Visual Basic 6.0
Visual Basic 6.0
SAML Signature Validation
See more XML Digital Signatures Examples
A SAML Signature is an XML Digital Signature (XMLDSig) just like any other XML digital signature. It can be verified by using Chilkat' XmlDSig class, as shown in this example.Chilkat Visual Basic 6.0 Downloads
Dim success As Long
success = 0
' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.
Dim dsig As New ChilkatXmlDSig
success = dsig.LoadSignature("XML xml signature goes here...")
' A sample SAML signature is shown below..
Dim numSignatures As Long
numSignatures = dsig.NumSignatures
Dim i As Long
i = 0
Do While i < numSignatures
dsig.Selector = i
Dim bVerifyRefDigests As Long
bVerifyRefDigests = 0
Dim bSignatureVerified As Long
bSignatureVerified = dsig.VerifySignature(bVerifyRefDigests)
If (bSignatureVerified = 1) Then
Debug.Print "Signature " & (i + 1) & " verified"
Else
Debug.Print "Signature " & (i + 1) & " invalid"
End If
' Check each of the reference digests separately..
Dim numRefDigests As Long
numRefDigests = dsig.NumReferences
Dim j As Long
j = 0
Do While j < numRefDigests
Dim bDigestVerified As Long
bDigestVerified = dsig.VerifyReferenceDigest(j)
Debug.Print "reference digest " & (j + 1) & " verified = " & bDigestVerified
If (bDigestVerified = 0) Then
Debug.Print " reference digest fail reason: " & dsig.RefFailReason
End If
j = j + 1
Loop
i = i + 1
Loop
' --------------------------------------
' Here is a sample SAML XML Signature
'
'
' <?xml version="1.0" encoding="UTF-8"?>
' <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" ID="abc123" Version="2.0" IssueInstant="2022-04-01T12:34:56Z" Destination="https://sp.example.com/sso">
' <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://idp.example.com</saml2:Issuer>
' <saml2p:Status>
' <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
' </saml2p:Status>
' <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="def456" IssueInstant="2022-04-01T12:34:56Z" Version="2.0">
' <saml2:Issuer>https://idp.example.com</saml2:Issuer>
' <saml2:Subject>
' <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">user@example.com</saml2:NameID>
' </saml2:Subject>
' <saml2:Conditions NotBefore="2022-04-01T12:34:56Z" NotOnOrAfter="2022-04-01T13:34:56Z"/>
' <saml2:AuthnStatement AuthnInstant="2022-04-01T12:34:56Z">
' <saml2:AuthnContext>
' <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
' </saml2:AuthnContext>
' </saml2:AuthnStatement>
' <!-- Additional assertion content -->
' </saml2:Assertion>
' <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
' <ds:SignedInfo>
' <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
' <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
' <ds:Reference URI="#abc123">
' <ds:Transforms>
' <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
' <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
' </ds:Transforms>
' <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
' <ds:DigestValue>q7Zj1w+...+pCsjw=</ds:DigestValue>
' </ds:Reference>
' <!-- Additional references if present -->
' </ds:SignedInfo>
' <ds:SignatureValue>
' NjIzOWE5ZjA2M2M1...NzUwNzUwNzUwNzUwNzU=
' </ds:SignatureValue>
' <ds:KeyInfo>
' <ds:X509Data>
' <ds:X509Certificate>
' MIIDgzCCAmugAwIBAg...AgADAA==
' </ds:X509Certificate>
' </ds:X509Data>
' </ds:KeyInfo>
' </ds:Signature>
' </saml2p:Response>