Sample code for 30+ languages & platforms
Java

IPS MX Signature - Digitally Sign MX Document

See more XML Digital Signatures Examples

Demonstrates how to digitally sign ISO 20022 SWIFT MX messages.

Chilkat Java Downloads

Java
import com.chilkatsoft.*;

public class ChilkatExample {

  static {
    try {
        System.loadLibrary("chilkat");
    } catch (UnsatisfiedLinkError e) {
      System.err.println("Native code library failed to load.\n" + e);
      System.exit(1);
    }
  }

  public static void main(String argv[])
  {
    boolean success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    success = true;

    // First create the XML to be signed, or load it from a file, or a string,

    // To load XML from a file:
    CkXml xmlToSign = new CkXml();
    success = xmlToSign.LoadXmlFile("c:/someDir/mx_document.xml");

    // Or to load XML from a string
    success = xmlToSign.LoadXml("...");

    // Or create the XML directly.
    xmlToSign.Clear();

    // Use this online tool to generate code from sample XML: 
    // Generate Code to Create XML

    xmlToSign.put_Tag("DataPDU");
    xmlToSign.AddAttribute("xmlns","urn:cma:stp:xsd:stp.1.0");
    xmlToSign.UpdateAttrAt("Body|AppHdr",true,"xmlns","urn:iso:std:iso:20022:tech:xsd:head.001.001.01");
    xmlToSign.UpdateChildContent("Body|AppHdr|Fr|FIId|FinInstnId|BICFI","ZZZZZZZZ");
    xmlToSign.UpdateChildContent("Body|AppHdr|To|FIId|FinInstnId|BICFI","YYYYYYYYYY");
    xmlToSign.UpdateChildContent("Body|AppHdr|BizMsgIdr","ZZZZZZZZAXXX999999999999999999999");
    xmlToSign.UpdateChildContent("Body|AppHdr|MsgDefIdr","pacs.008.001.08");
    xmlToSign.UpdateChildContent("Body|AppHdr|BizSvc","IPS");
    xmlToSign.UpdateChildContent("Body|AppHdr|CreDt","2017-09-13T18:18:00Z");
    xmlToSign.UpdateAttrAt("Body|Document",true,"xmlns","urn:iso:std:iso:20022:tech:xsd:pacs.008.001.08");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|GrpHdr|MsgId","ZZZZZZZZAXXX999999999999999999999");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|GrpHdr|CreDtTm","2017-09-13T18:18:00");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|GrpHdr|NbOfTxs","1");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|GrpHdr|SttlmInf|SttlmMtd","CLRG");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtId|EndToEndId","NOTPROVIDED");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtId|TxId","ZZZZZZZZAXXX999999999999999999999");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|ClrChanl","RTNS");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|LclInstrm|Prtry","CSCT");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|CtgyPurp|Prtry","001");
    xmlToSign.UpdateAttrAt("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmAmt",true,"Ccy","JOD");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmAmt","71.12");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmDt","2018-01-14");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|ChrgBr","SLEV");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstgAgt|FinInstnId|BICFI","ZZZZZZZZ");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstdAgt|FinInstnId|BICFI","UBSIJOA0");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Dbtr|Nm","John Johnson");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAcct|Id|IBAN","JO22CITI00000000000555555555");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|BICFI","ZZZZZZZZ");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|Othr|Id","200004");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|Othr|SchmeNm|Prtry","1700099999");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgtAcct|Id|IBAN","JO66CITI22222222222222222222");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|BICFI","UBSIJOA0");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|Othr|Id","210027");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|Othr|SchmeNm|Prtry","1400199999");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgtAcct|Id|IBAN","JO44UBSI33333333333333333333");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Cdtr|Nm","Omega Jones");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAcct|Id|IBAN","JO95UBSI00000000000777777777");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstrForNxtAgt|InstrInf","/BNF/Details");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Purp|Prtry","5814");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf","SOMEINFORMATIONABOUTPAYMENT-1");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf[1]","SOMEINFORMATIONABOUTPAYMENT-2");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf[2]","SOMEINFORMATIONABOUTPAYMENT-3");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Tax|Cdtr|TaxId","9900083901");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Tax|Dbtr|TaxId","1000387561");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RmtInf|Ustrd","EDV UCUN ODENIR");
    xmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RmtInf|Ustrd[1]","EXTRA INFO");

    // The following XML is to be signed:

