index > Windows Communication Foundation > Validate java SAML signature from C#

Validate java SAML signature from C#

Hi,

How can i validate in .Net C# a SAML signature created in Java? Here is the SAML Signature that i get from Java:

<pre>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig# ">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# ">
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1 ">
</ds:SignatureMethod>
<ds:Reference URI="#_e8bcba9d1c76d128938bddd5ae8c68e1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature ">
</ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# ">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n# " PrefixList="code ds kind rw saml samlp typens #default xsd xsi">
</ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1 ">
</ds:DigestMethod>
<ds:DigestValue>zEL7mB0Wkl+LtjMViO1imbucXiE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
jpIX3WbX9SCFnqrpDyLj4TeJN5DGIvlEH+o/mb9M01VGdgFRLtfHqIm16BloApUPg2dDafmc9DwL
Pyvs3TJ/hi0Q8f0ucaKdIuw+gBGxWFMcj/U68ZuLiv7U+Qe7i4ZA33rWPorkE82yfMacGf6ropPt
v73mC0bpBP1ubo5qbM4=
</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIDBDCCAeygAwIBAgIIC/ktBs1lgYcwDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UEAwwIQWRtaW5D
QTExFTATBgNVBAoMDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0UwHhcNMDkwMjIzMTAwMzEzWhcN
MTgxMDE1MDkyNTQyWjBaMRQwEgYDVQQDDAsxMC41NS40MC42MTEbMBkGA1UECwwST24gRGVtYW5k
IFBsYXRmb3JtMRIwEAYDVQQLDAlPbiBEZW1hbmQxETAPBgNVBAsMCFNvZnR3YXJlMIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQCk5EqiedxA6WEE9N2vegSCqleFpXMfGplkrcPOdXTRLLOuRgQJ
LEsOaqspDFoqk7yJgr7kaQROjB9OicSH7Hhsu7HbdD6N3ntwQYoeNZ8nvLSSx4jz21zvswxAqw1p
DoGl3J6hks5owL4eYs2yRHvqgqXyZoxCccYwc4fYzMi42wIDAQABo3UwczAdBgNVHQ4EFgQUkrpk
yryZToKXOXuiU2hNsKXLbyIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSiviFUK7DUsjvByMfK
g+pm4b2s7DAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEF
BQADggEBAKb94tnK2obEyvw8ZJ87u7gvkMxIezpBi/SqXTEBK1by0NHs8VJmdDN9+aOvC5np4fOL
fFcRH++n6fvemEGgIkK3pOmNL5WiPpbWxrx55Yqwnr6eLsbdATALE4cgyZWHl/E0uVO2Ixlqeygw
XTfg450cCWj4yfPTVZ73raKaDTWZK/Tnt7+ulm8xN+YWUIIbtW3KBQbGomqOzpftALyIKLVtBq7L
J0hgsKGHNUnssWj5dt3bYrHgzaWLlpW3ikdRd67Nf0c1zOEgKHNEozrtRKiLLy+3bIiFk0CHImac
1zeqLlhjrG3OmIsIjxc1Vbc0+E+z6Unco474oSGf+D1DO+Y=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</pre>

I validate the signature of a SAML signed in .Net but not of this Java one.

If someone knows please help!!

Thank you very much.

Adrya84

Hi Adrya,

From the XML fragment you provided, it isa signed XML fragment(using Xml digital signing technology). TheWCF internal token serialization will perform the signing and verifying internally while the developer do not need to do it themselves. If you do need to manually perform verification,you can have a look at the XMLdigital signingcomponents in .NET framework.

Here are some reference articles on XML signing and verification:

#XML Digital Signatures in .Net

http://blogs.msdn.com/shawnfa/archive/2003/11/12/57030.aspx

#How to: Sign XML Documents with Digital Signatures

http://msdn.microsoft.com/en-us/library/ms229745.aspx

#How to: Verify the Digital Signatures of XML Documents

http://msdn.microsoft.com/en-us/library/ms229950.aspx

Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Marked As Answer bySteven Cheng - MSFTMSFT, ModeratorThursday, September 24, 2009 3:02 AM

Steven Cheng - MSFT

Hi,

Thank you very much, those links helped a lot.
Found another one that signs with certificate: http://msdn.microsoft.com/en-us/library/ms148731.aspx maybe it helps someone else.

Thanks alot again,
Adrya