Subject: Signing error
Date: 2013-04-11 18:25:26
From: Paul Basarab
Source: signing-error
----------------------------------------------------------------------



	So here is the relevant code:



	[code lang='vb']



	Private _verifyX509Certificate As X509Certificate2



	Public Sub AssertionTest()

	        Try

	            ' Create a SAML response object.

	            If _verifyX509Certificate Is Nothing Then

	                LoadVerifyCertificate()

	            End If

	            Dim targetUrl As String = "http://localhost:59496"

	            Dim serviceUrl As String = "http://localhost:59496/sso/rflsso.aspx"

	            Dim samlResponse As New ComponentPro.Saml2.Response()

	            ' Assign the consumer service url.

	            samlResponse.Destination = serviceUrl

	            Dim issuer As New Issuer(GetAbsoluteUrl("~/"))

	            samlResponse.Issuer = issuer

	            samlResponse.Status = New Status(SamlPrimaryStatusCode.Success, Nothing)

	

	            Dim samlAssertion As New Assertion()

	            samlAssertion.Issuer = issuer

	

	            ' Use the local user's local identity.

	            '"urn:test", NameIdentifierFormats.X509SubjectName, "uid=test,ou=People,dc=test,dc=com"

	            Dim subject As New Subject(New NameId(System.Guid.NewGuid.ToString))

	            Dim subjectConfirmation As New SubjectConfirmation(SamlSubjectConfirmationMethod.Bearer)

	            Dim subjectConfirmationData As New SubjectConfirmationData()

	            subjectConfirmationData.Recipient = serviceUrl

	            subjectConfirmation.SubjectConfirmationData = subjectConfirmationData

	            subject.SubjectConfirmations.Add(subjectConfirmation)

	            samlAssertion.Subject = subject

	

	            ' Create a new authentication statement.

	            Dim authnStatement As New AuthnStatement()

	            authnStatement.AuthnContext = New AuthnContext()

	            authnStatement.AuthnContext.AuthnContextClassRef = New AuthnContextClassRef(SamlAuthenticateContext.Password)

	            samlAssertion.Statements.Add(authnStatement)

	

	            Dim attributeStatement As New AttributeStatement()

	            attributeStatement.Attributes.Add(New ComponentPro.Saml2.Attribute("email", SamlAttributeNameFormat.Basic, Nothing, "pb@test.com"))

	            attributeStatement.Attributes.Add(New ComponentPro.Saml2.Attribute("FirstName", SamlAttributeNameFormat.Basic, Nothing, "John"))

	            attributeStatement.Attributes.Add(New ComponentPro.Saml2.Attribute("LastName", SamlAttributeNameFormat.Basic, Nothing, "Doe"))

	            samlAssertion.Statements.Add(attributeStatement)

	

	

	            ' Define ENCRYPTEDSAML preprocessor flag if you wish to encrypt the SAML response.

	#If ENCRYPTEDSAML Then

	                ' Load the certificate for the encryption.

	                ' Please make sure the file is in the root directory.

	                Dim encryptingCert As New X509Certificate2(Path.Combine(HttpRuntime.AppDomainAppPath, "EncryptionX509Certificate.cer"), "password")

	

	                ' Create an encrypted SAML assertion from the SAML assertion we have created.

	                Dim encryptedSamlAssertion As New EncryptedAssertion(samlAssertion, encryptingCert, New System.Security.Cryptography.Xml.EncryptionMethod(SamlKeyAlgorithm.TripleDesCbc))

	

	                ' Add encrypted assertion to the SAML response object.

	                samlResponse.Assertions.Add(encryptedSamlAssertion)

	#Else

	            ' Add assertion to the SAML response object.

	            samlResponse.Assertions.Add(samlAssertion)

	#End If

	

	             ' Sign the SAML response with the certificate.

	           

	            samlResponse.Sign(_verifyX509Certificate)

	

	            ' Send the SAML response to the service provider.

	            samlResponse.SendPostBindingForm(Response.OutputStream, serviceUrl, targetUrl)

	

	        Catch exception As Exception

	            Response.Write("IdentityProvider An Error occurred " & exception.ToString)

	        End Try

	    End Sub



	Private Sub LoadVerifyCertificate()

	

	        Dim sCertPath As String = "C:\cert\NSTKey.cer"

	

	        litResponse.Text &= "<br />Loading certificate " & Path.GetFileName(sCertPath)

	

	        If (Not File.Exists(sCertPath)) Then

	            Throw New ArgumentException("The certificate file C:\cert\NSTKey.cer doesn't exist.")

	        End If

	

	        _verifyX509Certificate = New X509Certificate2(sCertPath)

	    End Sub



	[/code]



	I followed the Saml2IdPInitiated_2008 sample. My main reason is that I want to test what is decoded so I built a test page to create an assertion and send it to the decoding page.  The above code should be able to create the assertion and redirect to the decoding page. The problem I get is when it tries to sign it. Every time it tries to sign it, this error appears : An Error occurred ComponentPro.Saml.SamlException: Unable to generate XML signature. What could I be doing that is wrong?


----------------------------------------------------------------------

Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index