    // <?xml version="1.0" encoding="UTF-8"?>
    // <DataPDU xmlns="urn:cma:stp:xsd:stp.1.0">
    // 	<Body>
    // 		<AppHdr xmlns="urn:iso:std:iso:20022:tech:xsd:head.001.001.01">
    // 			<Fr>
    // 				<FIId>
    // 					<FinInstnId>
    // 						<BICFI>ZZZZZZZZ</BICFI>
    // 					</FinInstnId>
    // 				</FIId>
    // 			</Fr>
    // 			<To>
    // 				<FIId>
    // 					<FinInstnId>
    // 						<BICFI>YYYYYYYYYY</BICFI>
    // 					</FinInstnId>
    // 				</FIId>
    // 			</To>
    // 			<BizMsgIdr>ZZZZZZZZAXXX999999999999999999999</BizMsgIdr>
    // 			<MsgDefIdr>pacs.008.001.08</MsgDefIdr>
    // 			<BizSvc>IPS</BizSvc>
    // 			<CreDt>2017-09-13T18:18:00Z</CreDt>
    // 		</AppHdr>
    // 		<Document xmlns="urn:iso:std:iso:20022:tech:xsd:pacs.008.001.08">
    // 			<FIToFICstmrCdtTrf>
    // 				<GrpHdr>
    // 					<MsgId>ZZZZZZZZAXXX999999999999999999999</MsgId>
    // 					<CreDtTm>2017-09-13T18:18:00</CreDtTm>
    // 					<NbOfTxs>1</NbOfTxs>
    // 					<SttlmInf>
    // 						<SttlmMtd>CLRG</SttlmMtd>
    // 					</SttlmInf>
    // 				</GrpHdr>
    // 				<CdtTrfTxInf>
    // 					<PmtId>
    // 						<EndToEndId>NOTPROVIDED</EndToEndId>
    // 						<TxId>ZZZZZZZZAXXX999999999999999999999</TxId>
    // 					</PmtId>
    // 					<PmtTpInf>
    // 						<ClrChanl>RTNS</ClrChanl>
    // 						<LclInstrm>
    // 							<Prtry>CSCT</Prtry>
    // 						</LclInstrm>
    // 						<CtgyPurp>
    // 							<Prtry>001</Prtry>
    // 						</CtgyPurp>
    // 					</PmtTpInf>
    // 					<IntrBkSttlmAmt Ccy="JOD">71.12</IntrBkSttlmAmt>
    // 					<IntrBkSttlmDt>2018-01-14</IntrBkSttlmDt>
    // 					<ChrgBr>SLEV</ChrgBr>
    // 					<InstgAgt>
    // 						<FinInstnId>
    // 							<BICFI>ZZZZZZZZ</BICFI>
    // 						</FinInstnId>
    // 					</InstgAgt>
    // 					<InstdAgt>
    // 						<FinInstnId>
    // 							<BICFI>UBSIJOA0</BICFI>
    // 						</FinInstnId>
    // 					</InstdAgt>
    // 					<Dbtr>
    // 						<Nm>John Johnson</Nm>
    // 					</Dbtr>
    // 					<DbtrAcct>
    // 						<Id>
    // 							<IBAN>JO22CITI00000000000555555555</IBAN>
    // 						</Id>
    // 					</DbtrAcct>
    // 					<DbtrAgt>
    // 						<FinInstnId>
    // 							<BICFI>ZZZZZZZZ</BICFI>
    // 							<Othr>
    // 								<Id>200004</Id>
    // 								<SchmeNm>
    // 									<Prtry>1700089999</Prtry>
    // 								</SchmeNm>
    // 							</Othr>
    // 						</FinInstnId>
    // 					</DbtrAgt>
    // 					<DbtrAgtAcct>
    // 						<Id>
    // 							<IBAN>JO66CITI22222222222222222222</IBAN>
    // 						</Id>
    // 					</DbtrAgtAcct>
    // 					<CdtrAgt>
    // 						<FinInstnId>
    // 							<BICFI>UBSIJOA0</BICFI>
    // 							<Othr>
    // 								<Id>210027</Id>
    // 								<SchmeNm>
    // 									<Prtry>1400199999</Prtry>
    // 								</SchmeNm>
    // 							</Othr>
    // 						</FinInstnId>
    // 					</CdtrAgt>
    // 					<CdtrAgtAcct>
    // 						<Id>
    // 							<IBAN>JO44UBSI33333333333333333333</IBAN>
    // 						</Id>
    // 					</CdtrAgtAcct>
    // 					<Cdtr>
    // 						<Nm>Omega Jones</Nm>
    // 					</Cdtr>
    // 					<CdtrAcct>
    // 						<Id>
    // 							<IBAN>JO95UBSI00000000000777777777</IBAN>
    // 						</Id>
    // 					</CdtrAcct>
    // 					<InstrForNxtAgt>
    // 						<InstrInf>/BNF/Details</InstrInf>
    // 					</InstrForNxtAgt>
    // 					<Purp>
    // 						<Prtry>5814</Prtry>
    // 					</Purp>
    // 					<RgltryRptg>
    // 						<Dtls>
    // 							<Inf>SOMEINFORMATIONABOUTPAYMENT-1</Inf>
    // 							<Inf>SOMEINFORMATIONABOUTPAYMENT-2</Inf>
    // 							<Inf>SOMEINFORMATIONABOUTPAYMENT-3</Inf>
    // 						</Dtls>
    // 					</RgltryRptg>
    // 					<Tax>
    // 						<Cdtr>
    // 							<TaxId>9900083901</TaxId>
    // 						</Cdtr>
    // 						<Dbtr>
    // 							<TaxId>1000387561</TaxId>
    // 						</Dbtr>
    // 					</Tax>
    // 					<RmtInf>
    // 						<Ustrd>EDV UCUN ODENIR</Ustrd>
    // 						<Ustrd>EXTRA INFO</Ustrd>
    // 					</RmtInf>
    // 				</CdtTrfTxInf>
    // 			</FIToFICstmrCdtTrf>
    // 		</Document>
    // 	</Body>
    // </DataPDU>

