public ISignatureProvider CreateFromAlgorithmName(Type signingKeyType, ShaHashingAlgorithm hashingAlgorithm)
{
System.Console.WriteLine("[SignatureProviderFactory][CreateFromAlgorithmName] => signingKeyType: " + signingKeyType);
System.Console.WriteLine("[SignatureProviderFactory][CreateFromAlgorithmName] => hashingAlgorithm: " + hashingAlgorithm);
if (signingKeyType.IsSubclassOf(typeof(RSA)))
{
switch (hashingAlgorithm)
{
case ShaHashingAlgorithm.SHA1: return(new RsaSha1SignatureProvider());
case ShaHashingAlgorithm.SHA256: return(new RsaSha256SignatureProvider());
case ShaHashingAlgorithm.SHA512: return(new RsaSha512SignatureProvider());
default: throw new InvalidOperationException($"Unsupported hashing algorithm '{hashingAlgorithm}' provideded while using RSA signing key");
}
}
if (signingKeyType.IsSubclassOf(typeof(DSA)))
{
return(new DsaSha1SignatureProvider());
}
throw new InvalidOperationException($"The signing key type {signingKeyType.FullName} is not supported by OIOSAML.NET. It must be either a DSA or RSA key.");
}
/// <summary>
/// Returns a signature provider based on a hashing algorithm
/// </summary>
/// <param name="hashingAlgorithm"></param>
/// <returns></returns>
public static ISignatureProvider CreateFromShaHashingAlgorithmName(ShaHashingAlgorithm hashingAlgorithm)
{
switch (hashingAlgorithm)
{
case ShaHashingAlgorithm.SHA1: return(new RsaSha1SignatureProvider());
case ShaHashingAlgorithm.SHA256: return(new RsaSha256SignatureProvider());
case ShaHashingAlgorithm.SHA512: return(new RsaSha512SignatureProvider());
default:
throw new InvalidOperationException(
$"Unsupported hashing algorithm '{hashingAlgorithm}' provideded while using RSA signing key");
}
}
/// <summary>
/// If an asymmetric key has been specified, sign the request.
/// </summary>
private void AddSignature(StringBuilder result, AsymmetricAlgorithm signingKey,
ShaHashingAlgorithm hashingAlgorithm)
{
System.Console.WriteLine("");
System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result);
System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signingKey: " + signingKey);
System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => hashingAlgorithm: " + hashingAlgorithm);
System.Console.WriteLine("");
if (signingKey == null)
{
return;
}
result.Append(string.Format("&{0}=", HttpRedirectBindingConstants.SigAlg));
//System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result);
var signingProvider =
_signatureProviderFactory.CreateFromAlgorithmName(signingKey.GetType(), hashingAlgorithm);
System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signingProvider: " + signingProvider);
var urlEncoded = signingProvider.SignatureUri.UrlEncode();
System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => urlEncoded: " + urlEncoded);
result.Append(urlEncoded.UpperCaseUrlEncode());
//System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result);
// Calculate the signature of the URL as described in [SAMLBind] section 3.4.4.1.
var signature = signingProvider.SignData(signingKey, Encoding.UTF8.GetBytes(result.ToString()));
System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signature: " + signature);
result.AppendFormat("&{0}=", HttpRedirectBindingConstants.Signature);
result.Append(HttpUtility.UrlEncode(Convert.ToBase64String(signature)));
System.Console.WriteLine("");
System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result);
System.Console.WriteLine("");
}
