Hi,
I have got an IdP (adfs) and SP (a web form with multi-tenancy). I created a relying party in adfs and specified sp.cer in Signature and Encryption with SHA-1 Hash alogritham. And in SP I loaded the sp.pfx file in configuration as well as use sp.pfx to decrypt the encrypted assertions.
It works fine with above configuration in adfs and sp.cer but as soon as I use actual certificate I get below exception: Invalid algorithm specified.
[CryptographicException: Invalid algorithm specified.] System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) +41 System.Security.Cryptography.Utils.SignValue(SafeKeyHandle hKey, Int32 keyNumber, Int32 calgKey, Int32 calgHash, Byte[] hash, Int32 cbHash, ObjectHandleOnStack retSignature) +0 System.Security.Cryptography.Utils.SignValue(SafeKeyHandle hKey, Int32 keyNumber, Int32 calgKey, Int32 calgHash, Byte[] hash) +97 System.Security.Cryptography.RSACryptoServiceProvider.SignHash(Byte[] rgbHash, Int32 calgHash) +199 ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.GenerateSignature(AsymmetricAlgorithm key, String signatureAlgorithm, Byte[] dataToSign) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\Bindings\HTTPRedirectBinding.cs:121
[SAMLSignatureException: Failed to generate signature] ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.GenerateSignature(AsymmetricAlgorithm key, String signatureAlgorithm, Byte[] dataToSign) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\Bindings\HTTPRedirectBinding.cs:138 ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.CreateQueryString(String messageQueryName, XmlElement samlMessage, String relayState, AsymmetricAlgorithm key, String signatureAlgorithm) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\Bindings\HTTPRedirectBinding.cs:417 ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.CreateRequestRedirectURL(String baseURL, XmlElement samlMessage, String relayState, AsymmetricAlgorithm key, String signatureAlgorithm) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\Bindings\HTTPRedirectBinding.cs:494 ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.SendRequest(HttpResponse httpResponse, String baseURL, XmlElement samlMessage, String relayState, AsymmetricAlgorithm key, String signatureAlgorithm) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\Bindings\HTTPRedirectBinding.cs:749 ComponentSpace.SAML2.InternalSAMLServiceProvider.SendAuthnRequest(HttpResponse httpResponse, XmlElement authnRequestElement, String relayState, String singleSignOnServiceUrl) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\InternalSAMLServiceProvider.cs:239 ComponentSpace.SAML2.InternalSAMLServiceProvider.InitiateSSO(HttpResponse httpResponse, String relayState, String partnerIdP, SSOOptions ssoOptions, String assertionConsumerServiceUrl, String singleSignOnServiceUrl) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\InternalSAMLServiceProvider.cs:874 ComponentSpace.SAML2.SAMLServiceProvider.InitiateSSO(HttpResponse httpResponse) in C:\Sandboxes\ComponentSpace\SAMLv20\Library\SAMLServiceProvider.cs:320 mmasood.Web.RedirectToLogin.Page_Load(Object sender, EventArgs e) in c:\prj\src\Web\RedirectToLogin.aspx.cs:17 System.Web.UI.Control.OnLoad(EventArgs e) +109 System.Web.UI.Control.LoadRecursive() +68 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +4498
Please suggest any direction.
Thanks, Muhammad
|