Lianja
An enveloping signature is where the signed data is contained within the Signature within an Object element.
This example signs non-XML text data where the XML signature constitutes the entire output.
Lianja
Create Enveloping XML Digital Signature
See more XML Digital Signatures Examples
This example creates an enveloping digital signature.An enveloping signature is where the signed data is contained within the Signature within an Object element.
This example signs non-XML text data where the XML signature constitutes the entire output.
Chilkat Lianja Downloads
llSuccess = .F.
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Let's use the ECDSA private key at https://www.chilkatsoft.com/exampleData/secp256r1-key.zip
// for signing.
loHttp = createobject("CkHttp")
loZipFile = createobject("CkBinData")
lcKeyUrl = "https://www.chilkatsoft.com/exampleData/secp256r1-key.zip"
llSuccess = loHttp.QuickGetBd(lcKeyUrl,loZipFile)
if (llSuccess = .F.) then
? loHttp.LastErrorText
release loHttp
release loZipFile
return
endif
loZip = createobject("CkZip")
llSuccess = loZip.OpenBd(loZipFile)
loEntry = createobject("CkZipEntry")
llSuccess = loZip.EntryMatching("*.pem",loEntry)
if (llSuccess = .F.) then
? loZip.LastErrorText
release loHttp
release loZipFile
release loZip
release loEntry
return
endif
loEcKey = createobject("CkPrivateKey")
llSuccess = loEcKey.LoadPem(loEntry.UnzipToString(0,"utf-8"))
if (llSuccess <> .T.) then
? loEcKey.LastErrorText
release loHttp
release loZipFile
release loZip
release loEntry
release loEcKey
return
endif
// ----------------------------------------------------------------------------
loGen = createobject("CkXmlDSigGen")
// Provide the ECDSA key to the XML Digital Signature generator
loGen.SetPrivateKey(loEcKey)
// Add an enveloped reference to the content to be signed.
loSbContent = createobject("CkStringBuilder")
loSbContent.Append("This is the content that is signed.")
loGen.AddEnvelopedRef("abc123",loSbContent,"sha256","C14N","")
// Generate the XML digital signature.
// Notice that in other examples, the sbXml passed to CreateXmlDSigSb
// already contains XML, and the XML signature is inserted at the location
// specified by the SigLocation property. In this case, both SigLocation
// and sbXml are empty. The result is that sbXml will contain just the Signature.
loSbXml = createobject("CkStringBuilder")
llSuccess = loGen.CreateXmlDSigSb(loSbXml)
if (llSuccess = .F.) then
? loGen.LastErrorText
release loHttp
release loZipFile
release loZip
release loEntry
release loEcKey
release loGen
release loSbContent
release loSbXml
return
endif
// Examine the enveloped signature, where the data is contained within the XML Signature
? loSbXml.GetAsString()
// The Signature returned is compact and in a single line, like this:
// <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/><ds:Reference URI="#abc123"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>tEVrbXXjeTXjF3tIojul4/sgeEGN49E1dxr/GMs8GNE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>/pILUshwrzgdGc4bPgp85TDfbUiM9pn8EIPNRVWKuoVEtPsv4XRthUrv9aDDvajmyl2okLwTakANgtaxO1ULMw==</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:ECKeyValue xmlns="http://www.w3.org/2009/xmldsig11#"><ds:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7" /><ds:PublicKey>BOVKaiLPKEDChhkA64UEBOXTv/VFHnhrUPN+bXqCvEl7rroAYpH5tKzbiGTtMSlp4JO9Pxg44zeX7EoWDvOrpD0=</ds:PublicKey></ds:ECKeyValue></ds:KeyValue></ds:KeyInfo><ds:Object Id="abc123">This is the content that is signed.</ds:Object></ds:Signature>
// XML pretty-printed, the signature is as follows, but pretty-printing introductes whitespace that breaks the signature..
// <?xml version="1.0" encoding="utf-8" ?>
// <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
// <ds:SignedInfo>
// <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
// <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" />
// <ds:Reference URI="#abc123">
// <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
// <ds:DigestValue>tEVrbXXjeTXjF3tIojul4/sgeEGN49E1dxr/GMs8GNE=</ds:DigestValue>
// </ds:Reference>
// </ds:SignedInfo>
// <ds:SignatureValue>/pILUshwrzgdGc4bPgp85TDfbUiM9pn8EIPNRVWKuoVEtPsv4XRthUrv9aDDvajmyl2okLwTakANgtaxO1ULMw==</ds:SignatureValue>
// <ds:KeyInfo>
// <ds:KeyValue>
// <ds:ECKeyValue xmlns="http://www.w3.org/2009/xmldsig11#">
// <ds:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7" />
// <ds:PublicKey>BOVKaiLPKEDChhkA64UEBOXTv/VFHnhrUPN+bXqCvEl7rroAYpH5tKzbiGTtMSlp4JO9Pxg44zeX7EoWDvOrpD0=</ds:PublicKey>
// </ds:ECKeyValue>
// </ds:KeyValue>
// </ds:KeyInfo>
// <ds:Object Id="abc123">This is the content that is signed.</ds:Object>
// </ds:Signature>
//
release loHttp
release loZipFile
release loZip
release loEntry
release loEcKey
release loGen
release loSbContent
release loSbXml