public bool CheckAssertionSignature()
{
var xmlass = xml.DocumentElement.LocalName == "Assertion" ? xml.DocumentElement : xml.GetElementsByTagName("Assertion", NameSpaces.saml)[0] as XmlElement;
//var xmlass = (xml.SelectSingleNode("/soap:Envelope/soap:Body/trust:RequestSecurityToken/tr:ActAs", nsManager) as XmlElement).FirstChild as XmlElement;
if (xmlass == null)
{
throw new ModelBuildException("Could not find Liberty signature element");
}
var sig = xmlass.GetElementsByTagName("Signature", NameSpaces.ds)[0] as XmlElement;
if (sig == null)
{
throw new ModelBuildException("Could not find Liberty signature element");
}
sig = MakeSignatureCheckSamlCompliant(sig);
LoadXml(sig);
var cert = KeyInfo.Cast <KeyInfoX509Data>().Select(d => d.Certificates[0] as X509Certificate2).Where(c => c != null).FirstOrDefault();
if (cert == null)
{
throw new InvalidOperationException("No X509Certificate2 certificate found in Keyinfo");
}
return(CheckSignature(cert, true));
}
public X509Certificate2 GetSignature()
{
var nsManager = NameSpaces.MakeNsManager(xml.NameTable);
var xmlass = xml.DocumentElement.LocalName == "Assertion" ? xml.DocumentElement : xml.GetElementsByTagName("Assertion", NameSpaces.saml)[0] as XmlElement;
var sig = xmlass.GetElementsByTagName("Signature", NameSpaces.ds)[0] as XmlElement;
if (sig == null)
{
return(null);
}
sig = MakeSignatureCheckSamlCompliant(sig);
LoadXml(sig);
var cert = KeyInfo.Cast <KeyInfoX509Data>().Select(d => d.Certificates[0] as X509Certificate2).Where(c => c != null).FirstOrDefault();
return(cert);
}
public bool CheckEnvelopeSignature()
{
var nsManager = NameSpaces.MakeNsManager(xml.NameTable);
var sig = xml.SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security/ds:Signature", nsManager) as XmlElement;
if (sig == null)
{
throw new ModelBuildException("Could not find Liberty signature element");
}
sig = MakeSignatureCheckSamlCompliant(sig);
LoadXml(sig);
var cert = KeyInfo.Cast <KeyInfoX509Data>().Select(d => d.Certificates[0] as X509Certificate2).Where(c => c != null).FirstOrDefault();
if (cert == null)
{
throw new InvalidOperationException("No X509Certificate2 certificate found in Keyinfo");
}
return(CheckSignature(cert, true));
}