I'm struggling with this now a whole week and hope someone could help me out.
I need to sign xml using SHA256 and xmldsig. For this I use the SignedXML Class. When looking into this class I see it uses the SignatureAlgorithm value of the loaded key to determine what Hashing type to use.
No matter how I load the key(via cert store of via loading cert file) it will show SHA1 as SignatureAlgorithm. When I look up the details of my Certificate in the MMC cert store, it shows SHA256 as SignatureAlgorithm.
I tried both openssl and makecert to generate a SHA256 cert key, but both will load as SHA1 in .Net And so signedXml.ComputeSignature(); will use SHA1 as a SignatureMethod
.Net 4.0 should support SHA256 right?
Found out that I was probably using the wrong class.
Instead of Microsoft.Web.Services.Security.SignedXml of should use System.Security.Cryptography.Xml.SignedXml. The latter doesn't use the SignatureAlgorithm of the used key to determine what Algorithm to use. Now I can set the Algorithm myself with 'SignedXml.SignedInfo.SignatureMethod' and use a SHA1 key.