Skip to main content

Specifying the Signature Method

Specifying the Signature Method

By default, the signature value is computed via the RSA-SHA256 algorithm, and the <Signature> element in the security header includes something like this:

   <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha256"></SignatureMethod>
...
   <SignatureValue>J+gACmdjkJxaq2hJqA[parts omitted]</SignatureValue>

You can specify a different algorithm for the signature method. To do so, call the SetSignatureMethod() method of your instance of %XML.Security.SignatureOpens in a new tab. For the argument, use one of the following macros (which are contained in the %soap.inc file):

  • $$$SOAPWSrsasha1

  • $$$SOAPWSrsasha256 (the default)

  • $$$SOAPWSrsasha384

  • $$$SOAPWSrsasha512

  • $$$SOAPWShmacsha256

  • $$$SOAPWShmacsha384

  • $$$SOAPWShmacsha512

For example:

 do sig.SetSignatureMethod($$$SOAPWSrsasha512)

Note that you can modify the default signature algorithm. To do so, access the Management Portal, click System Administration, then Security, then System Security, and then System-wide Security Parameters. The option to specify the default signature algorithm is labeled Default signature hash.

Next sectionSpecifying the Canonicalization Method for <KeyInfo>
Previous sectionSpecifying the Digest Method
FeedbackOpens in a new tab