[Mono-list] SingedXml.ComputeSignature: Why is SHA1 enforced
Mathias Tausig
mtausig at fsmat.at
Fri May 30 06:58:10 EDT 2008
Hy!
I was looking through the ComputeSignature() function of the SignedXML
class: There appear the source lines (abbreviated, just for a RSA case):
signer = new RSAPKCS1SignatureFormatter (key);
HashAlgorithm hash = GetHash (sd.DigestAlgorithm);
byte[] digest = hash.ComputeHash (SignedInfoTransformed ());
signer.SetHashAlgorithm ("SHA1");
m_signature.SignatureValue = signer.CreateSignature (digest);
Since I would like to use other hash-algorithms (like the SHA-2 family), I
am stuck ath the second last line. Is there any particular reason for
enforcing SHA1, no matter what the key says? I am aware, that the only
recommended digest in the xmldsig specifications is SHA1, but since there
are new URIs for other SigningMethods from w3c, that shouldn't be a
problem.
cheers
Mathias
More information about the Mono-list
mailing list