private static SigningInfo GetSigningInfo(SAMLSilly.Schema.XmlDSig.Signature signature)
{
var si = new SigningInfo();
si.IsSigningPossiblyEnabled = signature != null;
if (si.IsSigningPossiblyEnabled)
{
si.RecommendedSigningAlgorithm = ConfigurationHelpers.GetAlgorithmFromNamespace(signature.SignedInfo.SignatureMethod.Algorithm);
var cert = GetCertificates(signature.KeyInfo);
var defaultSpec = new SAMLSilly.Specification.DefaultCertificateSpecification();
si.IsCertificateValid = defaultSpec.IsSatisfiedBy(cert);
if (!si.IsCertificateValid)
{
var selfSignedSpec = new SAMLSilly.Specification.SelfIssuedCertificateSpecification();
si.IsCertificateSelfSigned = selfSignedSpec.IsSatisfiedBy(cert);
}
}
return(si);
}
public static SigningInfo GetKeyDescriptorAsWell(SsoDescriptor sso, SigningInfo si)
{
if (si.IsSigningPossiblyEnabled)
{
return(si);
}
if (sso.KeyDescriptor.Any())
{
si.IsSigningPossiblyEnabled = true;
var a = sso.KeyDescriptor.Select(x => x.KeyInfo).Select(GetCertificates);
foreach (var cert in a)
{
var defaultSpec = new SAMLSilly.Specification.DefaultCertificateSpecification();
si.IsCertificateValid = defaultSpec.IsSatisfiedBy(cert);
if (!si.IsCertificateValid)
{
var selfSignedSpec = new SAMLSilly.Specification.SelfIssuedCertificateSpecification();
si.IsCertificateSelfSigned = selfSignedSpec.IsSatisfiedBy(cert);
}
var sigMeth = cert.SignatureAlgorithm.FriendlyName.ToUpperInvariant();
if (sigMeth.Contains(AlgorithmType.SHA1.ToString()))
{
si.RecommendedSigningAlgorithm = AlgorithmType.SHA1;
}
else if (sigMeth.Contains(AlgorithmType.SHA256.ToString()))
{
si.RecommendedSigningAlgorithm = AlgorithmType.SHA256;
}
else if (sigMeth.Contains(AlgorithmType.SHA512.ToString()))
{
si.RecommendedSigningAlgorithm = AlgorithmType.SHA1;
}
}
}
return(si);
}