If you run Fiddler when authenticating to SDL Knowledge Center, you see:
- A POST to /InfoShareSTS/issue/wstrust/mixed/username that sends the credentials.
- The client receives a response that contains a large <xenc:EncryptedData> element.
- The client sends (almost unmodified) the <xenc:EncryptedData> in a POST to /InfoShareWS/Wcf/API25/Application.
But appended after this <xenc:EncryptedData> block in step 3 is a <Signature> block that contains a <DigestValue> and <SignatureValue>.
How is the <DigestValue> calculated?
How is the <SignatureValue> calculated?