Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(VBScript) SAML Signature ValidationSee more XML Digital Signatures ExamplesA SAML Signature is an XML Digital Signature (XMLDSig) just like any other XML digital signature. It can be verified by using Chilkat' XmlDSig class, as shown in this example.
Dim fso, outFile Set fso = CreateObject("Scripting.FileSystemObject") 'Create a Unicode (utf-16) output text file. Set outFile = fso.CreateTextFile("output.txt", True, True) ' This example requires the Chilkat API to have been previously unlocked. ' See Global Unlock Sample for sample code. ' For versions of Chilkat < 10.0.0, use CreateObject("Chilkat_9_5_0.XmlDSig") set dsig = CreateObject("Chilkat.XmlDSig") success = dsig.LoadSignature("XML xml signature goes here...") ' A sample SAML signature is shown below.. numSignatures = dsig.NumSignatures i = 0 Do While i < numSignatures dsig.Selector = i bVerifyRefDigests = 0 bSignatureVerified = dsig.VerifySignature(bVerifyRefDigests) If (bSignatureVerified = 1) Then outFile.WriteLine("Signature " & (i + 1) & " verified") Else outFile.WriteLine("Signature " & (i + 1) & " invalid") End If ' Check each of the reference digests separately.. numRefDigests = dsig.NumReferences j = 0 Do While j < numRefDigests bDigestVerified = dsig.VerifyReferenceDigest(j) outFile.WriteLine("reference digest " & (j + 1) & " verified = " & bDigestVerified) If (bDigestVerified = 0) Then outFile.WriteLine(" reference digest fail reason: " & dsig.RefFailReason) End If j = j + 1 Loop i = i + 1 Loop ' -------------------------------------- ' Here is a sample SAML XML Signature ' ' ' <?xml version="1.0" encoding="UTF-8"?> ' <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" ID="abc123" Version="2.0" IssueInstant="2022-04-01T12:34:56Z" Destination="https://sp.example.com/sso"> ' <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://idp.example.com</saml2:Issuer> ' <saml2p:Status> ' <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> ' </saml2p:Status> ' <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="def456" IssueInstant="2022-04-01T12:34:56Z" Version="2.0"> ' <saml2:Issuer>https://idp.example.com</saml2:Issuer> ' <saml2:Subject> ' <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">user@example.com</saml2:NameID> ' </saml2:Subject> ' <saml2:Conditions NotBefore="2022-04-01T12:34:56Z" NotOnOrAfter="2022-04-01T13:34:56Z"/> ' <saml2:AuthnStatement AuthnInstant="2022-04-01T12:34:56Z"> ' <saml2:AuthnContext> ' <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef> ' </saml2:AuthnContext> ' </saml2:AuthnStatement> ' <!-- Additional assertion content --> ' </saml2:Assertion> ' <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> ' <ds:SignedInfo> ' <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> ' <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> ' <ds:Reference URI="#abc123"> ' <ds:Transforms> ' <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> ' <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> ' </ds:Transforms> ' <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> ' <ds:DigestValue>q7Zj1w+...+pCsjw=</ds:DigestValue> ' </ds:Reference> ' <!-- Additional references if present --> ' </ds:SignedInfo> ' <ds:SignatureValue> ' NjIzOWE5ZjA2M2M1...NzUwNzUwNzUwNzUwNzU= ' </ds:SignatureValue> ' <ds:KeyInfo> ' <ds:X509Data> ' <ds:X509Certificate> ' MIIDgzCCAmugAwIBAg...AgADAA== ' </ds:X509Certificate> ' </ds:X509Data> ' </ds:KeyInfo> ' </ds:Signature> ' </saml2p:Response> outFile.Close |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.