Class SAMLAssertionSignature

Permits XML signature generation and verification for SAML assertions.

Inheritance

System.Object

SAMLAssertionSignature

Inherited Members

System.Object.ToString()

System.Object.Equals(System.Object)

System.Object.Equals(System.Object, System.Object)

System.Object.ReferenceEquals(System.Object, System.Object)

System.Object.GetHashCode()

System.Object.GetType()

System.Object.MemberwiseClone()

Namespace: ComponentSpace.SAML2.Assertions

Assembly: ComponentSpace.Saml2.dll

Syntax

public static class SAMLAssertionSignature

Fields

DefaultInclusiveNamespacesPrefixList

The default inclusive namespace prefix list.

Declaration

public const string DefaultInclusiveNamespacesPrefixList = "#default saml ds xs xsi"

Field Value

Type	Description
System.String

Methods

Generate(XmlElement, AsymmetricAlgorithm)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, X509Certificate2)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, X509Certificate2 x509Certificate)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.Security.Cryptography.X509Certificates.X509Certificate2	x509Certificate	The X.509 certificate to include in the key info.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key. Key info, using the supplied X.509 certificate, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, X509Certificate2, String, String, String)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, X509Certificate2 x509Certificate, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.Security.Cryptography.X509Certificates.X509Certificate2	x509Certificate	The X.509 certificate to include in the key info.
System.String	inclusiveNamespacesPrefixList	The inclusive namespace prefix list or null to default to #default saml ds xs xsi.
System.String	digestMethod	The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.
System.String	signatureMethod	The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key. Key info, using the supplied X.509 certificate, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, X509Certificate2Collection)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, X509Certificate2Collection x509Certificates)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.Security.Cryptography.X509Certificates.X509Certificate2Collection	x509Certificates	The list of X.509 certificate to include in the key info.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key. Key info, using the supplied X.509 certificates, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, X509Certificate2Collection, String, String, String)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, X509Certificate2Collection x509Certificates, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.Security.Cryptography.X509Certificates.X509Certificate2Collection	x509Certificates	The list of X.509 certificate to include in the key info.
System.String	inclusiveNamespacesPrefixList	The inclusive namespace prefix list or null to default to #default saml ds xs xsi.
System.String	digestMethod	The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.
System.String	signatureMethod	The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key. Key info, using the supplied X.509 certificates, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, KeyInfo)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, KeyInfo keyInfo)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.Security.Cryptography.Xml.KeyInfo	keyInfo	The key info to include in the signature.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key. The key info will be included in the signature.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, KeyInfo, String, String, String)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, KeyInfo keyInfo, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.Security.Cryptography.Xml.KeyInfo	keyInfo	The key info to include in the signature.
System.String	inclusiveNamespacesPrefixList	The inclusive namespace prefix list or null to default to #default saml ds xs xsi.
System.String	digestMethod	The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.
System.String	signatureMethod	The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key. The key info will be included in the signature.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, KeyInfoX509Data)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, KeyInfoX509Data keyInfoX509Data)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.Security.Cryptography.Xml.KeyInfoX509Data	keyInfoX509Data	The X.509 data to include in the signature.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key. Key info, using the supplied X.509 data, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, KeyInfoX509Data, String, String, String)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, KeyInfoX509Data keyInfoX509Data, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.Security.Cryptography.Xml.KeyInfoX509Data	keyInfoX509Data	The X.509 data to include in the signature.
System.String	inclusiveNamespacesPrefixList	The inclusive namespace prefix list or null to default to #default saml ds xs xsi.
System.String	digestMethod	The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.
System.String	signatureMethod	The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key. Key info, using the supplied X.509 data, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, String, String, String)

Generates an XML signature and adds it to the SAML assertion.

Declaration

public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion to sign.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The signing key.
System.String	inclusiveNamespacesPrefixList	The inclusive namespace prefix list or null to default to #default saml ds xs xsi.
System.String	digestMethod	The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.
System.String	signatureMethod	The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the SAML assertion. The signature is created using the supplied signing key.

