SHA-256, SHA-384 and SHA-512 XML signatures require the Microsoft Enhanced RSA and AES Cryptographic Provider. This provider's type is 24. More details about cryptographic service providers (CSPs) and their capabilities may be found at: https://msdn.microsoft.com/en-us/library/windows/desktop/bb931357(v=vs.85).aspxThe following code displays various information about an X.509 certificate and its associated private key.
var x509Certificate = new X509Certificate2("test.pfx", "password", X509KeyStorageFlags.Exportable);
Console.WriteLine(x509Certificate.ToString(true));
The output includes information about the cryptographic provider.
The following output shows the Microsoft Enhanced RSA and AES Cryptographic Provider (type 24) is used and this private key may be used to generate SHA-256, SHA-384 and SHA-512 XML signatures.
[Private Key]
Key Store: User
Provider Name: Microsoft Enhanced RSA and AES Cryptographic Provider
Provider type: 24
Key Spec: Exchange
Key Container Name:
Hardware Device: False
Removable: False
By comparison, the following output is for a private key that doesn't support SHA-256 XML signatures although it may be used to generate SHA-1 XML signatures.
[Private Key]
Key Store: User
Provider Name: Microsoft Strong Cryptographic Provider
Provider type: 1
Key Spec: Exchange
Key Container Name:
Hardware Device: False
Removable: False
Regards ComponentSpace Development
|