We have a certificate with Signature Algorithm = sha256RSA
The SamlRequest of ComponentPro ignores the sha256 "signature algorithm" and creates a SAMLRequest with SHA 1:
> Example URL created by ComponentPro: https://adfs.mycompany.com/adfs/ls/?SAMLRequest=...SigAlg=...rsa-sha1...
> But the request should be like: https://adfs.mycompany.com/adfs/ls/?SAMLRequest=...SigAlg=...rsa-sha256...
Does anybody have a solution how to use SHA256 or what is wrong here?
This is our source code:
var sha256DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
var sha256SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), sha256SignatureMethod);
X509Certificate2 cert = new X509Certificate2(Path.Combine(HttpRuntime.AppDomainAppPath, SPKeyFile), SPKeyPassword, X509KeyStorageFlags.MachineKeySet);
AuthnRequest authnRequest = new AuthnRequest();
authnRequest.Destination = ServiceConfig.SpServiceUrl;
authnRequest.Issuer = new Issuer(ServiceConfig.Issuer);
authnRequest.ForceAuthn = false;
AuthnRequest.NameIdPolicy = new NameIdPolicy(null, null, true);
authnRequest.Sign(x509Certificate, "http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
edited 5/19/2021 8:00:00 PM
asked 5/19/2021 7:51:54 PM