3

Here is the problem I am facing and need some help/guidance on this.

I have generated a XML message from my engine and this needs to be parsed to a service. In order to do that I have to change that message to SOAP message and insert SAML token on it. I am trying to perform this action using C# code. Below is the Input message which I have generated and the expected output of this:

Input Message:

Remove Input Message as it was inserted already in the SOAP Body

Desired Output Message:

<?xml version='1.0' encoding='UTF-8'?>
<S:Envelope
    xmlns:S="http://www.w3.org/2003/05/soap-envelope"
    xmlns:wsse11="http://docs.oasisopen.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-utility-1.0.xsd"
    xmlns:xs="http://www.w3.org/2001/XMLSchema"
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
    xmlns:exc14n="http://www.w3.org/2001/10/xml-exc-c14n#">
    <S:Header>
        <To mustUnderstand="true"
            xmlns="http://www.w3.org/2005/08/addressing">https://localhost:443/Gateway/PatientDiscovery/1_0/NwHINService/NwHINPatientDiscovery 
        </To>
        <Action mustUnderstand="true"
            xmlns="http://www.w3.org/2005/08/addressing">urn:hl7-org:v3:PRPA_IN201305UV02:CrossGatewayPatientDiscovery
        </Action>
        <ReplyTo mustUnderstand="true"
            xmlns="http://www.w3.org/2005/08/addressing">
            <Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
        </ReplyTo>
        <MessageID mustUnderstand="true"
            xmlns="http://www.w3.org/2005/08/addressing">461433e3-4591-453b-9eb6-791c7f5ff882
        </MessageID>
        <wsse:Security S:mustUnderstand="true">
            <wsu:Timestamp wsu:Id="_1"
                xmlns:ns17="http://docs.oasis-open.org/ws-sx/wssecureconversation/200512"
                xmlns:ns16="http://schemas.xmlsoap.org/soap/envelope/">
                <wsu:Created>2012-06-08T18:31:44Z</wsu:Created>
                <wsu:Expires>2012-06-08T18:36:44Z</wsu:Expires>
            </wsu:Timestamp>
            <saml2:Assertion ID="_e1154a8a-bbd5-426d-afa5-ed7071f1b1ff" IssueInstant="2012-06-08T18:31:44.577Z" Version="2.0"
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
                xmlns:exc14n="http://www.w3.org/2001/10/xml-excc14n#"
                xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
                xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
                xmlns:xs="http://www.w3.org/2001/XMLSchema">
                <saml2:Issuer Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US</saml2:Issuer>
                <ds:Signature
                    xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                    <ds:SignedInfo>
                        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-excc14n#"/>
                        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsasha1"/>
                        <ds:Reference URI="#_e1154a8a-bbd5-426d-afa5-ed7071f1b1ff">
                            <ds:Transforms>
                                <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-excc14n#"/>
                            </ds:Transforms>
                            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                            <ds:DigestValue>5MearYAjQTErf01u/7UlKo2hEyc=</ds:DigestValue>
                        </ds:Reference>
                    </ds:SignedInfo>
                    <ds:SignatureValue>eCEFcl9iEl6u0MrAehJdsRrgbOCnirOE8i9IQpYMb25sMEaeLzXR7SFGf+TrPyv87YwYUr8lP1xK
Iohggt9yCkdvsVIOhRxiOQmK36ATjIsCNVdjqQwH2Ez9q9esRPgWIlS0vDRKxylaz1eGEX5ZCGdg
rBuScX3uvVjA5s/SVfQh6Enw9cbW/1i5Vcrvrie9ro2EdNS6CM1qLmf9bY37E5XK3f3Zt2xne1TH
OXyqH9jXU5RdE14vD+jNHAjCLq61rG5+ImWtZ2sYmp8+vLJGOVSH6yUEDV2v04AdsXUYbjgRvMjo
/mC8Mec2LdX0pGAuqS+hF4xdlR4RNI74Jj7Esg==</ds:SignatureValue>
                    <ds:KeyInfo>
                        <ds:KeyValue>
                            <ds:RSAKeyValue>
                                <ds:Modulus>maFp5lsEHjhrQQCL0e8cbxMoDpGk1r6Uion/LA2iuD3T+sspJh8TNToQrurpFFVY/u6IzHKIk64s
9894pxbwYNwv/LzRVzM5pOXmCT73KGAg3Cry+QOO5KrN8hR/OXyH90/LIS77FZY+bepqD6qx4URa
2/GLll08fu8xh1wPFDMCFAmb2Xz/5gK0fimUXJAWi1+PlNKMLnDGxHgvz5ZwiN1/QwXcQEc1mcJC
imLoiCSrk7nvmqkxX4ZZ1dYzQJWdlB8Om4r9Uu96q5cZFTYwSdivLpPFKSzn/2MI9NryZC0VaIBu
HRhgAmspAzM90BjLO5vtiwrrfx/E3uYcMjcSEQ==</ds:Modulus>
                                <ds:Exponent>AQAB</ds:Exponent>
                            </ds:RSAKeyValue>
                        </ds:KeyValue>
                    </ds:KeyInfo>
                </ds:Signature>
                <saml2:Subject>
                    <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameidformat:X509SubjectName">UID=WilmaAnderson</saml2:NameID>
                    <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-ofkey">
                        <saml2:SubjectConfirmationData>
                            <ds:KeyInfo>
                                <ds:KeyValue>
                                    <ds:RSAKeyValue>
                                        <ds:Modulus>maFp5lsEHjhrQQCL0e8cbxMoDpGk1r6Uion/LA2iuD3T+sspJh8TNToQrurpFFVY/u6IzHKIk64s9894pxbwYNwv/LzRVz
M5pOXmCT73KGAg3Cry+QOO5KrN8hR/OXyH90/LIS77FZY+bepqD6qx4URa2/GLll08fu8xh1wPFDMCFAmb2Xz/5gK0fimUXJAWi1+PlNKML
nDGxHgvz5ZwiN1/QwXcQEc1mcJCimLoiCSrk7nvmqkxX4ZZ1dYzQJWdlB8Om4r9Uu96q5cZFTYwSdivLpPFKSzn/2MI9NryZC0VaIBuHRhg
AmspAzM90BjLO5vtiwrrfx/E3uYcMjcSEQ==</ds:Modulus>
                                        <ds:Exponent>AQAB</ds:Exponent>
                                    </ds:RSAKeyValue>
                                </ds:KeyValue>
                            </ds:KeyInfo>
                        </saml2:SubjectConfirmationData>
                    </saml2:SubjectConfirmation>
                </saml2:Subject>
                <saml2:AuthnStatement AuthnInstant="2012-06-08T18:31:44.577Z" SessionIndex="123456">
                    <saml2:AuthnContext>
                        <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</saml2:AuthnContextClassRef>
                    </saml2:AuthnContext>
                </saml2:AuthnStatement>
                <saml2:AttributeStatement>
                    <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:subject-id">
                        <saml2:AttributeValue ns6:type="ns7:string"
                            xmlns:ns6="http://www.w3.org/2001/XMLSchemainstance"
                            xmlns:ns7="http://www.w3.org/2001/XMLSchema">WilmaWA Anderson
                        </saml2:AttributeValue>
                    </saml2:Attribute>
                    <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization">
                        <saml2:AttributeValue ns6:type="ns7:string"
                            xmlns:ns6="http://www.w3.org/2001/XMLSchemainstance"
                            xmlns:ns7="http://www.w3.org/2001/XMLSchema">2.16.840.1.113883.3.609.10.330.000
                        </saml2:AttributeValue>
                    </saml2:Attribute>
                    <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization-id">
                        <saml2:AttributeValue ns6:type="ns7:string"
                            xmlns:ns6="http://www.w3.org/2001/XMLSchemainstance"
                            xmlns:ns7="http://www.w3.org/2001/XMLSchema">2.16.840.1.113883.3.609.10.330.000
                        </saml2:AttributeValue>
                    </saml2:Attribute>
                    <saml2:Attribute Name="urn:NwHIN:names:saml:homeCommunityId">
                        <saml2:AttributeValue ns6:type="ns7:string"
                            xmlns:ns6="http://www.w3.org/2001/XMLSchemainstance"
                            xmlns:ns7="http://www.w3.org/2001/XMLSchema">2.16.840.1.113883.3.609.10.330.000
                        </saml2:AttributeValue>
                    </saml2:Attribute>
                    <saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:subject:role">
                        <saml2:AttributeValue>
                            <hl7:Role code="46255001" codeSystem="2.16.840.1.113883.6.96"
codeSystemName="SNOMED_CT" displayName="Pharmacist" xsi:type="hl7:CE"
                                xmlns:hl7="urn:hl7-org:v3"
                                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
                            </saml2:AttributeValue>
                        </saml2:Attribute>
                        <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:purposeofuse">
                            <saml2:AttributeValue>
                                <hl7:PurposeOfUse code="OPERATIONS" codeSystem="2.16.840.1.113883.3.18.7.1" codeSystemName="NwHIN-purpose" displayName="Healthcare Operations" xsi:type="hl7:CE"
