Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(DataFlex) Sign with BinarySecurityTokenDemonstrates creating an XML signature using a BinarySecurityToken.
Use ChilkatAx-9.5.0-win32.pkg Procedure Test Boolean iSuccess Variant vCert Handle hoCert Handle hoXml Handle hoDt Variant vBdCert Handle hoBdCert Handle hoKeyInfoXml Handle hoGen Variant vSbXml Handle hoSbXml String sTemp1 // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // ------------------------------------------------------------------------- // Load a cert + private key from a PFX. Get Create (RefClass(cComChilkatCert)) To hoCert If (Not(IsComObjectCreated(hoCert))) Begin Send CreateComObject of hoCert End Get ComLoadPfxFile Of hoCert "qa_data/pfx/cert_test123.pfx" "test123" To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoCert To sTemp1 Showln sTemp1 Procedure_Return End // ------------------------------------------------------------------------- // Create the XML that is to be signed. // // The XML we're creating can be found at Sample Pre-Signed XML with BinarySecurityToken // The online tool at http://tools.chilkat.io/xmlCreate.cshtml can be used to generate the following XML creation code. // Get Create (RefClass(cComChilkatXml)) To hoXml If (Not(IsComObjectCreated(hoXml))) Begin Send CreateComObject of hoXml End Set ComTag Of hoXml To "S:Envelope" Get ComAddAttribute Of hoXml "xmlns:S" "http://www.w3.org/2003/05/soap-envelope" To iSuccess Get ComAddAttribute Of hoXml "xmlns:wsse11" "http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" To iSuccess Get ComAddAttribute Of hoXml "xmlns:wsse" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" To iSuccess Get ComAddAttribute Of hoXml "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" To iSuccess Get ComAddAttribute Of hoXml "xmlns:xs" "http://www.w3.org/2001/XMLSchema" To iSuccess Get ComAddAttribute Of hoXml "xmlns:ds" "http://www.w3.org/2000/09/xmldsig#" To iSuccess Get ComAddAttribute Of hoXml "xmlns:exc14n" "http://www.w3.org/2001/10/xml-exc-c14n#" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|To" True "xmlns" "http://www.w3.org/2005/08/addressing" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|To" True "wsu:Id" "_5002" To iSuccess Send ComUpdateChildContent To hoXml "S:Header|To" "https://XXXXXXXXX" Get ComUpdateAttrAt Of hoXml "S:Header|Action" True "xmlns" "http://www.w3.org/2005/08/addressing" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|Action" True "xmlns:S" "http://www.w3.org/2003/05/soap-envelope" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|Action" True "S:mustUnderstand" "true" To iSuccess Send ComUpdateChildContent To hoXml "S:Header|Action" "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue" Get ComUpdateAttrAt Of hoXml "S:Header|ReplyTo" True "xmlns" "http://www.w3.org/2005/08/addressing" To iSuccess Send ComUpdateChildContent To hoXml "S:Header|ReplyTo|Address" "http://www.w3.org/2005/08/addressing/anonymous" Get ComUpdateAttrAt Of hoXml "S:Header|FaultTo" True "xmlns" "http://www.w3.org/2005/08/addressing" To iSuccess Send ComUpdateChildContent To hoXml "S:Header|FaultTo|Address" "http://www.w3.org/2005/08/addressing/anonymous" Get ComUpdateAttrAt Of hoXml "S:Header|MessageID" True "xmlns" "http://www.w3.org/2005/08/addressing" To iSuccess Send ComUpdateChildContent To hoXml "S:Header|MessageID" "uuid:e9033251-4ff0-4618-8baf-4952ab5fd207" Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security" True "S:mustUnderstand" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security|wsu:Timestamp" True "xmlns:ns17" "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security|wsu:Timestamp" True "xmlns:ns16" "http://schemas.xmlsoap.org/soap/envelope/" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security|wsu:Timestamp" True "wsu:Id" "_1" To iSuccess // Get the current date/time in timestamp format, such as "2018-05-23T02:38:27Z" Get Create (RefClass(cComCkDateTime)) To hoDt If (Not(IsComObjectCreated(hoDt))) Begin Send CreateComObject of hoDt End Get ComSetFromCurrentSystemTime Of hoDt To iSuccess Get ComGetAsTimestamp Of hoDt False To sTemp1 Send ComUpdateChildContent To hoXml "S:Header|wsse:Security|wsu:Timestamp|wsu:Created" sTemp1 // Add 5 minutes. Get ComAddSeconds Of hoDt 300 To iSuccess Get ComGetAsTimestamp Of hoDt False To sTemp1 Send ComUpdateChildContent To hoXml "S:Header|wsse:Security|wsu:Timestamp|wsu:Expires" sTemp1 Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security|wsse:BinarySecurityToken" True "xmlns:ns17" "http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security|wsse:BinarySecurityToken" True "xmlns:ns16" "http://schemas.xmlsoap.org/soap/envelope/" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security|wsse:BinarySecurityToken" True "ValueType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security|wsse:BinarySecurityToken" True "EncodingType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Header|wsse:Security|wsse:BinarySecurityToken" True "wsu:Id" "uuid_43470044-78b4-4b23-926a-b7f590d24cb8" To iSuccess Get Create (RefClass(cComChilkatBinData)) To hoBdCert If (Not(IsComObjectCreated(hoBdCert))) Begin Send CreateComObject of hoBdCert End Get pvComObject of hoBdCert to vBdCert Get ComExportCertDerBd Of hoCert vBdCert To iSuccess // Get the cert as base64 on one line. Get ComGetEncoded Of hoBdCert "base64" To sTemp1 Send ComUpdateChildContent To hoXml "S:Header|wsse:Security|wsse:BinarySecurityToken" sTemp1 Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken" True "xmlns" "http://docs.oasis-open.org/ws-sx/ws-trust/200512" To iSuccess Send ComUpdateChildContent To hoXml "S:Body|RequestSecurityToken|RequestType" "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue" Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|wsp:AppliesTo" True "xmlns:wsp" "http://schemas.xmlsoap.org/ws/2004/09/policy" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|wsp:AppliesTo|EndpointReference:EndpointReference" True "xmlns:EndpointReference" "http://www.w3.org/2005/08/addressing" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|wsp:AppliesTo|EndpointReference:EndpointReference" True "xmlns" "http://www.w3.org/2005/08/addressing" To iSuccess Send ComUpdateChildContent To hoXml "S:Body|RequestSecurityToken|wsp:AppliesTo|EndpointReference:EndpointReference|Address" "https://XXXXXXXXX/services" Send ComUpdateChildContent To hoXml "S:Body|RequestSecurityToken|TokenType" "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims" True "xmlns:i" "http://schemas.xmlsoap.org/ws/2005/05/identity" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims" True "Dialect" "http://schemas.xmlsoap.org/ws/2005/05/identity" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType" True "Optional" "false" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/abn" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[1]" True "Optional" "false" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[1]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/commonname" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[2]" True "Optional" "false" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[2]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/credentialtype" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[3]" True "Optional" "false" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[3]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/samlsubjectid" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[4]" True "Optional" "false" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[4]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/fingerprint" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[5]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[5]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/sbr_personid" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[6]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[6]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/givennames" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[7]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[7]" True "Uri" "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[8]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[8]" True "Uri" "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[9]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[9]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/credentialadministrator" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[10]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[10]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/stalecrlminutes" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[11]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[11]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/subjectdn" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[12]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[12]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/issuerdn" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[13]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[13]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/notafterdate" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[14]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[14]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/certificateserialnumber" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[15]" True "Optional" "true" To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Claims|i:ClaimType[15]" True "Uri" "http://XXXXXXXXX/2008/06/identity/claims/previoussubject" To iSuccess Get ComSetFromCurrentSystemTime Of hoDt To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Lifetime|wsu:Created" True "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" To iSuccess Get ComGetAsTimestamp Of hoDt False To sTemp1 Send ComUpdateChildContent To hoXml "S:Body|RequestSecurityToken|Lifetime|wsu:Created" sTemp1 // Add 40 minutes. Get ComAddSeconds Of hoDt 2400 To iSuccess Get ComUpdateAttrAt Of hoXml "S:Body|RequestSecurityToken|Lifetime|wsu:Expires" True "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" To iSuccess Get ComGetAsTimestamp Of hoDt False To sTemp1 Send ComUpdateChildContent To hoXml "S:Body|RequestSecurityToken|Lifetime|wsu:Expires" sTemp1 Send ComUpdateChildContent To hoXml "S:Body|RequestSecurityToken|KeyType" "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey" Send ComUpdateChildContent To hoXml "S:Body|RequestSecurityToken|KeySize" "512" // Examine the pre-signed XML // println xml.GetXml(); // Build the custom KeyInfo XML we'll use: // // <wsse:SecurityTokenReference> // <wsse:Reference URI="#uuid_43470044-78b4-4b23-926a-b7f590d24cb8" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" /></wsse:SecurityTokenReference> Get Create (RefClass(cComChilkatXml)) To hoKeyInfoXml If (Not(IsComObjectCreated(hoKeyInfoXml))) Begin Send CreateComObject of hoKeyInfoXml End Set ComTag Of hoKeyInfoXml To "wsse:SecurityTokenReference" Get ComUpdateAttrAt Of hoKeyInfoXml "wsse:Reference" True "URI" "#uuid_43470044-78b4-4b23-926a-b7f590d24cb8" To iSuccess Get ComUpdateAttrAt Of hoKeyInfoXml "wsse:Reference" True "ValueType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" To iSuccess // ------------------------------------------------------------------------- // Setup the XML Digital Signature Generator and add the XML Signature. // Get Create (RefClass(cComChilkatXmlDSigGen)) To hoGen If (Not(IsComObjectCreated(hoGen))) Begin Send CreateComObject of hoGen End Set ComSigLocation Of hoGen To "S:Envelope|S:Header|wsse:Security" Set ComSignedInfoPrefixList Of hoGen To "wsse S" Get ComAddSameDocRef Of hoGen "_1" "sha1" "EXCL_C14N" "wsu wsse S" "" To iSuccess Get ComAddSameDocRef Of hoGen "_5002" "sha1" "EXCL_C14N" "S" "" To iSuccess Set ComKeyInfoType Of hoGen To "Custom" Set ComEmitXmlDecl Of hoKeyInfoXml To False Get ComGetXml Of hoKeyInfoXml To sTemp1 Set ComCustomKeyInfoXml Of hoGen To sTemp1 // Specify the cert for signing (which has a private key because it was loaded from a PFX) Get pvComObject of hoCert to vCert Get ComSetX509Cert Of hoGen vCert True To iSuccess // Indicated we want an indented signature for easier human reading. Set ComBehaviors Of hoGen To "IndentedSignature" // Sign the XML.. Get Create (RefClass(cComChilkatStringBuilder)) To hoSbXml If (Not(IsComObjectCreated(hoSbXml))) Begin Send CreateComObject of hoSbXml End Get pvComObject of hoSbXml to vSbXml Get ComGetXmlSb Of hoXml vSbXml To iSuccess Get pvComObject of hoSbXml to vSbXml Get ComCreateXmlDSigSb Of hoGen vSbXml To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoGen To sTemp1 Showln sTemp1 Procedure_Return End // Examine the signed XML Get ComGetAsString Of hoSbXml To sTemp1 Showln sTemp1 // The resulting signature (extracted from the surrounding XML) looks something like this: // <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> // <ds:SignedInfo> // <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> // <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse S" /> // </ds:CanonicalizationMethod> // <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> // <ds:Reference URI="#_1"> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> // <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsu wsse S" /> // </ds:Transform> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> // <ds:DigestValue>VAJMC/L/BDvml7Qv5CBMePbKDE8=</ds:DigestValue> // </ds:Reference> // <ds:Reference URI="#_5002"> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> // <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="S" /> // </ds:Transform> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> // <ds:DigestValue>sW/QFsk6kGv1dzeu0H9Qc/2kvAQ=</ds:DigestValue> // </ds:Reference> // </ds:SignedInfo> // <ds:SignatureValue>....</ds:SignatureValue> // <ds:KeyInfo> // <wsse:SecurityTokenReference> // <wsse:Reference URI="#uuid_43470044-78b4-4b23-926a-b7f590d24cb8" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" /> // </wsse:SecurityTokenReference> // </ds:KeyInfo> // </ds:Signature> // End_Procedure |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.