Android™
Android™
SAML Signature Validation
See more XML Digital Signatures Examples
A SAML Signature is an XML Digital Signature (XMLDSig) just like any other XML digital signature. It can be verified by using Chilkat' XmlDSig class, as shown in this example.Chilkat Android™ Downloads
// Important: Don't forget to include the call to System.loadLibrary
// as shown at the bottom of this code sample.
package com.test;
import android.app.Activity;
import com.chilkatsoft.*;
import android.widget.TextView;
import android.os.Bundle;
public class SimpleActivity extends Activity {
private static final String TAG = "Chilkat";
// Called when the activity is first created.
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
boolean success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkXmlDSig dsig = new CkXmlDSig();
success = dsig.LoadSignature("XML xml signature goes here...");
// A sample SAML signature is shown below..
int numSignatures = dsig.get_NumSignatures();
int i = 0;
while (i < numSignatures) {
dsig.put_Selector(i);
boolean bVerifyRefDigests = false;
boolean bSignatureVerified = dsig.VerifySignature(bVerifyRefDigests);
if (bSignatureVerified == true) {
Log.i(TAG, "Signature " + String.valueOf(i + 1) + " verified");
}
else {
Log.i(TAG, "Signature " + String.valueOf(i + 1) + " invalid");
}
// Check each of the reference digests separately..
int numRefDigests = dsig.get_NumReferences();
int j = 0;
while (j < numRefDigests) {
boolean bDigestVerified = dsig.VerifyReferenceDigest(j);
Log.i(TAG, "reference digest " + String.valueOf(j + 1) + " verified = " + String.valueOf(bDigestVerified));
if (bDigestVerified == false) {
Log.i(TAG, " reference digest fail reason: " + String.valueOf(dsig.get_RefFailReason()));
}
j = j + 1;
}
i = i + 1;
}
// --------------------------------------
// Here is a sample SAML XML Signature
//
//
// <?xml version="1.0" encoding="UTF-8"?>
// <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" ID="abc123" Version="2.0" IssueInstant="2022-04-01T12:34:56Z" Destination="https://sp.example.com/sso">
// <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://idp.example.com</saml2:Issuer>
// <saml2p:Status>
// <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
// </saml2p:Status>
// <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="def456" IssueInstant="2022-04-01T12:34:56Z" Version="2.0">
// <saml2:Issuer>https://idp.example.com</saml2:Issuer>
// <saml2:Subject>
// <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">user@example.com</saml2:NameID>
// </saml2:Subject>
// <saml2:Conditions NotBefore="2022-04-01T12:34:56Z" NotOnOrAfter="2022-04-01T13:34:56Z"/>
// <saml2:AuthnStatement AuthnInstant="2022-04-01T12:34:56Z">
// <saml2:AuthnContext>
// <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
// </saml2:AuthnContext>
// </saml2:AuthnStatement>
// <!-- Additional assertion content -->
// </saml2:Assertion>
// <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
// <ds:SignedInfo>
// <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
// <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
// <ds:Reference URI="#abc123">
// <ds:Transforms>
// <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
// <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
// </ds:Transforms>
// <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
// <ds:DigestValue>q7Zj1w+...+pCsjw=</ds:DigestValue>
// </ds:Reference>
// <!-- Additional references if present -->
// </ds:SignedInfo>
// <ds:SignatureValue>
// NjIzOWE5ZjA2M2M1...NzUwNzUwNzUwNzUwNzU=
// </ds:SignatureValue>
// <ds:KeyInfo>
// <ds:X509Data>
// <ds:X509Certificate>
// MIIDgzCCAmugAwIBAg...AgADAA==
// </ds:X509Certificate>
// </ds:X509Data>
// </ds:KeyInfo>
// </ds:Signature>
// </saml2p:Response>
}
static {
System.loadLibrary("chilkat");
// Note: If the incorrect library name is passed to System.loadLibrary,
// then you will see the following error message at application startup:
//"The application <your-application-name> has stopped unexpectedly. Please try again."
}
}