                                    xmlns:hl7="urn:hl7-org:v3"
                                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
                                </saml2:AttributeValue>
                            </saml2:Attribute>
                            <saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:resource:resource-id">
                                <saml2:AttributeValue ns6:type="ns7:string"
                                    xmlns:ns6="http://www.w3.org/2001/XMLSchemainstance"
                                    xmlns:ns7="http://www.w3.org/2001/XMLSchema">PATAA000000040^^^&amp;2.16.840.1.113883.3.609.20.330.000&amp;ISO
                                </saml2:AttributeValue>
                            </saml2:Attribute>
                        </saml2:AttributeStatement>
                    </saml2:Assertion>
                    <ds:Signature Id="_2"
                        xmlns:ns17="http://docs.oasis-open.org/ws-sx/wssecureconversation/200512"
                        xmlns:ns16="http://schemas.xmlsoap.org/soap/envelope/">
                        <ds:SignedInfo>
                            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                <exc14n:InclusiveNamespaces PrefixList="wsse S"/>
                            </ds:CanonicalizationMethod>
                            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                            <ds:Reference URI="#_1">
                                <ds:Transforms>
                                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                        <exc14n:InclusiveNamespaces PrefixList="wsu wsse S"/>
                                    </ds:Transform>
                                </ds:Transforms>
                                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                                <ds:DigestValue>wOyuouXyvOr9+wFonBcY/sfKQdc=</ds:DigestValue>
                            </ds:Reference>
                        </ds:SignedInfo>
                        <ds:SignatureValue>L3DLzs6axzNlKUuySKvg52ljw+QrLkmJLbJH7kyHoafjyUavzmw3IPAsg70UfVS8tpM+ut7Im4ouqn9eVOttY2BY8MTyBGUSlwj/2IGHdzxoqcXpLFXxx7ntti2Zt/mfmnV1A+iu+a0l5uIRBy6OdxbSsZg1yK2UYaR60WkVEXVH1MZXnHmE33woHjrScvXh1i
mdJ8apZzCuWZ4Nlbf85kvwVjriyCOK2O1nUvY7ZmSsuHGqTOrgemoDQxlNKb3F4Rn48W1yIiAAAJZuq2Qx5KJ4b6aX17/M73pqvqTKMz5Wv
YrmL54FzhXIalns6LzAZ6EZo4YdYOODmuchIZwZqg==</ds:SignatureValue>
                        <ds:KeyInfo>
                            <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasisopen.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0">
                                <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wsssaml-token-profile-1.1#SAMLID">_e1154a8a-bbd5-426d-afa5-ed7071f1b1ff</wsse:KeyIdentifier>
                            </wsse:SecurityTokenReference>
                        </ds:KeyInfo>
                    </ds:Signature>
                </wsse:Security>
            </S:Header>
            <S:Body>
                <ns6:PRPA_IN201305UV02 ITSVersion="XML_1.0"
                    xmlns:ns2="urn:oasis:names:tc:ebxmlregrep:xsd:rim:3.0"
                    xmlns:ns3="urn:oasis:names:tc:ebxmlregrep:xsd:rs:3.0"
                    xmlns:ns4="http://www.hhs.gov/healthit/NwHIN"
                    xmlns:ns5="urn:oasis:names:tc:ebxmlregrep:xsd:query:3.0"
                    xmlns:ns6="urn:hl7-org:v3"
                    xmlns:ns7="urn:gov:hhs:fha:NwHINc:common:NwHINccommon"
                    xmlns:ns8="urn:gov:hhs:fha:NwHINc:common:patientcorrelationfacade"
                    xmlns:ns9="http://schemas.xmlsoap.org/ws/2004/08/addressing">
                    <ns6:id root="2.16.840.1.113883.3.609.20.330.000" extension="-5a3e95b1:11d1fa33d45:-7f9b"/>
                    <ns6:creationTime value="20120608143143"/>
                    <ns6:interactionId root="2.16.840.1.113883.1.6" extension="PRPA_IN201305UV02"/>
                    <ns6:processingCode code="T"/>
                    <ns6:processingModeCode code="T"/>
                    <ns6:acceptAckCode code="AL"/>
                    <ns6:receiver typeCode="RCV">
                        <ns6:device classCode="DEV" determinerCode="INSTANCE">
                            <ns6:id root="2.16.840.1.113883.3.609.10.330.002"/>
                            <ns6:asAgent classCode="AGNT">
                                <ns6:representedOrganization classCode="ORG" determinerCode="INSTANCE">
                                    <ns6:id root="2.16.840.1.113883.3.609.10.330.002"/>
                                </ns6:representedOrganization>
                            </ns6:asAgent>
                        </ns6:device>
                    </ns6:receiver>
                    <ns6:sender typeCode="SND">
                        <ns6:device classCode="DEV" determinerCode="INSTANCE">
                            <ns6:asAgent classCode="AGENT">
                                <ns6:representedOrganization classCode="ORG" determinerCode="INSTANCE">
                                    <ns6:id root="2.16.840.1.113883.3.609.10.330.000"/>
                                </ns6:representedOrganization>
                            </ns6:asAgent>
                        </ns6:device>
                    </ns6:sender>
                    <ns6:controlActProcess classCode="CACT" moodCode="EVN">
                        <ns6:code code="PRPA_TE201305UV02" codeSystem="2.16.840.1.113883.1.6"/>
                        <ns6:authorOrPerformer typeCode="AUT">
                            <ns6:assignedDevice>
                                <ns6:id root="2.16.840.1.113883.3.609.20.330.000"/>
                            </ns6:assignedDevice>
                        </ns6:authorOrPerformer>
                        <ns6:queryByParameter>
                            <ns6:queryId root="2.16.840.1.113883.3.609.10.330.000" extension="-abd3453dcd24wkkks545"/>
                            <ns6:statusCode code="new"/>
                            <ns6:responseModalityCode code="R"/>
                            <ns6:responsePriorityCode code="I"/>
                            <ns6:parameterList>
                                <ns6:livingSubjectAdministrativeGender>
                                    <ns6:value code="M"/>
                                    <ns6:semanticsText representation="TXT"/>
                                </ns6:livingSubjectAdministrativeGender>
                                <ns6:livingSubjectBirthTime>
                                    <ns6:value value="19350213"/>
                                    <ns6:semanticsText representation="TXT"/>
                                </ns6:livingSubjectBirthTime>
                                <ns6:livingSubjectId>
                                    <ns6:value root="2.16.840.1.113883.3.609.20.330.000" extension="PATAA000000040"/>
                                    <ns6:semanticsText representation="TXT"/>
                                </ns6:livingSubjectId>
                                <ns6:livingSubjectId>
                                    <ns6:value root="2.16.840.1.113883.4.1" extension=""/>
                                    <ns6:semanticsText representation="TXT"/>
                                </ns6:livingSubjectId>
                                <ns6:livingSubjectName>
                                    <ns6:value>
                                        <ns6:prefix partType="PFX"/>
                                        <ns6:given partType="GIV">Test</ns6:given>
                                        <ns6:given partType="GIV"/>
                                        <ns6:family partType="FAM">Testing</ns6:family>
                                        <ns6:suffix partType="PFX"/>
                                    </ns6:value>
                                    <ns6:semanticsText representation="TXT"/>
                                </ns6:livingSubjectName>
                                <ns6:patientAddress>
                                    <ns6:value/>
                                </ns6:patientAddress>
                                <ns6:patientTelecom>
                                    <ns6:value value=""/>
                                    <ns6:semanticsText representation="TXT"/>
                                </ns6:patientTelecom>
                            </ns6:parameterList>
                        </ns6:queryByParameter>
                    </ns6:controlActProcess>
                </ns6:PRPA_IN201305UV02>
            </S:Body>
        </S:Envelope>

