JG Vimalan's Blog

It is all about coding!

System.Security.Cryptography.CryptographicException: Malformed reference element

I got this error when I tried to verify the SAML 2.0 signature. I was using .NET 3.5 webapplication to consume the SAML 2.0 response and then tried to verify the signature. Inorder to fix this error all you need to do is, set the correct XmlElement while performing the signedXml.LoadXml() method. Here is the code snippet I used for fixing the issue.

XmlDocument samlDoc = new XmlDocument();
samlDoc.PreserveWhitespace = true;

var nSpace = new XmlNamespaceManager(samlDoc.NameTable);
nSpace.AddNamespace(“saml2p”, @”urn:oasis:names:tc:SAML:2.0:protocol”);
nSpace.AddNamespace(“saml2″, @”urn:oasis:names:tc:SAML:2.0:assertion”);
nSpace.AddNamespace(“ds”, SignedXml.XmlDsigNamespaceUrl);

var signNode = samlDoc.SelectSingleNode(“/saml2p:Response/ds:Signature”, nSpace);

var signedXml = new SignedXml(samlDoc.DocumentElement);
signedXml.LoadXml(signNode as XmlElement);

if (signedXml.CheckSignature(pubCert, true))
//read the saml data


June 10, 2011 - Posted by | ASP.NET, C#.NET, SAML 2.0

1 Comment »

  1. Could you please post code example for reading and validating a saml 2.0 response using C#. Thank you.

    Comment by Jana | July 16, 2011 | Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: