Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(DataFlex) Create IRS MeF Login Service Request MessageThis example demonstrates how to create a digitally signed Login Service Request Message. This example used the documentation at https://www.irs.gov/pub/irs-utl/mef-doc-stp_ref_guide.pdf as a guide. It creates signed XML as specified in section 4.1.1 found in Section 4: Example A2A Web Service Messages.
Use ChilkatAx-9.5.0-win32.pkg Procedure Test Handle hoPfx Boolean iSuccess Variant vSigningCert Handle hoSigningCert Variant vBdCert Handle hoBdCert Variant vSbCert64 Handle hoSbCert64 Handle hoXmlToSign Handle hoGen Variant vCert Handle hoCert Handle hoXmlCustomKeyInfo Variant vSbXml Handle hoSbXml Integer iNReplaced String sTemp1 Boolean bTemp1 // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // -------------------------------------------------------------------------------- // Also see Chilkat's Online WSDL Code Generator // to generate code and SOAP Request and Response XML for each operation in a WSDL. // -------------------------------------------------------------------------------- // The goal of this example is to create signed SOAP XML such as the following: // <?xml version="1.0" encoding="UTF-8"?> // <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> // <SOAP-ENV:Header> // <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> // <wsse:BinarySecurityToken // xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" // EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" // ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" // wsu:Id="CertId-1673181727">MIIHab...n71P</wsse:BinarySecurityToken> // <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> // <ds:SignedInfo> // <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> // <ds:Reference URI="#id-1214941501"> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> // <ds:DigestValue>abcdefghijkLMNOPQRSTUVwxyz012345Em0o3VEOTck=</ds:DigestValue> // </ds:Reference> // <ds:Reference URI="#id-1871558655"> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> // <ds:DigestValue>abcdefghijkLMNOPQRSTUVwxyz012345Xm5ViA+royg=</ds:DigestValue> // </ds:Reference> // </ds:SignedInfo> // <ds:SignatureValue>abcd...5Nbw==</ds:SignatureValue> // <ds:KeyInfo Id="KeyId-256137097"> // <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-1862925355"> // <wsse:Reference URI="#CertId-1673181727" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/> // </wsse:SecurityTokenReference> // </ds:KeyInfo> // </ds:Signature> // </wsse:Security> // <ns1:MeFHeader xmlns:ns1="http://www.irs.gov/a2a/mef/MeFHeader.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1214941501"> // <ns1:MessageID>12345202018200000234</ns1:MessageID> // <ns1:Action>Login</ns1:Action> // <ns1:MessageTs>2020-06-30T15:25:42.678Z</ns1:MessageTs> // <ns1:ETIN>12345</ns1:ETIN> // <ns1:SessionKeyCd>Y</ns1:SessionKeyCd> // <ns1:TestCd>P</ns1:TestCd> // <ns1:AppSysID>65432190</ns1:AppSysID> // <ns1:WSDLVersionNum>10.3</ns1:WSDLVersionNum> // <ns1:ClientSoftwareTxt>SOATest</ns1:ClientSoftwareTxt> // </ns1:MeFHeader> // </SOAP-ENV:Header> // <SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1871558655"> // <LoginRequest xmlns="http://www.irs.gov/a2a/mef/MeFMSIServices.xsd"/> // </SOAP-ENV:Body> // </SOAP-ENV:Envelope> // ------------------------------------------------------------------------------------------- // First, let's load the certificate + private key to be used for signing (from a PFX). // (It is also possible to use certificates installed on a Windows system, or from other file formats..) Get Create (RefClass(cComChilkatPfx)) To hoPfx If (Not(IsComObjectCreated(hoPfx))) Begin Send CreateComObject of hoPfx End Get ComLoadPfxFile Of hoPfx "qa_data/pfx/cert_test123.pfx" "test123" To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoPfx To sTemp1 Showln sTemp1 Procedure_Return End // We'll be needing the X.509 signing cert as base64 for the BinarySecurityToken, so let's get it now.. // The certificate having the private key should be the 1st in the PFX. Get ComGetCert Of hoPfx 0 To vSigningCert If (IsComObject(vSigningCert)) Begin