/// <summary> /// Signs the document. /// </summary> /// <param name="doc">The doc.</param> private static void SignDocument(XmlDocument doc, X509Certificate2 certificate, AlgorithmType signatureAlgorithm) { if (!certificate.HasPrivateKey) { throw new InvalidOperationException("Private key access to the signing certificate is required."); } XmlSignatureUtils.GenericSign(doc, doc.DocumentElement.GetAttribute("ID"), certificate, (appDoc, xmlElm) => { // Append the computed signature. The signature must be placed as the sibling of the Issuer element. appDoc.DocumentElement.InsertBefore(appDoc.ImportNode(xmlElm, true), appDoc.DocumentElement.FirstChild); }, signatureAlgorithm); }
/// <summary> /// Adds the signature. /// </summary> /// <param name="assertionDocument">The assertion document.</param> /// <param name="cert">The cert.</param> private static void AddSignature(XmlDocument assertionDocument, X509Certificate2 cert, AlgorithmType algorithmType) { var list = assertionDocument.GetElementsByTagName(Assertion.ElementName, Saml20Constants.Assertion); var el = (XmlElement)list[0]; XmlSignatureUtils.GenericSign(assertionDocument, el.GetAttribute("ID"), cert, (doc, signedXml) => { // Append the computed signature. The signature must be placed as the sibling of the Issuer element. var nodes = doc.DocumentElement.GetElementsByTagName("Issuer", Saml20Constants.Assertion); if (nodes.Count != 1) { throw new Saml20Exception("Assertion MUST contain one <Issuer> element."); } doc.DocumentElement.InsertAfter(assertionDocument.ImportNode(signedXml, true), nodes[0]); }, algorithmType); }