private void Verify() { XmlNamespaceManager nsMngr = new XmlNamespaceManager(assertion.OwnerDocument.NameTable); nsMngr.AddNamespace("s11", "urn:oasis:names:tc:SAML:1.0:assertion"); Assert.Equal("urn:be:fgov:ehealth:sts:1_0", assertion.SelectSingleNode("@Issuer").Value); Assert.Equal(ssin, assertion.SelectSingleNode("./s11:AttributeStatement/s11:Attribute[@AttributeName='urn:be:fgov:person:ssin']/s11:AttributeValue/text()", nsMngr).Value); bool doctor; Assert.True(bool.TryParse(assertion.SelectSingleNode("./s11:AttributeStatement/s11:Attribute[@AttributeName='urn:be:fgov:person:ssin:doctor:boolean']/s11:AttributeValue/text()", nsMngr).Value, out doctor)); SignedXml signed = new SignedSaml11(assertion); XmlNodeList nodeList = assertion.GetElementsByTagName("Signature", "http://www.w3.org/2000/09/xmldsig#"); signed.LoadXml((XmlElement)nodeList[0]); Assert.True(signed.CheckSignature(issuer, true)); }
private void AddSignature(XmlElement parent) { body.Normalize(); SignedXml signed = new SignedSaml11(body); signed.SigningKey = SessionCert.PrivateKey; signed.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url; signed.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; signed.KeyInfo = new KeyInfo(); signed.KeyInfo.AddClause(new KeyInfoX509Data(SessionCert, X509IncludeOption.EndCertOnly)); Reference requestRef = new Reference("#" + RequestId); requestRef.AddTransform(new XmlDsigEnvelopedSignatureTransform()); requestRef.AddTransform(new XmlDsigExcC14NTransform()); requestRef.DigestMethod = SignedXml.XmlDsigSHA1Url; signed.AddReference(requestRef); signed.ComputeSignature(); parent.InsertBefore(signed.GetXml(), parent.FirstChild); }