Class SAMLMetadataSignature

Permits XML signature generation and verification for SAML metadata.

Inheritance
System.Object
SAMLMetadataSignature
Inherited Members
System.Object.ToString()
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
Namespace: ComponentSpace.SAML2.Metadata
Assembly: ComponentSpace.Saml2.dll
Syntax
public static class SAMLMetadataSignature

Fields

DefaultInclusiveNamespacesPrefixList

The default inclusive namespace prefix list.

Declaration
public const string DefaultInclusiveNamespacesPrefixList = "#default md saml ds xs xsi"
Field Value
Type Description
System.String

Methods

Generate(XmlElement, AsymmetricAlgorithm)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, X509Certificate2)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, X509Certificate2 x509Certificate)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.Security.Cryptography.X509Certificates.X509Certificate2 x509Certificate

The X.509 certificate to include in the key info.
Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key. Key info, using the supplied X.509 certificate, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, X509Certificate2, String, String, String)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, X509Certificate2 x509Certificate, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.Security.Cryptography.X509Certificates.X509Certificate2 x509Certificate

The X.509 certificate to include in the key info.
System.String inclusiveNamespacesPrefixList

The inclusive namespace prefix list or null to default to #default md saml ds xs xsi.
System.String digestMethod

The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.

System.String signatureMethod

The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key. Key info, using the supplied X.509 certificate, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, X509Certificate2Collection)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, X509Certificate2Collection x509Certificates)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.Security.Cryptography.X509Certificates.X509Certificate2Collection x509Certificates

The list of X.509 certificate to include in the key info.
Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key. Key info, using the supplied X.509 certificates, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, X509Certificate2Collection, String, String, String)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, X509Certificate2Collection x509Certificates, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.Security.Cryptography.X509Certificates.X509Certificate2Collection x509Certificates

The list of X.509 certificate to include in the key info.
System.String inclusiveNamespacesPrefixList

The inclusive namespace prefix list or null to default to #default md saml ds xs xsi.
System.String digestMethod

The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.

System.String signatureMethod

The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key. Key info, using the supplied X.509 certificates, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, KeyInfo)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, KeyInfo keyInfo)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.Security.Cryptography.Xml.KeyInfo keyInfo

The key info to include in the signature.
Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key. The key info will be included in the signature.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, KeyInfo, String, String, String)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, KeyInfo keyInfo, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.Security.Cryptography.Xml.KeyInfo keyInfo

The key info to include in the signature.
System.String inclusiveNamespacesPrefixList

The inclusive namespace prefix list or null to default to #default md saml ds xs xsi.
System.String digestMethod

The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.

System.String signatureMethod

The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key. The key info will be included in the signature.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, KeyInfoX509Data)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, KeyInfoX509Data keyInfoX509Data)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.Security.Cryptography.Xml.KeyInfoX509Data keyInfoX509Data

The X.509 data to include in the signature.
Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key. Key info, using the supplied X.509 data, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, KeyInfoX509Data, String, String, String)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, KeyInfoX509Data keyInfoX509Data, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.Security.Cryptography.Xml.KeyInfoX509Data keyInfoX509Data

The X.509 data to include in the signature.
System.String inclusiveNamespacesPrefixList

The inclusive namespace prefix list or null to default to #default md saml ds xs xsi.
System.String digestMethod

The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.

System.String signatureMethod

The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key. Key info, using the supplied X.509 data, is included in the signature.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

Generate(XmlElement, AsymmetricAlgorithm, String, String, String)

Generates an XML signature and adds it to the metadata.

Declaration
public static void Generate(XmlElement xmlElement, AsymmetricAlgorithm signingKey, string inclusiveNamespacesPrefixList, string digestMethod, string signatureMethod)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata to sign.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The signing key.
System.String inclusiveNamespacesPrefixList

The inclusive namespace prefix list or null to default to #default md saml ds xs xsi.
System.String digestMethod

The digest method or null to default to http://www.w3.org/2001/04/xmlenc#sha256.

System.String signatureMethod

The signature method or null to default to http://www.w3.org/2001/04/xmldsig-more#rsa-sha256.

