(JavaScript) Create XML Signature with External Data Reference

Demonstrates how to create an XML digital signature where the data is external. In this case, the data is a JPG file.

This example requires Chilkat v9.5.0.69 or greater.

Note

This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.

var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This example inserts an XML signature in the following XML:

// <?xml version="1.0" encoding="UTF-8" standalone="no"?>
// <abc>
//   <xyz>
//     <jpg>
//         <name>starfish.jpg</name>
//         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
//     </jpg>
//   </xyz>
// </abc>

// The above XML is available at https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml
// First fetch the XML:

var url = "https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml";
var http = new CkHttp();
var sbXml = new CkStringBuilder();
success = http.QuickGetSb(url,sbXml);
if (success !== true) {
    console.log(http.LastErrorText);
    return;
}

// We'll use an RSA private key for signing.  
var rsaKey = new CkPrivateKey();
success = rsaKey.LoadPemFile("qa_data/rsa/rsaPrivKey_pkcs8.pem");
if (success !== true) {
    console.log(rsaKey.LastErrorText);
    return;
}

var xmlSigGen = new CkXmlDSigGen();

// Indicate were the Signature will be inserted:
xmlSigGen.SigLocation = "abc|xyz|jpg";

// Provide the RSA key to be used for signing:
xmlSigGen.SetPrivateKey(rsaKey);

// Fetch the JPG image data.
var jpgUrl = "https://www.chilkatsoft.com/images/starfish.jpg";
var jpgData = new CkBinData();
success = http.QuickGetBd(jpgUrl,jpgData);
if (success !== true) {
    console.log(http.LastErrorText);
    return;
}

// Add the external data reference:
xmlSigGen.AddExternalBinaryRef(jpgUrl,jpgData,"sha256","");

// Create the XML digital signature:
success = xmlSigGen.CreateXmlDSigSb(sbXml);
if (success !== true) {
    console.log(xmlSigGen.LastErrorText);
    return;
}

// Examine the XML that now contains the Signature:
console.log(sbXml.GetAsString());

// <?xml version="1.0" encoding="UTF-8" standalone="no"?>
// <abc>
//   <xyz>
//     <jpg>
//         <name>starfish.jpg</name>
//         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
//     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ApHRr6nilNrzt3dLveC9zlPoSllaCMfHsbAwr+vYBPkHkJ4wD5LzDDhi1tSJZAAeTckmvSqIG3Wi0rgXQiSM644MD3coBFx4QgrY+GZ+XJJE2Y0Ye3VvaQBiRdUW3INGsW4GLubncgQk5JhuAQjo6O/GKpfEuYqUJj/6CLHLQwMPwbZ2043ykgzuPFoOZf6EydJMBAn1ORMvrpUn+zuA9UngOTGap6eWE4CeiNx23BRC2wSztbUjdCLcqXvgiYu/v0tBNaTcwy7b6+IFtwv/lNUUBUQJ/3p+aErzFn3wLeH3yeqpDCU0U6Dqu5SS1jYupcWWsLHJjYnj2066DPJi/g==</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:RSAKeyValue><ds:Modulus>sXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNiwUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv/gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyTEvb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUbE9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRw==</ds:Modulus><ds:Exponent>AQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue></ds:KeyInfo></ds:Signature></jpg>
//   </xyz>
// </abc>
//