public ISignatureProvider CreateFromAlgorithmName(Type signingKeyType, ShaHashingAlgorithm hashingAlgorithm) { System.Console.WriteLine("[SignatureProviderFactory][CreateFromAlgorithmName] => signingKeyType: " + signingKeyType); System.Console.WriteLine("[SignatureProviderFactory][CreateFromAlgorithmName] => hashingAlgorithm: " + hashingAlgorithm); if (signingKeyType.IsSubclassOf(typeof(RSA))) { switch (hashingAlgorithm) { case ShaHashingAlgorithm.SHA1: return(new RsaSha1SignatureProvider()); case ShaHashingAlgorithm.SHA256: return(new RsaSha256SignatureProvider()); case ShaHashingAlgorithm.SHA512: return(new RsaSha512SignatureProvider()); default: throw new InvalidOperationException($"Unsupported hashing algorithm '{hashingAlgorithm}' provideded while using RSA signing key"); } } if (signingKeyType.IsSubclassOf(typeof(DSA))) { return(new DsaSha1SignatureProvider()); } throw new InvalidOperationException($"The signing key type {signingKeyType.FullName} is not supported by OIOSAML.NET. It must be either a DSA or RSA key."); }
/// <summary> /// Returns a signature provider based on a hashing algorithm /// </summary> /// <param name="hashingAlgorithm"></param> /// <returns></returns> public static ISignatureProvider CreateFromShaHashingAlgorithmName(ShaHashingAlgorithm hashingAlgorithm) { switch (hashingAlgorithm) { case ShaHashingAlgorithm.SHA1: return(new RsaSha1SignatureProvider()); case ShaHashingAlgorithm.SHA256: return(new RsaSha256SignatureProvider()); case ShaHashingAlgorithm.SHA512: return(new RsaSha512SignatureProvider()); default: throw new InvalidOperationException( $"Unsupported hashing algorithm '{hashingAlgorithm}' provideded while using RSA signing key"); } }
/// <summary> /// If an asymmetric key has been specified, sign the request. /// </summary> private void AddSignature(StringBuilder result, AsymmetricAlgorithm signingKey, ShaHashingAlgorithm hashingAlgorithm) { System.Console.WriteLine(""); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signingKey: " + signingKey); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => hashingAlgorithm: " + hashingAlgorithm); System.Console.WriteLine(""); if (signingKey == null) { return; } result.Append(string.Format("&{0}=", HttpRedirectBindingConstants.SigAlg)); //System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result); var signingProvider = _signatureProviderFactory.CreateFromAlgorithmName(signingKey.GetType(), hashingAlgorithm); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signingProvider: " + signingProvider); var urlEncoded = signingProvider.SignatureUri.UrlEncode(); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => urlEncoded: " + urlEncoded); result.Append(urlEncoded.UpperCaseUrlEncode()); //System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result); // Calculate the signature of the URL as described in [SAMLBind] section 3.4.4.1. var signature = signingProvider.SignData(signingKey, Encoding.UTF8.GetBytes(result.ToString())); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signature: " + signature); result.AppendFormat("&{0}=", HttpRedirectBindingConstants.Signature); result.Append(HttpUtility.UrlEncode(Convert.ToBase64String(signature))); System.Console.WriteLine(""); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result); System.Console.WriteLine(""); }