/// <summary>
/// Signs an XmlDocument with an xml signature using the signing certificate given as argument to the method.
/// </summary>
/// <param name="certificate">The certificate used to sign the document</param>
/// <param name="certificate">The Signature Algorithm used to sign the document</param>
/// <param name="includeOption">Certificate include option</param>
/// <param name="id">The is of the topmost element in the xmldocument</param>
internal static XmlDocument SignDocument(this XmlDocument xmlDocument, X509Certificate2 certificate, string signatureAlgorithm, X509IncludeOption includeOption, string id)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
var signedXml = new Saml2SignedXml(xmlDocument.DocumentElement, certificate, signatureAlgorithm);
signedXml.ComputeSignature(includeOption, id);
var issuer = xmlDocument.DocumentElement[Saml2Constants.Message.Issuer, Saml2Constants.AssertionNamespace.OriginalString];
xmlDocument.DocumentElement.InsertAfter(xmlDocument.ImportNode(signedXml.GetXml(), true), issuer);
return(xmlDocument);
}
/// <summary>
/// Signs an Xml assertion with an xml signature using the signing certificate given as argument to the method.
/// </summary>
/// <param name="certificate">The certificate used to sign the assertion</param>
/// <param name="signatureAlgorithm">The Signature Algorithm used to sign the assertion</param>
/// <param name="xmlCanonicalizationMethod">The Signature XML canonicalization method used to sign the assertion</param>
/// <param name="includeOption">Certificate include option</param>
internal static void SignAssertion(this XmlDocument xmlDocument, XmlElement xmlAssertionElement, X509Certificate2 certificate, string signatureAlgorithm, string xmlCanonicalizationMethod, X509IncludeOption includeOption)
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
var id = xmlAssertionElement.GetAttribute(Saml2Constants.Message.Id);
var signedXml = new Saml2SignedXml(xmlAssertionElement, certificate, signatureAlgorithm, xmlCanonicalizationMethod);
signedXml.ComputeSignature(includeOption, id);
var issuer = xmlAssertionElement[Saml2Constants.Message.Issuer, Saml2Constants.AssertionNamespace.OriginalString];
xmlAssertionElement.InsertAfter(xmlDocument.ImportNode(signedXml.GetXml(), true), issuer);
}
/// <summary>
/// Signs an XmlDocument with an xml signature using the signing certificate given as argument to the method.
/// </summary>
/// <param name="certificate">The certificate used to sign the document</param>
/// <param name="includeOption">Certificate include option</param>
/// <param name="id">The is of the topmost element in the xmldocument</param>
/// <param name="removeKeyInfo">Set to true if key info should be removed from the signature.</param>
public static XmlDocument SignDocument(this XmlDocument xmlDocument, X509Certificate2 certificate, X509IncludeOption includeOption, string id, bool removeKeyInfo = false)
{
if (certificate == null)
{
throw new ArgumentNullException("certificate");
}
var signedXml = new Saml2SignedXml(xmlDocument);
signedXml.ComputeSignature(certificate, includeOption, id);
var issuer = xmlDocument.DocumentElement[Saml2Constants.Message.Issuer, Saml2Constants.AssertionNamespace.OriginalString];
if (removeKeyInfo)
{
signedXml.KeyInfo = null;
}
xmlDocument.DocumentElement.InsertAfter(xmlDocument.ImportNode(signedXml.GetXml(), true), issuer);
return(xmlDocument);
}
