ComponentSpace SAML2.0 Library: Invalid algorithm specified. (Certificate algorithm: RSASHA256)

Question

I have setup IDP using componentspace SAML2.0

Service provider is also on componentspace SAML2.0

Certificate Algorithm: RSASHA256

We do not have service provider certificate details as we are sending SAMLResponse without AuthRequest

<IdentityProvider Name="http://localhost/ExampleIdentityProvider"
                Description="Example Identity Provider"
                LocalCertificateFile="Certificates\idp.pfx"
                LocalCertificatePassword="password"/>

<PartnerServiceProviders>
<!-- Web forms example -->
<PartnerServiceProvider Name="abc"
                        Description="Example Service Provider"
                        WantAuthnRequestSigned="false"
                        SignSAMLResponse="true"
                        SignAssertion="false"
                        EncryptAssertion="false"
                        AssertionConsumerServiceUrl="https://abc.xyz/sso/saml/servicerequest"
                        SingleLogoutServiceUrl="http://abc.xyz/sso/saml"
                        PartnerCertificateFile="Certificates\sp.cer"/>

I am getting these errors on sending assertion on our side.

CryptographicException: Invalid algorithm specified.
SAMLSignatureException: Failed to generate the XML signature.

Answer 1

Do you get the same error if you use the idp.pfx file that we include with our examples? If not, I suspect your private key isn't specifying the correct cryptographic service provider (CSP) to support SHA-256 signature generation. Please refer to the following article which explains how to specify the correct CSP.

http://www.componentspace.com/Forums/1578/SHA256-and-Converting-the-Cryptographic-Service-Provider-Type