/// <summary>
/// Provides information about the cryptographic key that an entity uses to receive encrypted keys.
/// </summary>
/// <param name="certificate"></param>
/// <returns></returns>
public IDPSSODescriptorBuilder AddEncryptionKey(X509Certificate2 certificate)
{
var keyDescriptor = new KeyDescriptorType
{
useSpecified = true,
use = KeyTypes.encryption,
KeyInfo = KeyInfoBuilder.Build(certificate)
};
_idpSSODescriptorType.KeyDescriptor = _idpSSODescriptorType.KeyDescriptor.Add(keyDescriptor);
return this;
}
/// <summary>
/// Provides information about the cryptographic key that an entity uses to sign data.
/// </summary>
/// <param name="certificate"></param>
/// <returns></returns>
public SPSSODescriptorBuilder AddSigningKey(X509Certificate2 certificate)
{
var keyDescriptor = new KeyDescriptorType
{
useSpecified = true,
use = KeyTypes.signing,
KeyInfo = KeyInfoBuilder.Build(certificate)
};
_spSSODescriptorType.KeyDescriptor = _spSSODescriptorType.KeyDescriptor.Add(keyDescriptor);
return(this);
}
/// <summary>
/// The SAML issuer uses its certificate to produce a holder-of-key SAML assertion.
/// The relying party consumes the assertion, confirming the attesting entity by comparing the X.509 data in the assertion with the X.509 data in its possession.
/// </summary>
/// <param name="certificate"></param>
/// <returns></returns>
public SubjectBuilder AddSubjectConfirmationHolderOfKey(X509Certificate2 certificate)
{
var subjectConfirmation = new SubjectConfirmationType
{
Method = Constants.ConfirmationMethodIdentifiers.HolderOfKey,
SubjectConfirmationData = new KeyInfoConfirmationDataType
{
KeyInfo = KeyInfoBuilder.Build(certificate)
}
};
AddSubjectConfirmation(subjectConfirmation);
return(this);
}