Using the X509 Certificate I am able to create the signature part. However, I am unable to create the SAML Assertion and SOAP message. It would be a great help if someone can help/guide me on this. Here is my code in C#:

Removing My Code as It was already part of the Main Codebase

Recent Output

<?xml version="1.0"?>
<soap:Envelope
    xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
    xmlns:wsse11="http://docs.oasisopen.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-utility-1.0.xsd"
    xmlns:xs="http://www.w3.org/2001/XMLSchema"
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
    xmlns:exc14n="http://www.w3.org/2001/10/xml-exc-c14n#">
    <soap:Header>
        <To mustUnderstand="true"
            xmlns="http://www.w3.org/2005/08/addressing">https://localhost:443/Gateway/PatientDiscovery/1_0/NwHINService/NwHINPatientDiscovery
        </To>
        <Action mustUnderstand="true"
            xmlns="http://www.w3.org/2005/08/addressing">urn:hl7-org:v3:PRPA_IN201305UV02:CrossGatewayPatientDiscovery
        </Action>
        <ReplyTo mustUnderstand="true"
            xmlns="http://www.w3.org/2005/08/addressing">
            <Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
        </ReplyTo>
        <MessageID mustUnderstand="true"
            xmlns="http://www.w3.org/2005/08/addressing">461433e3-4591-453b-9eb6-791c7f5ff882
        </MessageID>
        <wsse:Security soap:mustUnderstand="true">
            <wsu:Timestamp wsu:Id="_1"
                xmlns:ns17="http://docs.oasis-open.org/ws-sx/wssecureconversation/200512"
                xmlns:ns16="http://schemas.xmlsoap.org/soap/envelope/">
                <wsu:Created>2012-06-08T18:31:44Z</wsu:Created>
                <wsu:Expires>2012-06-08T18:36:44Z</wsu:Expires>
            </wsu:Timestamp>
            <saml2:Assertion ID="_883e64a747a5449b83821913a2b189e6" IssueInstant="2017-10-20T05:09:31.369Z" Version="2.0"
                xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
                xmlns:exc14n="http://www.w3.org/2001/10/xml-excc14n#"
                xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
                xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
                xmlns:xs="http://www.w3.org/2001/XMLSchema">
                <saml2:Issuer Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US
                    <Signature
                        xmlns="http://www.w3.org/2000/09/xmldsig#">
                        <SignedInfo>
                            <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" />
                            <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
                            <Reference URI="">
                                <Transforms>
                                    <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
                                </Transforms>
                                <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                                <DigestValue>I/0YHptWQW4Y+32HZ8sypXfjPr0=</DigestValue>
                            </Reference>
                        </SignedInfo>
                        <SignatureValue>j3nJoKFny0wdeZZtVKt0XGoL/RC10EJWjqRK8RXzZxU9Uhh/c/0RafmnX4Ed/usVDKhdH+XXYnLVASiKpe5q372yhrMs8709C8OCwV4TZSpmAUUakIad3FZTf5kSH/GrAvtBRAbf9qfm2P5eQvl0OW7fI7/fyyaTi+p2sHuIyUSE/sPdbeQFH2nhxCAIVDI5tuiC7RuCHucPdmHZf6RvywONSP1mrr+ar2UTbadsprAHSMfy/k6kEm7Uy+hcE0MZnEcWipNtzeYmSai0pE6sUNtHigmUQLcbky/fSdQnjNyVDU4cwNMuryx6Zj8jfOxNEELqj338WP4UhLcy7Yggug==</SignatureValue>
                        <KeyInfo>
                            <X509Data>
                                <X509Certificate>MIIEZTCCA02gAwIBAgIJAMOJ3N+F0yoBMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJEQzETMBEGA1UEBxMKV2FzaGluZ3RvbjESMBAGA1UEChMJQ29nbml6YW50MR0wGwYDVQQLExRTb2Z0d2FyZSBFbmdpbmVlcmluZzEaMBgGA1UEAxMRd3d3LmNvZ25pemFudC5jb20wHhcNMTcxMDExMDUwMzQ4WhcNMTgxMDExMDUwMzQ4WjB+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCREMxEzARBgNVBAcTCldhc2hpbmd0b24xEjAQBgNVBAoTCUNvZ25pemFudDEdMBsGA1UECxMUU29mdHdhcmUgRW5naW5lZXJpbmcxGjAYBgNVBAMTEXd3dy5jb2duaXphbnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjIFT5mA4jIxXUilmH56Xk2n44vWaiVDR9KfsdKYUeGO/y0f0aUn+cwBeB7zR9Il8YLgaNh1dVvShvlwm31kWTD+dnTrnHB8pMHYh7Y5k7zSLeLgZolWqm+kpEBnre5MLwa2O+Thy6skpmr3sGE+t7mSibEptYSf1lfB2qCHUXYf+jfAJdNuXo3pJsPGsXwU0L1KPnUJIRMs4l4b8JvwZO3cj2eOSGd5JGDCSYG2w+o/Cgyq/A5iDMVgtsyds5kp3JIvhfqXmxhZxkmiTHm4AOglkTY96v7eptDZ0+yspt5p2H5fU1loVwLXQHnk8lXqV3gF+JD8iUEcNrwEX6xbNQIDAQABo4HlMIHiMB0GA1UdDgQWBBSHY9xnAIinZJNFNq7A5dVaa9D0FjCBsgYDVR0jBIGqMIGngBSHY9xnAIinZJNFNq7A5dVaa9D0FqGBg6SBgDB+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCREMxEzARBgNVBAcTCldhc2hpbmd0b24xEjAQBgNVBAoTCUNvZ25pemFudDEdMBsGA1UECxMUU29mdHdhcmUgRW5naW5lZXJpbmcxGjAYBgNVBAMTEXd3dy5jb2duaXphbnQuY29tggkAw4nc34XTKgEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAp0hd/qIbFUpdCAzY9K3/PKGOjlKJn6npyeeE4+jYandvpbxvPo00XCY+pvdLBejoPjnsNjgVYl5Y41SdI2hNP7F65h3BjG3C8AsA98KFIZrBaTaTiLk2B8Tr2Q7MSUcHSEbcs1uSUA8Uzmk4NdJICkLrLKgrWdRBKVyigZi+rD1vD4LTsQoVzQqBD8K8p8h5stOH0x1l5NxTsn3M6o4Q86fGzFLNDK2KUok7AcFl7I17l5DuOYgzIvqgQzCgQ+V/4alJ7dfkVOSqH/0oar5yDCLYjlXtMkqUQlLnni2NSLDmMJfWQ8HWJaAMAhu1hbG9LrUqN4/Xue6tyuWz+i0+0Q==</X509Certificate>
                            </X509Data>
                        </KeyInfo>
                    </Signature>
                    <subject
                        xmlns="saml2">
                        <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameidformat:X509SubjectName">UID=WilmaAnderson</saml2:NameID>
                        <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-ofkey">
