0
我正在使用visual studio 2005,並且希望驗證具有應用程序證書的SAML響應證書,這裏我從身份提供商那裏得到SAML響應,並且它發送帶有證書的SAML響應,並且應用程序單獨擁有相同的證書,這裏我需要檢查SAML響應是否具有SAML證書。你能請任何人幫助我嗎? With Thanks, Gopi G如何使用C#驗證證書?
我正在使用visual studio 2005,並且希望驗證具有應用程序證書的SAML響應證書,這裏我從身份提供商那裏得到SAML響應,並且它發送帶有證書的SAML響應,並且應用程序單獨擁有相同的證書,這裏我需要檢查SAML響應是否具有SAML證書。你能請任何人幫助我嗎? With Thanks, Gopi G如何使用C#驗證證書?
下面是如何驗證完整SAML身份驗證響應的簽名的示例。斷言簽名驗證類似。
const string XpathResponseSignatureCertificate = "/samlp:Response/ds:Signature/ds:KeyInfo/ds:X509Data/ds:X509Certificate";
XmlElement xmlResponseSignature = GetSignatureElement(authenticationResponse);
// Get certificate from IdP metadata document
X509Certificate2 signingCertificate = identityProvider.SigningCertificate;
XmlDocument responseXmlDocument = GetResponseAsXmlDocument(string samlResponse);
XmlNode responseSignatureXmlNode = this.responseXmlDocument.DocumentElement.SelectSingleNode(XpathResponseSignatureCertificate, this.namespaceManager);
XmlElement xmlSignature = responseSignatureXmlNode .InnerText.Trim()
SignedXml signedXml = new SignedXml(ResponseXmlDocumen;
signedXml.LoadXml((XmlElement)xmlSignature);
if (signedXml.CheckSignature(cert, true) == false)
{
throw new Exception("Not valid signature");
}
bool isReferenceValid = false;
foreach (Reference reference in signedXml.SignedInfo.References)
{
string refValue = reference.Uri.Substring(1);
if (refValue == authenticationResponse.Id)
{
isReferenceValid = true;
}
}
if (isReferenceValid == false)
{
throw new Exception("Not valid signature reference");
}