I have a SharePoint 2013 site and have been using SHA1 for some time. Now, we need to switch to SHA256 and am unable to verify assertion or response/message signatures. I can run the code on a non-SharePoint server (IIS 7) with successful results (signature validated). I could not find anything specific to SharePoint in the forums, but I wouldn't think I am the first (especially with SP2013). Is SharePoint running an insufficient version of .NET for SHA256 even though .NET 4.5 is installed?
I know we are running an old version of ComponentSpace.SAML2.dll, but I would rather not have to upgrade to your current version and have to deploy new code. Comfort level/laziness/confidence... All the same.
Any help is appreciated.
ComponentSpace.SAML2.dll Version: 2.4.0.9 Windows Server 2008 R2 Standard, Service Pack 1 .NET Max Version Installed: 4.5.50938
ComponentSpace.SAML2 Verbose: 0 : 2:50:50 PM: Exception: ComponentSpace.SAML2.SAMLSignatureException: Failed to verify the XML signature. ---> System.Security.Cryptography.CryptographicException: SignatureDescription could not be created for the signature algorithm supplied. at System.Security.Cryptography.Xml.SignedXml.CheckSignedInfo(AsymmetricAlgorithm key) at System.Security.Cryptography.Xml.SignedXml.CheckSignature(AsymmetricAlgorithm key) at ComponentSpace.SAML2.XmlSignature.Verify(XmlElement xmlElement, AsymmetricAlgorithm signingKey, SignedXml signedXml)
|