Remarks

An XML signature with the constraints specified in the SAML specification is generated and added to the metadata. The signature is created using the supplied signing key.

The generated signature is added to the supplied XML element.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature generation fails.

GetCertificate(XmlElement)

Gets the X.509 certificate embedded in the XML signature or null if none.

Declaration
public static X509Certificate2 GetCertificate(XmlElement xmlElement)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata containing the signature with X.509 certificate.
Returns
Type Description
System.Security.Cryptography.X509Certificates.X509Certificate2

The X.509 certificate embedded in the XML signature or null if none.
Exceptions
Type Condition
SAMLSignatureException

Thrown when the X.509 certificate retrieval fails.
See Also

GetKeyInfo(XmlElement)

Gets the key info embedded in the XML signature or null if none.

Declaration
public static KeyInfo GetKeyInfo(XmlElement xmlElement)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata containing the signature with key info.
Returns
Type Description
System.Security.Cryptography.Xml.KeyInfo

The key info embedded in the XML signature or null if none.
Exceptions
Type Condition
SAMLSignatureException

Thrown when the key info retrieval fails.
See Also

IsSigned(XmlElement)

Indicates whether the metadata contains an XML signature.

Declaration
public static bool IsSigned(XmlElement xmlElement)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata.
Returns
Type Description
System.Boolean

true if the XML contains an XML signature; otherwise false.

RemoveSignature(XmlElement)

Removes the XML signature, if any, from the metadata.

Declaration
public static void RemoveSignature(XmlElement xmlElement)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata.

Verify(XmlElement)

Verifies the XML signature.

Declaration
public static bool Verify(XmlElement xmlElement)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata containing the signature to verify.
Returns
Type Description
System.Boolean

true if the XML signature is correct; otherwise false.
Remarks

The key info included with the signature is used to perform the verification.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature verification fails.

Verify(XmlElement, AsymmetricAlgorithm)

Verifies the XML signature.

Declaration
public static bool Verify(XmlElement xmlElement, AsymmetricAlgorithm signingKey)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata containing the signature to verify.
System.Security.Cryptography.AsymmetricAlgorithm signingKey

The public key used to perform the verification or null if none.
Returns
Type Description
System.Boolean

true if the XML signature is correct; otherwise false.
Remarks

The supplied public key is used to perform the verification.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature verification fails.

Verify(XmlElement, X509Certificate2)

Verifies the XML signature.

Declaration
public static bool Verify(XmlElement xmlElement, X509Certificate2 x509Certificate)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata containing the signature to verify.
System.Security.Cryptography.X509Certificates.X509Certificate2 x509Certificate

The X.509 certificate used to perform the verification.
Returns
Type Description
System.Boolean

true if the XML signature is correct; otherwise false.
Remarks

The supplied X.509 certificate is used to perform the verification.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature verification fails.

Verify(XmlElement, KeyInfo)

Verifies the XML signature.

Declaration
public static bool Verify(XmlElement xmlElement, KeyInfo keyInfo)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata containing the signature to verify.
System.Security.Cryptography.Xml.KeyInfo keyInfo

The key info used to perform the verification or null if none.
Returns
Type Description
System.Boolean

true if the XML signature is correct; otherwise false.
Remarks

The supplied key info is used to perform the verification.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature verification fails.

Verify(XmlElement, KeyInfoX509Data)

Verifies the XML signature.

Declaration
public static bool Verify(XmlElement xmlElement, KeyInfoX509Data keyInfoX509Data)
Parameters
Type Name Description
System.Xml.XmlElement xmlElement

The metadata containing the signature to verify.
System.Security.Cryptography.Xml.KeyInfoX509Data keyInfoX509Data

The X.509 data used to perform the verification or null if none.
Returns
Type Description
System.Boolean

true if the XML signature is correct; otherwise false.
Remarks

The supplied X.509 data is used to perform the verification.

Exceptions
Type Condition
SAMLSignatureException

Thrown when the signature verification fails.