    CkXmlDSigGen gen = new CkXmlDSigGen();

    gen.put_SigLocation("DataPDU|Body|AppHdr|Sgntr");
    gen.put_SigLocationMod(0);
    gen.put_SigNamespacePrefix("ds");
    gen.put_SigNamespaceUri("http://www.w3.org/2000/09/xmldsig#");
    gen.put_SignedInfoCanonAlg("EXCL_C14N");
    gen.put_SignedInfoDigestMethod("sha256");

    // Set the KeyInfoId before adding references..
    gen.put_KeyInfoId("_f9f2c543-e50a-4a50-bd91-50155d27f7e2");

    // Create an Object to be added to the Signature.
    CkXml object1 = new CkXml();
    object1.put_Tag("xades:QualifyingProperties");
    object1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#");
    object1.UpdateAttrAt("xades:SignedProperties",true,"Id","_4ed8e0ed-f47c-4262-909b-0458532ce7aa-signedprops");
    object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT");

    gen.AddObject("",object1.getXml(),"","");

    // -------- Reference 1 --------
    gen.AddSameDocRef("_f9f2c543-e50a-4a50-bd91-50155d27f7e2","sha256","EXCL_C14N","","");

    // -------- Reference 2 --------
    gen.AddObjectRef("_4ed8e0ed-f47c-4262-909b-0458532ce7aa-signedprops","sha256","EXCL_C14N","","http://uri.etsi.org/01903/v1.3.2#SignedProperties");

    // -------- Reference 3 --------
    gen.AddSameDocRef("","sha256","EXCL_C14N","","");

    // Provide a certificate + private key. (PFX password is test123)
    CkCert cert = new CkCert();
    success = cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123");
    if (success == false) {
        System.out.println(cert.lastErrorText());
        return;
        }

    gen.SetX509Cert(cert,true);

    gen.put_KeyInfoType("X509Data");
    gen.put_X509Type("IssuerSerial");

    // Load XML to be signed...
    CkStringBuilder sbXml = new CkStringBuilder();
    xmlToSign.GetXmlSb(sbXml);

    // Can alternatively use "CompactSignedXml"
    gen.put_Behaviors("IndentedSignature,LocalSigningTime");

    // Sign the XML...
    success = gen.CreateXmlDSigSb(sbXml);
    if (success == false) {
        System.out.println(gen.lastErrorText());
        return;
        }

    // -----------------------------------------------

    // Save the signed XML to a file.
    success = sbXml.WriteFile("qa_output/mx_signed.xml","utf-8",false);

    System.out.println(sbXml.getAsString());

    // ----------------------------------------
    // Verify the signatures we just produced...
    CkXmlDSig verifier = new CkXmlDSig();
    success = verifier.LoadSignatureSb(sbXml);
    if (success == false) {
        System.out.println(verifier.lastErrorText());
        return;
        }

    // Important: The above signature did not include the full X.509 certificate.
    // You must call verifier.SetPublicKey to provide the public key of the certificate required for validation.

    CkCert verifyCert = new CkCert();
    success = verifyCert.LoadFromFile("qa_data/certs/cert_test123.cer");
    if (success == false) {
        System.out.println(verifyCert.lastErrorText());
        return;
        }

    CkPublicKey pubKey = new CkPublicKey();
    verifyCert.GetPublicKey(pubKey);

    verifier.SetPublicKey(pubKey);

    int numSigs = verifier.get_NumSignatures();
    int verifyIdx = 0;
    while (verifyIdx < numSigs) {
        verifier.put_Selector(verifyIdx);
        boolean verified = verifier.VerifySignature(true);
        if (verified != true) {
            System.out.println(verifier.lastErrorText());
            return;
            }

        verifyIdx = verifyIdx+1;
        }

    System.out.println("All signatures were successfully verified.");
  }
}