Exemplo n.º 1
0
        private static string AddSignature(string queryString, ISaml2Message message)
        {
            string signingAlgorithmUrl = message.SigningAlgorithm;

            queryString += "&SigAlg=" + Uri.EscapeDataString(signingAlgorithmUrl);
            var           signatureDescription = (SignatureDescription)CryptographyExtensions.CreateAlgorithmFromName(signingAlgorithmUrl);
            HashAlgorithm hashAlg = signatureDescription.CreateDigest();

            hashAlg.ComputeHash(Encoding.UTF8.GetBytes(queryString));
            AsymmetricSignatureFormatter asymmetricSignatureFormatter =
                signatureDescription.CreateFormatter(
                    EnvironmentHelpers.IsNetCore ? message.SigningCertificate.PrivateKey :
                    ((RSACryptoServiceProvider)message.SigningCertificate.PrivateKey)
                    .GetSha256EnabledRSACryptoServiceProvider());

            byte[] signatureValue = asymmetricSignatureFormatter.CreateSignature(hashAlg);
            queryString += "&Signature=" + Uri.EscapeDataString(Convert.ToBase64String(signatureValue));
            return(queryString);
        }
Exemplo n.º 2
0
        public void Saml2RedirectBinding_Bind_AddsSignature()
        {
            var actual = CreateAndBindMessageWithSignature();

            var queryParams = HttpUtility.ParseQueryString(actual.Location.Query);
            var query       = actual.Location.Query.TrimStart('?');

            var signedData = query.Split(new[] { "&Signature=" }, StringSplitOptions.None)[0];

            var sigalg = queryParams["SigAlg"];
            var signatureDescription = (SignatureDescription)CryptographyExtensions
                                       .CreateAlgorithmFromName(sigalg);

            var hashAlg = signatureDescription.CreateDigest();

            hashAlg.ComputeHash(Encoding.UTF8.GetBytes(signedData));
            var asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(
                SignedXmlHelper.TestCert.PublicKey.Key);

            asymmetricSignatureDeformatter.VerifySignature(
                hashAlg, Convert.FromBase64String(queryParams["Signature"]))
            .Should().BeTrue("signature should be valid");
        }