public override void ValidateSignature(X509Certificate2 cert, bool requiredSignature)
{
if (requiredSignature && cert == null)
{
throw new InvalidOperationException("Saml2 Missing Cert for Validating Required Signature");
}
if (requiredSignature && this.Signature == null)
{
throw new IdentityProviderException("Saml2 Document Missing Required Signature");
}
if (this.Signature != null)
{
var valid = TextSigner.Validate(this.singingInput, this.Signature, cert.GetRSAPublicKey(), this.SignatureAlgorithm.Value, false);
if (!valid)
{
throw new IdentityProviderException(String.Format("Saml2 Document Signature Not Valid Query:{0} Signature:{1}", this.singingInput, this.Signature));
}
}
}
public override void Sign(X509Certificate2 cert, bool requiredSignature)
{
if (requiredSignature && cert == null)
{
throw new InvalidOperationException("Saml2 Missing Cert for Required Signing");
}
if (this.Signature != null)
{
throw new InvalidOperationException("Saml2 Document is Already Signed");
}
if (this.SignatureAlgorithm == null)
{
this.SignatureAlgorithm = Cryptography.XmlSignatureAlgorithmType.RsaSha256;
}
var samlEncoded = EncodeSaml(this.Document.InnerXml);
this.singingInput = BuildSignatureQueryString(samlEncoded);
this.Signature = TextSigner.GenerateSignatureString(this.singingInput, cert.GetRSAPrivateKey(), this.SignatureAlgorithm.Value, false);
}