The generated signature is added to the supplied XML element.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature generation fails.

GetCertificate(XmlElement)

Gets the X.509 certificate embedded in the XML signature or null if none.

Declaration

public static X509Certificate2 GetCertificate(XmlElement xmlElement)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion containing the signature with X.509 certificate.

Returns

Type	Description
System.Security.Cryptography.X509Certificates.X509Certificate2	The X.509 certificate embedded in the XML signature or null if none.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the X.509 certificate retrieval fails.

See Also

GetKeyInfo(XmlElement)

GetKeyInfo(XmlElement)

Gets the key info embedded in the XML signature or null if none.

Declaration

public static KeyInfo GetKeyInfo(XmlElement xmlElement)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion containing the signature with key info.

Returns

Type	Description
System.Security.Cryptography.Xml.KeyInfo	The key info embedded in the XML signature or null if none.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the key info retrieval fails.

See Also

GetCertificate(XmlElement)

IsSigned(XmlElement)

Indicates whether the SAML assertion contains an XML signature.

Declaration

public static bool IsSigned(XmlElement xmlElement)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion.

Returns

Type	Description
System.Boolean	true if the XML contains an XML signature; otherwise false.

RemoveSignature(XmlElement)

Removes the XML signature, if any, from the SAML assertion.

Declaration

public static void RemoveSignature(XmlElement xmlElement)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion.

Verify(XmlElement)

Verifies the XML signature.

Declaration

public static bool Verify(XmlElement xmlElement)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion containing the signature to verify.

Returns

Type	Description
System.Boolean	true if the XML signature is correct; otherwise false.

Remarks

The key info included with the signature is used to perform the verification.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature verification fails.

Verify(XmlElement, AsymmetricAlgorithm)

Verifies the XML signature.

Declaration

public static bool Verify(XmlElement xmlElement, AsymmetricAlgorithm signingKey)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion containing the signature to verify.
System.Security.Cryptography.AsymmetricAlgorithm	signingKey	The public key used to perform the verification or null if none.

Returns

Type	Description
System.Boolean	true if the XML signature is correct; otherwise false.

Remarks

The supplied public key is used to perform the verification.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature verification fails.

Verify(XmlElement, X509Certificate2)

Verifies the XML signature.

Declaration

public static bool Verify(XmlElement xmlElement, X509Certificate2 x509Certificate)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion containing the signature to verify.
System.Security.Cryptography.X509Certificates.X509Certificate2	x509Certificate	The X.509 certificate used to perform the verification.

Returns

Type	Description
System.Boolean	true if the XML signature is correct; otherwise false.

Remarks

The supplied X.509 certificate is used to perform the verification.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature verification fails.

Verify(XmlElement, KeyInfo)

Verifies the XML signature.

Declaration

public static bool Verify(XmlElement xmlElement, KeyInfo keyInfo)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion containing the signature to verify.
System.Security.Cryptography.Xml.KeyInfo	keyInfo	The key info used to perform the verification or null if none.

Returns

Type	Description
System.Boolean	true if the XML signature is correct; otherwise false.

Remarks

The supplied key info is used to perform the verification.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature verification fails.

Verify(XmlElement, KeyInfoX509Data)

Verifies the XML signature.

Declaration

public static bool Verify(XmlElement xmlElement, KeyInfoX509Data keyInfoX509Data)

Parameters

Type	Name	Description
System.Xml.XmlElement	xmlElement	The SAML assertion containing the signature to verify.
System.Security.Cryptography.Xml.KeyInfoX509Data	keyInfoX509Data	The X.509 data used to perform the verification or null if none.

Returns

Type	Description
System.Boolean	true if the XML signature is correct; otherwise false.

Remarks

The supplied X.509 data is used to perform the verification.

Exceptions

Type	Condition
SAMLSignatureException	Thrown when the signature verification fails.