azure SignedXML CheckSignature函数无法验证SAML响应

tpxzln5u  于 2023-05-07  发布在  其他
关注(0)|答案(1)|浏览(134)

我正在尝试实现SAML SSO身份验证功能。在调用signedXml.CheckSignature(certificate, true)函数时,它给出了下面的错误,我无法找出这背后的原因

System.NullReferenceException
  HResult=0x80004003
  Message=Object reference not set to an instance of an object.
  Source=System.Security.Cryptography.Xml
  StackTrace:
   at System.Security.Cryptography.Xml.SignedXml.IsKeyTheCorrectAlgorithm(AsymmetricAlgorithm key, Type expectedType)

有人能帮我吗?这将是一个很大的帮助。
我尝试在初始化时删除AddAlgorithm()函数。我希望samlResponse有效。
我使用下面的代码来实现SAML身份验证:
https://github.com/jitbit/AspNetSaml

3htmauhk

3htmauhk1#

我从SignedXml.CheckSignature方法中得到了一个类似的异常:

System.NullReferenceException: Object reference not set to an instance of an object.
   at System.Security.Cryptography.Xml.RSAPKCS1SignatureDescription.CreateDeformatter(AsymmetricAlgorithm )
   at System.Security.Cryptography.Xml.SignedXml.CheckSignedInfo(AsymmetricAlgorithm )
   at System.Security.Cryptography.Xml.SignedXml.CheckSignature(AsymmetricAlgorithm )
   at System.Security.Cryptography.Xml.SignedXml.CheckSignature(X509Certificate2 , Boolean )

当我检查System.Security.Cryptography源代码时,我在SignatureDescription类CreateDeformatter方法中看到了以下警告:

"CreateDeformatter is not trim compatible because the algorithm implementation referenced by DeformatterAlgorithm might be removed."

在我的Dockerfile中,我设置了PublishTrimmed=true。
取出后,问题解决。

相关问题