                            <saml2:SubjectConfirmationData>
                                <KeyInfo
                                    xmlns="">
                                    <X509Data>
                                        <X509Certificate>MIIEZTCCA02gAwIBAgIJAMOJ3N+F0yoBMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJEQzETMBEGA1UEBxMKV2FzaGluZ3RvbjESMBAGA1UEChMJQ29nbml6YW50MR0wGwYDVQQLExRTb2Z0d2FyZSBFbmdpbmVlcmluZzEaMBgGA1UEAxMRd3d3LmNvZ25pemFudC5jb20wHhcNMTcxMDExMDUwMzQ4WhcNMTgxMDExMDUwMzQ4WjB+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCREMxEzARBgNVBAcTCldhc2hpbmd0b24xEjAQBgNVBAoTCUNvZ25pemFudDEdMBsGA1UECxMUU29mdHdhcmUgRW5naW5lZXJpbmcxGjAYBgNVBAMTEXd3dy5jb2duaXphbnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjIFT5mA4jIxXUilmH56Xk2n44vWaiVDR9KfsdKYUeGO/y0f0aUn+cwBeB7zR9Il8YLgaNh1dVvShvlwm31kWTD+dnTrnHB8pMHYh7Y5k7zSLeLgZolWqm+kpEBnre5MLwa2O+Thy6skpmr3sGE+t7mSibEptYSf1lfB2qCHUXYf+jfAJdNuXo3pJsPGsXwU0L1KPnUJIRMs4l4b8JvwZO3cj2eOSGd5JGDCSYG2w+o/Cgyq/A5iDMVgtsyds5kp3JIvhfqXmxhZxkmiTHm4AOglkTY96v7eptDZ0+yspt5p2H5fU1loVwLXQHnk8lXqV3gF+JD8iUEcNrwEX6xbNQIDAQABo4HlMIHiMB0GA1UdDgQWBBSHY9xnAIinZJNFNq7A5dVaa9D0FjCBsgYDVR0jBIGqMIGngBSHY9xnAIinZJNFNq7A5dVaa9D0FqGBg6SBgDB+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCREMxEzARBgNVBAcTCldhc2hpbmd0b24xEjAQBgNVBAoTCUNvZ25pemFudDEdMBsGA1UECxMUU29mdHdhcmUgRW5naW5lZXJpbmcxGjAYBgNVBAMTEXd3dy5jb2duaXphbnQuY29tggkAw4nc34XTKgEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAp0hd/qIbFUpdCAzY9K3/PKGOjlKJn6npyeeE4+jYandvpbxvPo00XCY+pvdLBejoPjnsNjgVYl5Y41SdI2hNP7F65h3BjG3C8AsA98KFIZrBaTaTiLk2B8Tr2Q7MSUcHSEbcs1uSUA8Uzmk4NdJICkLrLKgrWdRBKVyigZi+rD1vD4LTsQoVzQqBD8K8p8h5stOH0x1l5NxTsn3M6o4Q86fGzFLNDK2KUok7AcFl7I17l5DuOYgzIvqgQzCgQ+V/4alJ7dfkVOSqH/0oar5yDCLYjlXtMkqUQlLnni2NSLDmMJfWQ8HWJaAMAhu1hbG9LrUqN4/Xue6tyuWz+i0+0Q==</X509Certificate>
                                    </X509Data>
                                </KeyInfo>
                            </saml2:SubjectConfirmationData>
                        </saml2:SubjectConfirmation>
                    </subject>
                </saml2:Issuer>
                <saml2:AuthnStatement AuthnInstant="2017-10-20T05:09:31.369Z" SessionIndex="123456">
                    <saml2:AuthnContext>
                        <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</saml2:AuthnContextClassRef>
                    </saml2:AuthnContext>
                </saml2:AuthnStatement>
                <saml2:AttributeStatement>
                    <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:subject-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                        <saml2:AttributeValue
                            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">WilmaWA Anderson
                        </saml2:AttributeValue>
                    </saml2:Attribute>
                </saml2:AttributeStatement>
                <saml2:AttributeStatement>
                    <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                        <saml2:AttributeValue
                            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Developer Integration Lab
                        </saml2:AttributeValue>
                    </saml2:Attribute>
                </saml2:AttributeStatement>
                <saml2:AttributeStatement>
                    <saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization-id" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                        <saml2:AttributeValue
                            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">https://lab.dil.aegis.net
                        </saml2:AttributeValue>
                    </saml2:Attribute>
                </saml2:AttributeStatement>
                <saml2:AttributeStatement>
                    <saml2:Attribute Name="urn:nhin:names:saml:homeCommunityId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                        <saml2:AttributeValue
                            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:oid:2.16.840.1.113883.3.7477.4522.1
                        </saml2:AttributeValue>
                    </saml2:Attribute>
                </saml2:AttributeStatement>
                <saml2:AttributeStatement>
                    <saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:subject:role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                        <saml2:AttributeValue>
                            <hl7:Role
                                xmlns:hl7="urn:hl7-org:v3"
                                xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" code="112247003" codeSystem="2.16.840.1.113883.6.96" codeSystemName="SNOMED_CT" displayName="Medical doctor" xsi:type="CE" />
                            </saml2:AttributeValue>
                        </saml2:Attribute>
                    </saml2:AttributeStatement>
                    <saml2:AttributeStatement>
                        <saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:subject:role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
                            <saml2:AttributeValue>
                                <hl7:PurposeOfUse
                                    xmlns:hl7="urn:hl7-org:v3"
                                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" code="TREATMENT" codeSystem="2.16.840.1.113883.3.18.7.1" codeSystemName="nhin-purpose" displayName="Treatment" xsi:type="CE" />
                                </saml2:AttributeValue>
                            </saml2:Attribute>
                        </saml2:AttributeStatement>
