|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Delphi ActiveX) SAML Signature ValidationSee more XML Digital Signatures ExamplesA SAML Signature is an XML Digital Signature (XMLDSig) just like any other XML digital signature. It can be verified by using Chilkat' XmlDSig class, as shown in this example.
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB; ... procedure TForm1.Button1Click(Sender: TObject); var dsig: TChilkatXmlDSig; success: Integer; numSignatures: Integer; i: Integer; bVerifyRefDigests: Integer; bSignatureVerified: Integer; numRefDigests: Integer; j: Integer; bDigestVerified: Integer; begin // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. dsig := TChilkatXmlDSig.Create(Self); success := dsig.LoadSignature('XML xml signature goes here...'); // A sample SAML signature is shown below.. numSignatures := dsig.NumSignatures; i := 0; while i < numSignatures do begin dsig.Selector := i; bVerifyRefDigests := 0; bSignatureVerified := dsig.VerifySignature(bVerifyRefDigests); if (bSignatureVerified = 1) then begin Memo1.Lines.Add('Signature ' + IntToStr(i + 1) + ' verified'); end else begin Memo1.Lines.Add('Signature ' + IntToStr(i + 1) + ' invalid'); end; // Check each of the reference digests separately.. numRefDigests := dsig.NumReferences; j := 0; while j < numRefDigests do begin bDigestVerified := dsig.VerifyReferenceDigest(j); Memo1.Lines.Add('reference digest ' + IntToStr(j + 1) + ' verified = ' + IntToStr(Ord(bDigestVerified))); if (bDigestVerified = 0) then begin Memo1.Lines.Add(' reference digest fail reason: ' + IntToStr(dsig.RefFailReason)); end; j := j + 1; end; i := i + 1; end; // -------------------------------------- // Here is a sample SAML XML Signature // // // <?xml version="1.0" encoding="UTF-8"?> // <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" ID="abc123" Version="2.0" IssueInstant="2022-04-01T12:34:56Z" Destination="https://sp.example.com/sso"> // <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://idp.example.com</saml2:Issuer> // <saml2p:Status> // <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> // </saml2p:Status> // <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="def456" IssueInstant="2022-04-01T12:34:56Z" Version="2.0"> // <saml2:Issuer>https://idp.example.com</saml2:Issuer> // <saml2:Subject> // <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">user@example.com</saml2:NameID> // </saml2:Subject> // <saml2:Conditions NotBefore="2022-04-01T12:34:56Z" NotOnOrAfter="2022-04-01T13:34:56Z"/> // <saml2:AuthnStatement AuthnInstant="2022-04-01T12:34:56Z"> // <saml2:AuthnContext> // <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef> // </saml2:AuthnContext> // </saml2:AuthnStatement> // <!-- Additional assertion content --> // </saml2:Assertion> // <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> // <ds:SignedInfo> // <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> // <ds:Reference URI="#abc123"> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> // <ds:DigestValue>q7Zj1w+...+pCsjw=</ds:DigestValue> // </ds:Reference> // <!-- Additional references if present --> // </ds:SignedInfo> // <ds:SignatureValue> // NjIzOWE5ZjA2M2M1...NzUwNzUwNzUwNzUwNzU= // </ds:SignatureValue> // <ds:KeyInfo> // <ds:X509Data> // <ds:X509Certificate> // MIIDgzCCAmugAwIBAg...AgADAA== // </ds:X509Certificate> // </ds:X509Data> // </ds:KeyInfo> // </ds:Signature> // </saml2p:Response> end; |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.