Sample code for 30+ languages & platforms
Android™

SAML Signature Validation

See more XML Digital Signatures Examples

A SAML Signature is an XML Digital Signature (XMLDSig) just like any other XML digital signature. It can be verified by using Chilkat' XmlDSig class, as shown in this example.

Chilkat Android™ Downloads

Android™
// Important: Don't forget to include the call to System.loadLibrary
// as shown at the bottom of this code sample.
package com.test;

import android.app.Activity;
import com.chilkatsoft.*;

import android.widget.TextView;
import android.os.Bundle;

public class SimpleActivity extends Activity {

  private static final String TAG = "Chilkat";

  // Called when the activity is first created.
  @Override
  public void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);

    boolean success = false;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    CkXmlDSig dsig = new CkXmlDSig();
    success = dsig.LoadSignature("XML xml signature goes here...");

    // A sample SAML signature is shown below..

    int numSignatures = dsig.get_NumSignatures();
    int i = 0;
    while (i < numSignatures) {
        dsig.put_Selector(i);

        boolean bVerifyRefDigests = false;
        boolean bSignatureVerified = dsig.VerifySignature(bVerifyRefDigests);
        if (bSignatureVerified == true) {
            Log.i(TAG, "Signature " + String.valueOf(i + 1) + " verified");
            }
        else {
            Log.i(TAG, "Signature " + String.valueOf(i + 1) + " invalid");
            }

        // Check each of the reference digests separately..
        int numRefDigests = dsig.get_NumReferences();
        int j = 0;
        while (j < numRefDigests) {
            boolean bDigestVerified = dsig.VerifyReferenceDigest(j);
            Log.i(TAG, "reference digest " + String.valueOf(j + 1) + " verified = " + String.valueOf(bDigestVerified));
            if (bDigestVerified == false) {
                Log.i(TAG, "    reference digest fail reason: " + String.valueOf(dsig.get_RefFailReason()));
                }

            j = j + 1;
            }

        i = i + 1;
        }

    // --------------------------------------
    // Here is a sample SAML XML Signature
    // 
    // 
    // <?xml version="1.0" encoding="UTF-8"?>
    // <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" ID="abc123" Version="2.0" IssueInstant="2022-04-01T12:34:56Z" Destination="https://sp.example.com/sso">
    //   <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://idp.example.com</saml2:Issuer>
    //   <saml2p:Status>
    //     <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
    //   </saml2p:Status>
    //   <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="def456" IssueInstant="2022-04-01T12:34:56Z" Version="2.0">
    //     <saml2:Issuer>https://idp.example.com</saml2:Issuer>
    //     <saml2:Subject>
    //       <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">user@example.com</saml2:NameID>
    //     </saml2:Subject>
    //     <saml2:Conditions NotBefore="2022-04-01T12:34:56Z" NotOnOrAfter="2022-04-01T13:34:56Z"/>
    //     <saml2:AuthnStatement AuthnInstant="2022-04-01T12:34:56Z">
    //       <saml2:AuthnContext>
    //         <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
    //       </saml2:AuthnContext>
    //     </saml2:AuthnStatement>
    //     <!-- Additional assertion content -->
    //   </saml2:Assertion>
    //   <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    //     <ds:SignedInfo>
    //       <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    //       <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    //       <ds:Reference URI="#abc123">
    //         <ds:Transforms>
    //           <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
    //           <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    //         </ds:Transforms>
    //         <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    //         <ds:DigestValue>q7Zj1w+...+pCsjw=</ds:DigestValue>
    //       </ds:Reference>
    //       <!-- Additional references if present -->
    //     </ds:SignedInfo>
    //     <ds:SignatureValue>
    //       NjIzOWE5ZjA2M2M1...NzUwNzUwNzUwNzUwNzU=
    //     </ds:SignatureValue>
    //     <ds:KeyInfo>
    //       <ds:X509Data>
    //         <ds:X509Certificate>
    //           MIIDgzCCAmugAwIBAg...AgADAA==
    //         </ds:X509Certificate>
    //       </ds:X509Data>
    //     </ds:KeyInfo>
    //   </ds:Signature>
    // </saml2p:Response>

  }

  static {
      System.loadLibrary("chilkat");

      // Note: If the incorrect library name is passed to System.loadLibrary,
      // then you will see the following error message at application startup:
      //"The application <your-application-name> has stopped unexpectedly. Please try again."
  }
}