                    </saml2:Assertion>
                    <wsu:Timestamp wsu:ID="">
                        <wsu:Created>"2017-10-20T05:09:31.369Z"</wsu:Created>
                        <wsu:Expires>"2017-10-20T05:09:31.369Z"</wsu:Expires>
                    </wsu:Timestamp>
                </wsse:Security>
            </soap:Header>
            <soap:Body>
                <PRPA_IN201305UV02
                    xmlns="urn:hl7-org:v3"
                    xmlns:ns2="urn:gov:hhs:fha:nhinc:common:nhinccommon"
                    xmlns:ns3="http://www.w3.org/2005/08/addressing"
                    xmlns:ns4="urn:gov:hhs:fha:nhinc:common:patientcorrelationfacade"
                    xmlns:ns5="http://www.hhs.gov/healthit/nhin"
                    xmlns:ns6="urn:oasis:names:tc:ebxml-regrep:xsd:rim:3.0"
                    xmlns:ns7="urn:oasis:names:tc:ebxml-regrep:xsd:rs:3.0"
                    xmlns:ns8="urn:oasis:names:tc:ebxml-regrep:xsd:query:3.0" ITSVersion="XML_1.0" nullFlavor="">
                    <id extension="50a6fe29-cfd5-45ef-8cbe-67e567c9a23c" nullFlavor="" root="2.16.840.1.113883.3.89.102.15.30" />
                    <creationTime nullFlavor="" value="20150309171201" />
                    <interactionId extension="PRPA_IN201305UV02" nullFlavor="" root="2.16.840.1.113883.1.6" />
                    <processingCode code="T" nullFlavor="" />
                    <processingModeCode code="T" nullFlavor="" />
                    <acceptAckCode code="NE" nullFlavor="" />
                    <receiver typeCode="RCV">
                        <device classCode="DEV" determinerCode="INSTANCE">
                            <id root="2.16.840.1.113883.3.1259.10.1003" />
                            <asAgent classCode="AGNT">
                                <representedOrganization classCode="ORG" determinerCode="INSTANCE">
                                    <id root="2.16.840.1.113883.3.1259.10.1003" />
                                </representedOrganization>
                            </asAgent>
                        </device>
                    </receiver>
                    <sender nullFlavor="" typeCode="SND">
                        <device classCode="DEV" determinerCode="INSTANCE" nullFlavor="">
                            <id nullFlavor="" root="2.16.840.1.113883.3.89.102.15.30" />
                            <asAgent classCode="AGNT" nullFlavor="">
                                <representedOrganization classCode="ORG" determinerCode="INSTANCE" nullFlavor="">
                                    <id nullFlavor="" root="2.16.840.1.113883.3.89.102.15.30" />
                                </representedOrganization>
                            </asAgent>
                        </device>
                    </sender>
                    <controlActProcess classCode="CACT" moodCode="EVN" nullFlavor="">
                        <code code="PRPA_TE201305UV02" codeSystem="2.16.840.1.113883.1.6" nullFlavor="" />
                        <authorOrPerformer nullFlavor="" typeCode="AUT">
                            <assignedDevice classCode="ASSIGNED" nullFlavor="">
                                <id nullFlavor="" root="2.16.840.1.113883.3.89.102.15.50" />
                            </assignedDevice>
                        </authorOrPerformer>
                        <queryByParameter nullFlavor="">
                            <queryId extension="ee72b41a-4eb6-4eb0-ab74-0d4ea29dd1b2" nullFlavor="" root="2.16.840.1.113883.3.89.102.15.30" />
                            <statusCode code="new" nullFlavor="" />
                            <responseModalityCode code="R" nullFlavor="" />
                            <responsePriorityCode code="I" nullFlavor="" />
                            <parameterList nullFlavor="">
                                <livingSubjectAdministrativeGender nullFlavor="">
                                    <value code="M" nullFlavor="" />
                                    <semanticsText nullFlavor="" />
                                </livingSubjectAdministrativeGender>
                                <livingSubjectBirthTime nullFlavor="">
                                    <value nullFlavor="" value="19600210" />
                                    <semanticsText nullFlavor="" />
                                </livingSubjectBirthTime>
                                <livingSubjectId nullFlavor="">
                                    <value extension="1000131023" nullFlavor="" root="2.16.840.1.113883.3.89.102.15.50" />
                                    <semanticsText nullFlavor="" />
                                </livingSubjectId>
                                <livingSubjectName nullFlavor="">
                                    <value nullFlavor="" use="">
                                        <given partType="GIV" qualifier="">Test</given>
                                        <given partType="GIV" qualifier="">M</given>
                                        <family partType="FAM" qualifier="">Testing</family>
                                    </value>
                                    <semanticsText nullFlavor="" />
                                </livingSubjectName>
                            </parameterList>
                        </queryByParameter>
                    </controlActProcess>
                </PRPA_IN201305UV02>
            </soap:Body>
        </soap:Envelope>
Aritra
  • 83
  • 2
  • 9
  • Your input message may have an issue. I do not like this one inner tag. It looks wrong although it is correct xml : CN=SampleConnect,O=SAMPLE,L=Anywhere,C=US – jdweng Oct 14 '17 at 08:16