Get Create (RefClass(cComChilkatCert)) To hoSigningCert Set pvComObject Of hoSigningCert To vSigningCert End Get ComLastMethodSuccess Of hoPfx To bTemp1 If (bTemp1 <> True) Begin Get ComLastErrorText Of hoPfx To sTemp1 Showln sTemp1 Procedure_Return End Get Create (RefClass(cComChilkatBinData)) To hoBdCert If (Not(IsComObjectCreated(hoBdCert))) Begin Send CreateComObject of hoBdCert End Get pvComObject of hoBdCert to vBdCert Get ComExportCertDerBd Of hoSigningCert vBdCert To iSuccess Get Create (RefClass(cComChilkatStringBuilder)) To hoSbCert64 If (Not(IsComObjectCreated(hoSbCert64))) Begin Send CreateComObject of hoSbCert64 End Get pvComObject of hoSbCert64 to vSbCert64 Get ComGetEncodedSb Of hoBdCert "base64" vSbCert64 To iSuccess // ------------------------------------------------------------------------------------------- // The XML before signing would look like this: // <?xml version="1.0" encoding="UTF-8"?> // <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> // <SOAP-ENV:Header> // <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> // <wsse:BinarySecurityToken // xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" // EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" // ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" // wsu:Id="CertId-1673181727">MIIHab...n71P</wsse:BinarySecurityToken> // </wsse:Security> // <ns1:MeFHeader xmlns:ns1="http://www.irs.gov/a2a/mef/MeFHeader.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1214941501"> // <ns1:MessageID>12345202018200000234</ns1:MessageID> // <ns1:Action>Login</ns1:Action> // <ns1:MessageTs>2020-06-30T15:25:42.678Z</ns1:MessageTs> // <ns1:ETIN>12345</ns1:ETIN> // <ns1:SessionKeyCd>Y</ns1:SessionKeyCd> // <ns1:TestCd>P</ns1:TestCd> // <ns1:AppSysID>65432190</ns1:AppSysID> // <ns1:WSDLVersionNum>10.3</ns1:WSDLVersionNum> // <ns1:ClientSoftwareTxt>SOATest</ns1:ClientSoftwareTxt> // </ns1:MeFHeader> // </SOAP-ENV:Header> // <SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1871558655"> // <LoginRequest xmlns="http://www.irs.gov/a2a/mef/MeFMSIServices.xsd"/> // </SOAP-ENV:Body> // </SOAP-ENV:Envelope> // You can use the online XML code generation tool at http://tools.chilkat.io/xmlCreate.cshtml // to generate the following XML creation source code: // Create the XML to be signed... Get Create (RefClass(cComChilkatXml)) To hoXmlToSign If (Not(IsComObjectCreated(hoXmlToSign))) Begin Send CreateComObject of hoXmlToSign End Set ComTag Of hoXmlToSign To "SOAP-ENV:Envelope" Get ComAddAttribute Of hoXmlToSign "xmlns:SOAP-ENV" "http://schemas.xmlsoap.org/soap/envelope/" To iSuccess Get ComAddAttribute Of hoXmlToSign "xmlns:xsd" "http://www.w3.org/2001/XMLSchema" To iSuccess Get ComAddAttribute Of hoXmlToSign "xmlns:xsi" "http://www.w3.org/2001/XMLSchema-instance" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Header|wsse:Security" True "xmlns:wsse" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" True "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" True "EncodingType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" True "ValueType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" True "wsu:Id" "CertId-1673181727" To iSuccess Get ComGetAsString Of hoSbCert64 To sTemp1 Send ComUpdateChildContent To hoXmlToSign "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" sTemp1 Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader" True "xmlns:ns1" "http://www.irs.gov/a2a/mef/MeFHeader.xsd" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader" True "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader" True "wsu:Id" "id-1214941501" To iSuccess Send ComUpdateChildContent To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:MessageID" "12345202018200000234" Send ComUpdateChildContent To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:Action" "Login" Send ComUpdateChildContent To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:MessageTs" "2020-06-30T15:25:42.678Z" Send ComUpdateChildContentInt To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:ETIN" 12345 Send ComUpdateChildContent To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:SessionKeyCd" "Y" Send