Currently, I have source code that is calling external web services that is using SHA-1 cryptography and i'm currently calling these external WS by the following
using System.Security.Cryptography.X509Certificates;
X509Certificate2 x509Certificate2 = new X509Certificate2("client.p12", "password");
and each time calling the WS I have to pass the variable as per below:
WebserviceName.Timeout = 20000000;
WebserviceName.PreAuthenticate = true;
WebserviceName.ClientCertificates.Add(x509Certificate2);
Now, I was wondering if .NET framework 4.0 supports SHA-2.
Please advise if X509Certificate2 could be used for SHA-2 and/or any other resource that I could use for this upgrade.
Thank you.
X.509 certificates themselves do not specify which algorithm is to be used for signature generation / verification. An RSA public key can be used for any RSA based algorithm.
Certificates can however be signed with an algorithm that uses SHA-1 (usually PKCS#1 v1.5 signatures; PSS signatures usually use SHA-2 but both are compatible with SHA-1 and SHA-2). So you must make sure that your certificate itself isn't considered invalid if SHA-1 is not considered secure enough anymore.
SHA-2 has been supported by .NET for a long time (the SHA256
is even in 1.1), but it never hurts to test your configuration.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.