHA-256, SHA-384 and SHA-512 XML signatures.
[Private Key] Key Store: User Provider Name: Microsoft Enhanced RSA and AES Cryptographic Provider Provider type: 24 Key Spec: Exchange Key Container Name: Hardware Device: False Removable: False
By comparison, the following output is for a private key that doesn't support SHA-256 XML signatures although it may be used to generate SHA-1 XML signatures.
[Private Key] Key Store: User Provider Name: Microsoft Strong Cryptographic Provider Provider type: 1 Key Spec: Exchange Key Container Name: Hardware Device: False Removable: False
Regards ComponentSpace Development
|