如何使用C#验证证书?
我使用的是visual studio 2005,我想用应用程序证书验证SAML响应证书,这里我从身份提供程序获得了一个SAML响应,它用证书发送SAML响应,并且应用程序分别拥有相同的证书,这里我需要检查SAML响应是否具有SAML证书。你能请任何人帮我吗? 谢谢你,如何使用C#验证证书?,c#,saml-2.0,C#,Saml 2.0,我使用的是visual studio 2005,我想用应用程序证书验证SAML响应证书,这里我从身份提供程序获得了一个SAML响应,它用证书发送SAML响应,并且应用程序分别拥有相同的证书,这里我需要检查SAML响应是否具有SAML证书。你能请任何人帮我吗? 谢谢你, Gopi G以下是示例,如何验证完整SAML身份验证响应的签名。断言签名验证与此类似 const string XpathResponseSignatureCertificate = "/samlp:Response/ds:Sig
Gopi G以下是示例,如何验证完整SAML身份验证响应的签名。断言签名验证与此类似
const string XpathResponseSignatureCertificate = "/samlp:Response/ds:Signature/ds:KeyInfo/ds:X509Data/ds:X509Certificate";
XmlElement xmlResponseSignature = GetSignatureElement(authenticationResponse);
// Get certificate from IdP metadata document
X509Certificate2 signingCertificate = identityProvider.SigningCertificate;
XmlDocument responseXmlDocument = GetResponseAsXmlDocument(string samlResponse);
XmlNode responseSignatureXmlNode = this.responseXmlDocument.DocumentElement.SelectSingleNode(XpathResponseSignatureCertificate, this.namespaceManager);
XmlElement xmlSignature = responseSignatureXmlNode .InnerText.Trim()
SignedXml signedXml = new SignedXml(ResponseXmlDocumen;
signedXml.LoadXml((XmlElement)xmlSignature);
if (signedXml.CheckSignature(cert, true) == false)
{
throw new Exception("Not valid signature");
}
bool isReferenceValid = false;
foreach (Reference reference in signedXml.SignedInfo.References)
{
string refValue = reference.Uri.Substring(1);
if (refValue == authenticationResponse.Id)
{
isReferenceValid = true;
}
}
if (isReferenceValid == false)
{
throw new Exception("Not valid signature reference");
}