1 Answers1

1

try following :

using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Security.Cryptography.Xml;
using System.Text;
using System.Threading.Tasks;
using System.Xml;

namespace Certificate
{
    class Program
    {
        const string FILENAME = @"c:\temp\test.xml";
        static void Main(string[] args)
        {
            XmlDocument doc = new XmlDocument();
            CreateSoap(doc);
            XmlElement assertion = (XmlElement)(doc.GetElementsByTagName("saml2:Assertion")[0]);
            XmlElement security = (XmlElement)(doc.GetElementsByTagName("wsse:Security")[0]);  //added 10-20-17
            XmlElement body = (XmlElement)(doc.GetElementsByTagName("soap:Body")[0]);


            using (WebClient client = new WebClient())
            {
                byte[] xmlBytes = client.DownloadData(FILENAME);
                body.InnerXml = Encoding.UTF8.GetString(xmlBytes);
            }
            string pfxpath = @"D:\Certificate\Private-cert.pfx";
            X509Certificate2 cert = new X509Certificate2(File.ReadAllBytes(pfxpath), "123456789");


            SignXmlWithCertificate(assertion, cert);
            SignXmlWithCertificate(security, cert);   //added 10-20-17

            XmlElement subject = doc.CreateElement("Subject", "saml2");
            assertion.AppendChild(subject);

