Sample code for 30+ languages & platforms
DataFlex

Create/Verify XML Signature with External Text Reference

See more XML Digital Signatures Examples

Demonstrates how to create an XML digital signature where the referenced data is external. In this case, the data is a text file located at the following URL: https://www.chilkatsoft.com/helloWorld.txt

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoXml
    Variant vCert
    Handle hoCert
    Handle hoGen
    Handle hoHttp
    Variant vSbExternalTxt
    Handle hoSbExternalTxt
    Boolean iBUsePrivateKey
    Variant vSbXml
    Handle hoSbXml
    Handle hoVerifier
    Variant vSbExternalData
    Handle hoSbExternalData
    Integer iNumRefs
    Integer i
    Boolean iBExternal
    String sUri
    Boolean iBVerified
    String sTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // This example inserts an XML signature into the following XML:

    // <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    // <abc>
    //   <xyz>
    // 	<name>helloWorld.txt</name>
    // 	<url>https://www.chilkatsoft.com/helloWorld.txt</url>
    //   </xyz>
    // </abc>

    // Build the above XML to be signed.
    Get Create (RefClass(cComChilkatXml)) To hoXml
    If (Not(IsComObjectCreated(hoXml))) Begin
        Send CreateComObject of hoXml
    End
    Set ComTag Of hoXml To "abc"
    Send ComUpdateChildContent To hoXml "xyz|name" "helloWorld.txt"
    Send ComUpdateChildContent To hoXml "xyz|url" "https://www.chilkatsoft.com/helloWorld.txt"

    Get Create (RefClass(cComChilkatCert)) To hoCert
    If (Not(IsComObjectCreated(hoCert))) Begin
        Send CreateComObject of hoCert
    End

    Get ComLoadPfxFile Of hoCert "qa_data/pfx/test_secret.pfx" "secret" To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoCert To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatXmlDSigGen)) To hoGen
    If (Not(IsComObjectCreated(hoGen))) Begin
        Send CreateComObject of hoGen
    End

    // Indicate the location within the XML the Signature will be inserted.
    Set ComSigLocation Of hoGen To "abc|xyz"

    // Get the content of the text data to be referenced.
    Get Create (RefClass(cComChilkatHttp)) To hoHttp
    If (Not(IsComObjectCreated(hoHttp))) Begin
        Send CreateComObject of hoHttp
    End
    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbExternalTxt
    If (Not(IsComObjectCreated(hoSbExternalTxt))) Begin
        Send CreateComObject of hoSbExternalTxt
    End
    Get pvComObject of hoSbExternalTxt to vSbExternalTxt
    Get ComQuickGetSb Of hoHttp "https://www.chilkatsoft.com/helloWorld.txt" vSbExternalTxt To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoHttp To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get pvComObject of hoSbExternalTxt to vSbExternalTxt
    Get ComAddExternalTextRef Of hoGen "https://www.chilkatsoft.com/helloWorld.txt" vSbExternalTxt "utf-8" False "sha256" "" To iSuccess
    If (iSuccess = False) Begin
        Get ComLastErrorText Of hoGen To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Provide the private key for signing via the certificate, and indicate that
    // we want the base64 of the certificate embedded in the KeyInfo.
    Set ComKeyInfoType Of hoGen To "X509Data"
    Set ComX509Type Of hoGen To "Certificate"

    Move True To iBUsePrivateKey
    Get pvComObject of hoCert to vCert
    Get ComSetX509Cert Of hoGen vCert iBUsePrivateKey To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoGen To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Indicate we want an indented signature for readability.
    // This can be removed after debugging is finished..
    Set ComBehaviors Of hoGen To "IndentedSignature"

    // Now create and insert the Signature
    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbXml
    If (Not(IsComObjectCreated(hoSbXml))) Begin
        Send CreateComObject of hoSbXml
    End
    Get pvComObject of hoSbXml to vSbXml
    Get ComGetXmlSb Of hoXml vSbXml To iSuccess
    Get pvComObject of hoSbXml to vSbXml
    Get ComCreateXmlDSigSb Of hoGen vSbXml To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoGen To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Examine the XML with the digital signature inserted
    Get ComGetAsString Of hoSbXml To sTemp1
    Showln sTemp1

    // Here is the output:

    // <?xml version="1.0" encoding="utf-8"?>
    // <abc>
    //     <xyz>
    //         <name>helloWorld.txt</name>
    //         <url>https://www.chilkatsoft.com/helloWorld.txt</url>
    //     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    //   <ds:SignedInfo>
    //     <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    //     <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    //     <ds:Reference URI="https://www.chilkatsoft.com/helloWorld.txt">
    //       <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    //       <ds:DigestValue>f4OxZX/x/FO5LcGBSKHWXfwtSx+j1ncoSt3SABJtkGk=</ds:DigestValue>
    //     </ds:Reference>
    //   </ds:SignedInfo>
    //   <ds:SignatureValue>syFSl...pZDiFQ==</ds:SignatureValue>
    //   <ds:KeyInfo>
    //     <ds:X509Data>
    //       <ds:X509Certificate>MIIHAz...GwnUZWCaDE=</ds:X509Certificate>
    //     </ds:X509Data>
    //   </ds:KeyInfo>
    // </ds:Signature></xyz>
    // </abc>

    // Let's verify the signature...
    Get Create (RefClass(cComChilkatXmlDSig)) To hoVerifier
    If (Not(IsComObjectCreated(hoVerifier))) Begin
        Send CreateComObject of hoVerifier
    End
    Get pvComObject of hoSbXml to vSbXml
    Get ComLoadSignatureSb Of hoVerifier vSbXml To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoVerifier To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Let's examine the external references, and fetch the data for each..
    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbExternalData
    If (Not(IsComObjectCreated(hoSbExternalData))) Begin
        Send CreateComObject of hoSbExternalData
    End
    Get ComNumReferences Of hoVerifier To iNumRefs
    Move 0 To i
    While (i < iNumRefs)
        Get ComIsReferenceExternal Of hoVerifier i To iBExternal
        If (iBExternal = True) Begin
            Get ComReferenceUri Of hoVerifier i To sUri

            // We're assuming the URI is an https:// or http:// URL...
            // Let's also assume we know that the referenced data is text and we want the utf-8 byte representation.
            Send ComClear To hoSbExternalData
            Get pvComObject of hoSbExternalData to vSbExternalData
            Get ComQuickGetSb Of hoHttp sUri vSbExternalData To iSuccess
            If (iSuccess = False) Begin
                Get ComLastErrorText Of hoHttp To sTemp1
                Showln sTemp1
                Procedure_Return
            End

            Get pvComObject of hoSbExternalData to vSbExternalData
            Get ComSetRefDataSb Of hoVerifier i vSbExternalData "utf-8" To iSuccess
            If (iSuccess = False) Begin
                Get ComLastErrorText Of hoVerifier To sTemp1
                Showln sTemp1
                Procedure_Return
            End

        End

        Move (i + 1) To i
    Loop

    // Now that we have the external data available, we can verify the reference digest(s) and the signature.
    Get ComVerifySignature Of hoVerifier True To iBVerified
    If (iBVerified <> True) Begin
        Get ComLastErrorText Of hoVerifier To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Showln "Signature verified!"


End_Procedure