Subject: .NET Support for STR-TRANSFORM Transform Algorithm
Date: 2014-06-19 14:53:58
From: Thomas Williams
Source: net-support-str-transform-transform-algorithm

I am trying to help a business partner who is a .NET consumer of a SOAP message bound to a SAML assertion. I am the Java producer of the message. The SOAP message contains a SAML2 assertion in the Security header. The assertion is signed at the message level using the STR-TRANSFORM algorithm:

<ds:Transform Algorithm="">

This transform algorithm resolves a reference to the assertion so that the signature over the assertion can be validated.

The .NET client fails on signature validation:

An error occurred: 'System.Security.Cryptography.CryptographicException: Unknown transform has been encountered.
   at System.Security.Cryptography.Xml.Reference.LoadXml(XmlElement value)
   at System.Security.Cryptography.Xml.SignedInfo.LoadXml(XmlElement value)
   at System.Security.Cryptography.Xml.Signature.LoadXml(XmlElement value)
   at System.Security.Cryptography.Xml.SignedXml.LoadXml(XmlElement value)

This transform is required by OASIS specification (Section 3.4.3 (SAML Assertion Referenced from SignedInfo) of the OASIS Web Services Security SAML Token Profile Version 1.1.1).

Can Ultimate SAML help with this use case? I am not a ComponentPro customer. My business partner is looking for a solution and I am helping with the search.

Thank you for your help.


---------------------------------------------------------------------- Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor who sold you the license and ask for your money back. Back to ComponentPro Q&A Forum Index