2006-10-11 Atsushi Enomoto <atsushi@ximian.com>

	* SignedXml.cs : when SigningMethod does not match the algorithm that
	  the key actually supports, it raises an error.

	* SignedXmlTest.cs : added a test for signature method mismatch.


svn path=/trunk/mcs/; revision=66535

2 files changed, 10 insertions, 2 deletions

diff --git a/mcs/class/System.Security/System.Security.Cryptography.Xml/ChangeLog b/mcs/class/System.Security/System.Security.Cryptography.Xml/ChangeLog
index 2446e0d0bdd..c99d2435b1e 100644
--- a/mcs/class/System.Security/System.Security.Cryptography.Xml/ChangeLog
+++ b/mcs/class/System.Security/System.Security.Cryptography.Xml/ChangeLog
@@ -1,3 +1,8 @@
+2006-10-11  Atsushi Enomoto  <atsushi@ximian.com>
+
+	* SignedXml.cs : when SigningMethod does not match the algorithm that
+	  the key actually supports, it raises an error.
+
 2006-09-22  Atsushi Enomoto  <atsushi@ximian.com>
 
 	* EncryptedXml.cs : use Padding member instead of const ISO10126 (though
diff --git a/mcs/class/System.Security/System.Security.Cryptography.Xml/SignedXml.cs b/mcs/class/System.Security/System.Security.Cryptography.Xml/SignedXml.cs
index 4d30baa407f..0deb351d9d1 100644
--- a/mcs/class/System.Security/System.Security.Cryptography.Xml/SignedXml.cs
+++ b/mcs/class/System.Security/System.Security.Cryptography.Xml/SignedXml.cs
@@ -623,8 +623,11 @@ namespace System.Security.Cryptography.Xml {
 		public void ComputeSignature () 
 		{
 			if (key != null) {
-				// required before hashing
-				m_signature.SignedInfo.SignatureMethod = key.SignatureAlgorithm;
+				if (m_signature.SignedInfo.SignatureMethod == null)
+					// required before hashing
+					m_signature.SignedInfo.SignatureMethod = key.SignatureAlgorithm;
+				else if (m_signature.SignedInfo.SignatureMethod != key.SignatureAlgorithm)
+					throw new CryptographicException ("Specified SignatureAlgorithm is not supported by the signing key.");
 				DigestReferences ();
 
 				AsymmetricSignatureFormatter signer = null;