            CreateSubject(subject);

            File.WriteAllText(@"D:\Certificate\digitallysigned.xml", doc.OuterXml);
        }
        public static void CreateSoap(XmlDocument doc)
        {
            DateTime date = DateTime.Now;
            string soap = string.Format(
                "<?xml version=\"1.0\"?>" +
                "<soap:Envelope" +
                " xmlns:soap=\"http://www.w3.org/2003/05/soap-envelope\"" +
                " xmlns:wsse11=\"http://docs.oasisopen.org/wss/oasis-wss-wssecurity-secext-1.1.xsd\"" +
                " xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"" +
                " xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-utility-1.0.xsd\"" +
                " xmlns:xs=\"http://www.w3.org/2001/XMLSchema\"" +
                " xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"" +
                " xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"" +
                " xmlns:exc14n=\"http://www.w3.org/2001/10/xml-exc-c14n#\">" +

                           "<soap:Header>" +
                                  "<To mustUnderstand=\"true\"" +
                                     " xmlns=\"http://www.w3.org/2005/08/addressing\">https://localhost:443/Gateway/PatientDiscovery/1_0/NwHINService/NwHINPatientDiscovery" +
                                  "</To>" +
                                  "<Action mustUnderstand=\"true\"" +
                                     " xmlns=\"http://www.w3.org/2005/08/addressing\">urn:hl7-org:v3:PRPA_IN201305UV02:CrossGatewayPatientDiscovery" +
                                  "</Action>" +
                                  "<ReplyTo mustUnderstand=\"true\"" +
                                     " xmlns=\"http://www.w3.org/2005/08/addressing\">" +
                                     "<Address>http://www.w3.org/2005/08/addressing/anonymous</Address>" +
                                  "</ReplyTo>" +
                                  "<MessageID mustUnderstand=\"true\"" +
                                     " xmlns=\"http://www.w3.org/2005/08/addressing\">461433e3-4591-453b-9eb6-791c7f5ff882" +
                                  "</MessageID>" +
                                  "<wsse:Security soap:mustUnderstand=\"true\">" +
                                     "<wsu:Timestamp wsu:Id=\"_1\"" +
                                        " xmlns:ns17=\"http://docs.oasis-open.org/ws-sx/wssecureconversation/200512\"" +
                                        " xmlns:ns16=\"http://schemas.xmlsoap.org/soap/envelope/\">" +
                                        "<wsu:Created>2012-06-08T18:31:44Z</wsu:Created>" +
                                        "<wsu:Expires>2012-06-08T18:36:44Z</wsu:Expires>" +
                                     "</wsu:Timestamp>" +
                                     "<saml2:Assertion ID=\"_883e64a747a5449b83821913a2b189e6\" IssueInstant=\"{0}\" Version=\"2.0\"" +
                                        " xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"" +
                                        " xmlns:exc14n=\"http://www.w3.org/2001/10/xml-excc14n#\"" +
                                        " xmlns:saml2=\"urn:oasis:names:tc:SAML:2.0:assertion\"" +
                                        " xmlns:xenc=\"http://www.w3.org/2001/04/xmlenc#\"" +
                                        " xmlns:xs=\"http://www.w3.org/2001/XMLSchema\">" +
                                        "<saml2:Issuer Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName\">CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US" +
                                        "</saml2:Issuer>" +
                                     "</saml2:Assertion>" +
                                  "</wsse:Security>" +

                                "</soap:Header>" +
                                "<soap:Body>" +
                                "</soap:Body>" +
                             "</soap:Envelope>",
                             date.ToUniversalTime().ToString("yyyy-MM-ddThh:mm:ss.fffZ"));
            //date format
            //2015-03-09T21:12:02.279Z
            doc.LoadXml(soap);

        }
        public static void SignXmlWithCertificate(XmlElement assertion, X509Certificate2 cert)
        {
            SignedXml signedXml = new SignedXml(assertion);
            signedXml.SigningKey = cert.PrivateKey;
            Reference reference = new Reference();
            reference.Uri = "";
            reference.AddTransform(new XmlDsigEnvelopedSignatureTransform());
            signedXml.AddReference(reference);

            KeyInfo keyInfo = new KeyInfo();
            keyInfo.AddClause(new KeyInfoX509Data(cert));

            signedXml.KeyInfo = keyInfo;
            signedXml.ComputeSignature();
            XmlElement xmlsig = signedXml.GetXml();

            assertion.AppendChild(xmlsig);
        }
        public static void CreateSubject(XmlElement xSubject)
        {
            string subject = "<saml2:NameID Format=\"urn:oasis:names:tc:SAML:1.1:nameidformat:X509SubjectName\">UID=WilmaAnderson</saml2:NameID>" +
                              "<saml2:SubjectConfirmation Method=\"urn:oasis:names:tc:SAML:2.0:cm:holder-ofkey\">" +
                                "<saml2:SubjectConfirmationData>" +
                                  "<ds:KeyInfo>" +
                                    "<ds:KeyValue>" +
                                      "<ds:RSAKeyValue>" +
                                        "<ds:Modulus>" +
                                          "maFp5lsEHjhrQQCL0e8cbxMoDpGk1r6Uion/LA2iuD3T+sspJh8TNToQrurpFFVY/u6IzHKIk64s9894pxbwYNwv/LzRVz" +
                                          "M5pOXmCT73KGAg3Cry+QOO5KrN8hR/OXyH90/LIS77FZY+bepqD6qx4URa2/GLll08fu8xh1wPFDMCFAmb2Xz/5gK0fimUXJAWi1+PlNKML" +
                                          "nDGxHgvz5ZwiN1/QwXcQEc1mcJCimLoiCSrk7nvmqkxX4ZZ1dYzQJWdlB8Om4r9Uu96q5cZFTYwSdivLpPFKSzn/2MI9NryZC0VaIBuHRhg" +
                                          "AmspAzM90BjLO5vtiwrrfx/E3uYcMjcSEQ==" +
                                        "</ds:Modulus>" +
                                        "<ds:Exponent>AQAB</ds:Exponent>" +
                                      "</ds:RSAKeyValue>" +
                                    "</ds:KeyValue>" +
                                  "</ds:KeyInfo>" +
                                "</saml2:SubjectConfirmationData>" +
                              "</saml2:SubjectConfirmation>";

