What do I need to know about XML Signatures to get SAML working?
Processing XML signatures is not really too difficult, if you are very familiar with XML, but there are a lot of details that have to be absolutely right or things don't work, so I probably wouldn't try writing my own implementation in this situation (I did implement it partially once, but that was for a different and special purpose, and anyway it wasn't a complete implementation).
Anyway, I don't know much about SAML, but I do know about XML and XML Signatures, so maybe I can get you some of the way by trying to answer your questions.
A Signature element refers to a specific piece of an XML document that has been digitally signed, in its SignedInfo child element. The Reference child element of that (I think there can be many Reference elements that get concatenated when forming the bytes to be signed but I don't remember for sure anymore) points to the content through the URI attribute. The Transform elements describe transformations performed on the referred-to content prior to hashing it; you will need to look at the specifications to figure out how the transformation algorithms are defined. The DigestMethod element gives the hash algorithm to apply to the bytes that are the result of these transformation algorithms (note that one of them is always canonicalization that converts XML into bytes), and the DigestValue gives the result of that digest algorithm.
The actual signature is in the SignatureValue element, and is produced by applying the CanonicalizationMethod element's canonicalization to produce the bytes and then signing these bytes with the SignatureMethod. The KeyInfo element tells you how to find the key to use.
Canonicalization, which appears a couple of times above, is simply a way to convert an XML document into bytes so that "equivalent" XML documents produce the same sequence of bytes. This is required in a digital signature because the algorithms work on bytes and XML can pass through a number of intermediaries that probably will disrupt the original bytes but will retain the equivalence. And different canonicalization methods are needed for different situations: if elements are extracted from documents and placed into others, you need exclusive canonicalization that strips away unneeded namespace definitions, but in other cases that might not work correctly, so you need inclusive canonicalization instead, which preserves all in-scope namespaces.
This is just the basics. There are a number of different options in how to produce an XML signature, and if you want to implement a working verifier, you need to consider all of them. Since you are new to XML in general, I'll just repeat my advice of using something that already exists. It's an interesting learning experience to implement a specification, but often it's a waste of time if implementations are already available.
There is the W3C's documentation about signatures.
There's an example in xmlseclibs.php in SimpleSAML. It relies on the openssl module to do the crypto.
I would honestly use that lib or bridge to java/tomcat, just because interop issues might come up that would need to potentially be debugged,
You can have a look on this Java lib to sign the SAML request example https://github.com/jrowny/java-saml
To validate the signature you need to install SAML tracer addon https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/
You can use tool https://www.samltool.com/validate_logout_req.php to vaalidate or sign the request https://www.samltool.com/sign_logout_req.php