Signing SAML Request with SHA 256 not working

0
We have a certificate with Signature Algorithm = sha256RSA The SamlRequest of ComponentPro ignores the sha256 "signature algorithm" and creates a SAMLRequest with SHA 1: > Example URL created by ComponentPro: https://adfs.mycompany.com/adfs/ls/?SAMLRequest=...SigAlg=...rsa-sha1... > But the request should be like: https://adfs.mycompany.com/adfs/ls/?SAMLRequest=...SigAlg=...rsa-sha256... Does anybody have a solution how to use SHA256 or what is wrong here? This is our source code: var sha256DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; var sha256SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), sha256SignatureMethod); X509Certificate2 cert = new X509Certificate2(Path.Combine(HttpRuntime.AppDomainAppPath, SPKeyFile), SPKeyPassword, X509KeyStorageFlags.MachineKeySet); AuthnRequest authnRequest = new AuthnRequest(); authnRequest.Destination = ServiceConfig.SpServiceUrl; authnRequest.Issuer = new Issuer(ServiceConfig.Issuer); authnRequest.ForceAuthn = false; AuthnRequest.NameIdPolicy = new NameIdPolicy(null, null, true); authnRequest.Sign(x509Certificate, "http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
edited 5/19/2021 8:00:00 PM
asked 5/19/2021 7:51:54 PM
add a comment

1 Answers

0
Hi, To work with SHA-256, please refer to this doc: https://doc.componentpro.com/ComponentPro-Saml/working-with-sha-256. Dont forget to add this line: CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
edited 6/15/2021 8:32:35 AM
answered 6/15/2021 7:46:47 AM
add a comment

Your Answer

Not the answer you're looking for? Browse other questions tagged saml or ask your own question.