private void Verify()
{
XmlNamespaceManager nsMngr = new XmlNamespaceManager(assertion.OwnerDocument.NameTable);
nsMngr.AddNamespace("s11", "urn:oasis:names:tc:SAML:1.0:assertion");
Assert.Equal("urn:be:fgov:ehealth:sts:1_0", assertion.SelectSingleNode("@Issuer").Value);
Assert.Equal(ssin, assertion.SelectSingleNode("./s11:AttributeStatement/s11:Attribute[@AttributeName='urn:be:fgov:person:ssin']/s11:AttributeValue/text()", nsMngr).Value);
bool doctor;
Assert.True(bool.TryParse(assertion.SelectSingleNode("./s11:AttributeStatement/s11:Attribute[@AttributeName='urn:be:fgov:person:ssin:doctor:boolean']/s11:AttributeValue/text()", nsMngr).Value, out doctor));
SignedXml signed = new SignedSaml11(assertion);
XmlNodeList nodeList = assertion.GetElementsByTagName("Signature", "http://www.w3.org/2000/09/xmldsig#");
signed.LoadXml((XmlElement)nodeList[0]);
Assert.True(signed.CheckSignature(issuer, true));
}
private void AddSignature(XmlElement parent)
{
body.Normalize();
SignedXml signed = new SignedSaml11(body);
signed.SigningKey = SessionCert.PrivateKey;
signed.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url;
signed.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
signed.KeyInfo = new KeyInfo();
signed.KeyInfo.AddClause(new KeyInfoX509Data(SessionCert, X509IncludeOption.EndCertOnly));
Reference requestRef = new Reference("#" + RequestId);
requestRef.AddTransform(new XmlDsigEnvelopedSignatureTransform());
requestRef.AddTransform(new XmlDsigExcC14NTransform());
requestRef.DigestMethod = SignedXml.XmlDsigSHA1Url;
signed.AddReference(requestRef);
signed.ComputeSignature();
parent.InsertBefore(signed.GetXml(), parent.FirstChild);
}