ComUpdateChildContent To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:TestCd" "P" Send ComUpdateChildContentInt To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:AppSysID" 65432190 Send ComUpdateChildContent To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:WSDLVersionNum" "10.3" Send ComUpdateChildContent To hoXmlToSign "SOAP-ENV:Header|ns1:MeFHeader|ns1:ClientSoftwareTxt" "SOATest" Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Body" True "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Body" True "wsu:Id" "id-1871558655" To iSuccess Get ComUpdateAttrAt Of hoXmlToSign "SOAP-ENV:Body|LoginRequest" True "xmlns" "http://www.irs.gov/a2a/mef/MeFMSIServices.xsd" To iSuccess // ------------------------------------------------------------------------------------------- // Setup the XML DSig generator object to create the desired signature. Get Create (RefClass(cComChilkatXmlDSigGen)) To hoGen If (Not(IsComObjectCreated(hoGen))) Begin Send CreateComObject of hoGen End Set ComSigLocation Of hoGen To "SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security" Set ComSigLocationMod Of hoGen To 0 Set ComSigNamespacePrefix Of hoGen To "ds" Set ComSigNamespaceUri Of hoGen To "http://www.w3.org/2000/09/xmldsig#" Set ComSignedInfoCanonAlg Of hoGen To "EXCL_C14N" Set ComSignedInfoDigestMethod Of hoGen To "sha256" // Set the KeyInfoId before adding references.. Set ComKeyInfoId Of hoGen To "KeyId-256137097" // -------- Reference 1 -------- Get ComAddSameDocRef Of hoGen "id-1214941501" "sha256" "EXCL_C14N" "" "" To iSuccess // -------- Reference 2 -------- Get ComAddSameDocRef Of hoGen "id-1871558655" "sha256" "EXCL_C14N" "" "" To iSuccess // Provide a certificate + private key. (PFX password is test123) Get Create (RefClass(cComChilkatCert)) To hoCert If (Not(IsComObjectCreated(hoCert))) Begin Send CreateComObject of hoCert End Get ComLoadPfxFile Of hoCert "qa_data/pfx/cert_test123.pfx" "test123" To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoCert To sTemp1 Showln sTemp1 Procedure_Return End Get pvComObject of hoCert to vCert Get ComSetX509Cert Of hoGen vCert True To iSuccess Set ComKeyInfoType Of hoGen To "Custom" // Create the custom KeyInfo XML.. Get Create (RefClass(cComChilkatXml)) To hoXmlCustomKeyInfo If (Not(IsComObjectCreated(hoXmlCustomKeyInfo))) Begin Send CreateComObject of hoXmlCustomKeyInfo End Set ComTag Of hoXmlCustomKeyInfo To "wsse:SecurityTokenReference" Get ComAddAttribute Of hoXmlCustomKeyInfo "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" To iSuccess Get ComAddAttribute Of hoXmlCustomKeyInfo "wsu:Id" "STRId-1862925355" To iSuccess Get ComUpdateAttrAt Of hoXmlCustomKeyInfo "wsse:Reference" True "URI" "#CertId-1673181727" To iSuccess Get ComUpdateAttrAt Of hoXmlCustomKeyInfo "wsse:Reference" True "ValueType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" To iSuccess Set ComEmitXmlDecl Of hoXmlCustomKeyInfo To False Get ComGetXml Of hoXmlCustomKeyInfo To sTemp1 Set ComCustomKeyInfoXml Of hoGen To sTemp1 // ------------------------------------------------------------------------------------------- // Load XML to be signed... Get Create (RefClass(cComChilkatStringBuilder)) To hoSbXml If (Not(IsComObjectCreated(hoSbXml))) Begin Send CreateComObject of hoSbXml End Get pvComObject of hoSbXml to vSbXml Get ComGetXmlSb Of hoXmlToSign vSbXml To iSuccess // Update BinarySecurityToken_Base64Binary_Content with the actual X509 of the signing cert. Get ComGetEncoded Of hoCert To sTemp1 Get ComReplace Of hoSbXml "BinarySecurityToken_Base64Binary_Content" sTemp1 To iNReplaced Set ComBehaviors Of hoGen To "IndentedSignature" // Sign the XML... Get pvComObject of hoSbXml to vSbXml Get ComCreateXmlDSigSb Of hoGen vSbXml To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoGen To sTemp1 Showln sTemp1 Procedure_Return End // ----------------------------------------------- // Save the signed XML to a file. Get ComWriteFile Of hoSbXml "c:/temp/qa_output/signedXml.xml" "utf-8" False To iSuccess Get ComGetAsString Of hoSbXml To sTemp1 Showln sTemp1 End_Procedure |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.