private string SigneQueryString(string queryString, X509Certificate2 signingCertificate)
{
var saml2Signed = new Saml2Sign(signingCertificate.PrivateKey);
SignatureAlgorithm = signingCertificate.PrivateKey.SignatureAlgorithm;
Signature = Convert.ToBase64String(saml2Signed.SignData(Encoding.UTF8.GetBytes(queryString)));
return(string.Join("&", queryString, string.Join("=", Saml2Constants.Message.Signature, HttpUtility.UrlEncode(Signature))));
}
private void ValidateQueryStringSignature(string queryString, string messageName, byte[] signatureValue, X509Certificate2 signatureValidationCertificate)
{
var saml2Sign = new Saml2Sign(signatureValidationCertificate.PublicKey.Key);
Signature = Encoding.UTF8.GetString(signatureValue);
if (!saml2Sign.CheckSignature(new RawSaml2QueryString(queryString, messageName).SignedQueryString, signatureValue))
{
throw new Saml2ResponseException("Signature is invalid (SHA256 algorithm is not supported).");
}
}
