public static SamlAssertion CreateSymmetricKeyBasedAssertion(ClaimSet claims, X509SecurityToken signatureToken, X509SecurityToken encryptionToken, BinarySecretSecurityToken proofToken, SecurityAlgorithmSuite algoSuite) { if (claims == null) { throw new ArgumentNullException("claims"); } if (claims.Count == 0) { throw new ArgumentException("Provided ClaimSet must contain at least one claim"); } if (proofToken == null) { throw new ArgumentNullException("proofToken"); } if (signatureToken == null) { throw new ArgumentNullException("signatureToken"); } if (encryptionToken == null) { throw new ArgumentNullException("encryptionToken"); } if (proofToken == null) { throw new ArgumentNullException("proofToken"); } if (algoSuite == null) { throw new ArgumentNullException("algoSuite"); } SecurityKey signatureKey = signatureToken.SecurityKeys[0]; SecurityKeyIdentifierClause securityKeyIdentifierClause = signatureToken.CreateKeyIdentifierClause <X509ThumbprintKeyIdentifierClause>(); SecurityKeyIdentifier signatureKeyIdentifier = new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { securityKeyIdentifierClause }); SecurityKey securityKey = encryptionToken.SecurityKeys[0]; SecurityKeyIdentifierClause securityKeyIdentifierClause2 = encryptionToken.CreateKeyIdentifierClause <X509ThumbprintKeyIdentifierClause>(); SecurityKeyIdentifier encryptingKeyIdentifier = new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { securityKeyIdentifierClause2 }); byte[] keyBytes = proofToken.GetKeyBytes(); byte[] encryptedKey = new byte[keyBytes.Length]; encryptedKey = securityKey.EncryptKey(algoSuite.DefaultAsymmetricKeyWrapAlgorithm, keyBytes); SecurityKeyIdentifier proofKeyIdentifier = new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { new EncryptedKeyIdentifierClause(encryptedKey, algoSuite.DefaultAsymmetricKeyWrapAlgorithm, encryptingKeyIdentifier) }); return(SamlUtilities.CreateAssertion(claims, signatureKey, signatureKeyIdentifier, proofKeyIdentifier, algoSuite)); }
public static SamlAssertion CreateAsymmetricKeyBasedAssertion(ClaimSet claims, SecurityToken proofToken, SecurityAlgorithmSuite algoSuite) { if (claims == null) { throw new ArgumentNullException("claims"); } if (proofToken == null) { throw new ArgumentNullException("proofToken"); } if (claims.Count == 0) { throw new ArgumentException("Provided ClaimSet must contain at least one claim"); } SecurityKeyIdentifier securityKeyIdentifier = new SecurityKeyIdentifier(new SecurityKeyIdentifierClause[] { proofToken.CreateKeyIdentifierClause <RsaKeyIdentifierClause>() }); SecurityKey signatureKey = proofToken.SecurityKeys[0]; SecurityKeyIdentifier signatureKeyIdentifier = securityKeyIdentifier; return(SamlUtilities.CreateAssertion(claims, signatureKey, signatureKeyIdentifier, securityKeyIdentifier, algoSuite)); }