            xSubject.InnerXml = subject;
        }
    }
}
jdweng
  • 33,250
  • 2
  • 15
  • 20
  • I have implemented the above code. But now I am not even getting the signature part. Please assist !! – Aritra Oct 13 '17 at 09:26
  • Also the above code doesn't have the SAML Part. As per the output message, I need the XML to be wrapped by a SOAP format and the SAML part also needs to be inserted inside the SOAP Header. – Aritra Oct 13 '17 at 09:47
  • Change from : doc.LoadXml(Encoding.UTF8.GetString(xmlBytes)); To : issuer.InnerText = Encoding.UTF8.GetString(xmlBytes); – jdweng Oct 13 '17 at 10:14
  • Thank you for providing the details.. I got the SOAP message. But the XML should come inside the . Also the signature should come inside the tag. Please refer the output message where I have mentioned the desired format. – Aritra Oct 13 '17 at 11:03
  • Also can you help me to understand if we need to use any SAML library here. Because there are many fields which needs to be updated fro each message. Ex: IssueInstant - should be the system date and time and ID should be a random Id. – Aritra Oct 13 '17 at 11:24
  • I fixed code. Add actual date to message. You can make additional changes to add random id similar to how I added date. – jdweng Oct 13 '17 at 12:34
  • One thing I have noticed here is the tag which should not be the case. Also there are other elements which are not part in the SOAP string such as : – Aritra Oct 16 '17 at 05:35
  • I can make changes. The xml is valid so the order of the tags are correct. The Certificate may be in the wrong location or missing tags. I just took your certificate code and added to the SOAP where I thought it belong bases on your sample output. Please update your sample output above. I don't see the Subject or Authnstatement in the sample. – jdweng Oct 16 '17 at 07:01
  • In the desired output I have mentioned the and multiple instances of – Aritra Oct 16 '17 at 07:14
  • I need a sample of the correct xml to work from. The CreateSoap method needs to be modified and the following statement needs to be modified so the signature get placed in the correct location : XmlElement issuer = (XmlElement)(doc.GetElementsByTagName("saml2:Issuer")[0]); – jdweng Oct 16 '17 at 07:34
  • I have mentioned the input XML (Tag: Input Message:) and the desired output message (Tag: Output Message:) in the question itself. Please let me know if you need anything else. – Aritra Oct 16 '17 at 07:57
  • I found a sample signature tag and added to code. Not sure if correct but a good start. – jdweng Oct 16 '17 at 08:03
  • The signature value should be generated from the X509 certificate and the recent changes in the code error out :( – Aritra Oct 16 '17 at 08:13
  • I do not know all the changes you made. You are welcomed to modify my posted code to add additional changes. Then I will fix what is needed. I'm not sure how to add the X509 certificate to the signature. From your original posted code I assumed the certificate was going into the issuer tag. Originally I just fixed the following statement to add certificate into the document : doc.DocumentElement.AppendChild(doc.ImportNode(xmlsig, true)); – jdweng Oct 16 '17 at 09:41
  • I have updated the code which you posted last. Also updated the output which I am getting now. The problem is: Still the tag is ending after the whereas it should be CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US and then the Signature tag will start. Any clue on how to achieve this? Please help me...!!! – Aritra Oct 16 '17 at 13:29
  • Thank you for the updated code. I need help on creating the part which should come after the . Please check Line no. 71 in the Desired Output Message. Also the tag is still ending after the whereas it should be CN=SAML User,OU=SU,O=SAML User,L=Los Angeles,ST=CA,C=US...Donno how to fix this.... :( – Aritra Oct 17 '17 at 05:26
  • I would really appreciate if someone can help me on this at the earliest please... – Aritra Oct 17 '17 at 07:37
  • Thank you for the update. I have also updated the code and added the other elements. Please take a look at the Recent Output where all the elements has been added. The last change that is required is to add the Signature component between the end of SAML 2 assertion i.e., (Line No.: 125) and wsu:Timestamp i.e, (Line No: 126). The signature part is nothing but the one which was already added after – Aritra Oct 20 '17 at 05:18
  • Do you need the prefix saml2. The original security elements are children of assertion and assertion has the namespace saml2 defined. You are now asking for security to be also a child of security and security does not have saml2 defined. The desired output looks like the signature has a namespace ds. So I will modify code to use ds. – jdweng Oct 20 '17 at 10:18
  • I need to check this signature part with the client. Because as per SAMl documentation it is being referred as timestamp signature. I am unsure how to generate this. Let me check the the current output with the client and will get back to you if any other modification required. Thanks again for all your help...Appreciate It !! – Aritra Oct 20 '17 at 10:34
  • I added two lines of code and added comment to show change : //added 10-20-17 – jdweng Oct 20 '17 at 10:38
  • Actually this format is controlled by hl7-org:v3. The medical industry paid the IEEE to write specifications to electronically transfer medical data. There are a whole set of specifications (RFCs) on the web. I usually answer a couple postings a year concerning hl7 medical data. – jdweng Oct 20 '17 at 10:59
  • Great...Now the Signature part also populated. I have done the modification to generate Random ID and Expire time of the Token (Current Time+5 mins). Added the updated code. – Aritra Oct 20 '17 at 11:07
  • Getting the below issue when tried to validate with the end server: WSS1721: Validation of Reference with URI WFoA89sazapsdV3jraB44vTxo6cvQ8UW failed – Aritra Nov 06 '17 at 11:38
  • The error message in Net are poor. Did you try validating with one of the On-Line 509 Certificate Validation Checkers? Do you know which tag the WFoA89sazapsdV3jraB44vTxo6cvQ8UW comes from? Is you Encryption Mode and Length correct? See : http://fm4dd.com/openssl/certexamples.htm – jdweng Nov 06 '17 at 12:00