Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Alliance Access LAU Sign Message (XML Signature using HMAC-SHA-256)

See more XML Digital Signatures Examples

Demonstrates how to sign XML according to the requirements for Alliance Access LAU (Local Authentication) using HMAC-SHA-256.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.StringBuilder,
  Chilkat.XmlDSigGen,
  Chilkat.Xml;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  xmlToSign: TXml;
  gen: TXmlDSigGen;
  sbXml: TStringBuilder;

begin
  success := False;

  //  This example requires the Chilkat API to have been previously unlocked.
  //  See Global Unlock Sample for sample code.

  //  We begin with this message:

  //  <?xml version="1.0" encoding="utf-8"?>
  //  <Saa:DataPDU xmlns:Saa="urn:swift:saa:xsd:saa.2.0" xmlns:Sw="urn:swift:snl:ns.Sw"
  //    xmlns:SwGbl="urn:swift:snl:ns.SwGbl" xmlns:SwInt="urn:swift:snl:ns:SwInt" xmlns:SwSec="url:swift:snl:ns.SwSec">
  //      <Saa:Revision>2.0.7</Saa:Revision>
  //      <Saa:Header>
  //          <Saa:Message>
  //  			<test>blah blah</test>
  //          </Saa:Message>
  //      </Saa:Header>
  //      <Saa:Body>...</Saa:Body>
  //      <Saa:LAU>
  //      </Saa:LAU>
  //  </Saa:DataPDU>

  //  And we want so sign to create this as the result:
  //  The signed XML we'll create will not be indented and pretty-printed like this.
  //  Instead, we'll use the "CompactSignedXml" behavior to produce compact single-line XML.

  //  <?xml version="1.0" encoding="utf-8"?>
  //  <Saa:DataPDU xmlns:Saa="urn:swift:saa:xsd:saa.2.0" xmlns:Sw="urn:swift:snl:ns.Sw"
  //    xmlns:SwGbl="urn:swift:snl:ns.SwGbl" xmlns:SwInt="urn:swift:snl:ns:SwInt" xmlns:SwSec="url:swift:snl:ns.SwSec">
  //      <Saa:Revision>2.0.7</Saa:Revision>
  //      <Saa:Header>
  //          <Saa:Message>
  //  			<test>blah blah</test>
  //          </Saa:Message>
  //      </Saa:Header>
  //      <Saa:Body>...</Saa:Body>
  //      <Saa:LAU>
  //          <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  //              <ds:SignedInfo>
  //                  <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  //                  <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
  //                  <ds:Reference URI="">
  //                      <ds:Transforms>
  //                          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
  //                          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  //                      </ds:Transforms>
  //                      <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
  //                      <ds:DigestValue>Y7oScHnYOUQvni/TSzZbDec+HR+mWIFH149GXpwj1Ws=</ds:DigestValue>
  //                  </ds:Reference>
  //              </ds:SignedInfo>
  //              <ds:SignatureValue>6ynF/FcwbPsHrtlj3h2agJigdnvpbO6hOzKSRGzqkw0=</ds:SignatureValue>
  //          </ds:Signature>
  //      </Saa:LAU>
  //  </Saa:DataPDU>

  success := True;

  //  Create the XML to be signed...

  //  (The XML does not need to be created this way.  It can be loaded from a file or a string.)
  //  Also, use this online tool to generate code from sample XML: 
  //  Generate Code to Create XML

  xmlToSign := TXml.Create;
  xmlToSign.Tag := 'Saa:DataPDU';
  xmlToSign.AddAttribute('xmlns:Saa','urn:swift:saa:xsd:saa.2.0');
  xmlToSign.AddAttribute('xmlns:Sw','urn:swift:snl:ns.Sw');
  xmlToSign.AddAttribute('xmlns:SwGbl','urn:swift:snl:ns.SwGbl');
  xmlToSign.AddAttribute('xmlns:SwInt','urn:swift:snl:ns:SwInt');
  xmlToSign.AddAttribute('xmlns:SwSec','url:swift:snl:ns.SwSec');
  xmlToSign.UpdateChildContent('Saa:Revision','2.0.7');
  xmlToSign.UpdateChildContent('Saa:Header|Saa:Message|test','blah blah');
  xmlToSign.UpdateChildContent('Saa:Body','...');
  xmlToSign.UpdateChildContent('Saa:LAU','');

  gen := TXmlDSigGen.Create;

  gen.SigLocation := 'Saa:DataPDU|Saa:LAU';
  gen.SigLocationMod := 0;
  gen.SigNamespacePrefix := 'ds';
  gen.SigNamespaceUri := 'http://www.w3.org/2000/09/xmldsig#';
  gen.SignedInfoCanonAlg := 'EXCL_C14N';
  gen.SignedInfoDigestMethod := 'sha256';

  //  You may alternatively choose "IndentedSignature" instead of "CompactSignedXml"
  gen.Behaviors := 'CompactSignedXml';

  gen.AddSameDocRef('','sha256','EXCL_C14N','','');

  //  Specify the HMAC key.
  //  For example, if the HMAC key is to be the us-ascii bytes of the string "secret",
  //  the HMAC key can be set in any of the following ways (and also more ways not shown here..)
  gen.SetHmacKey('secret','ascii');
  //  or
  gen.SetHmacKey('c2VjcmV0','base64');
  //  or
  gen.SetHmacKey('736563726574','hex');

  //  Sign the XML..
  sbXml := TStringBuilder.Create;
  xmlToSign.GetXmlSb(sbXml);
  success := gen.CreateXmlDSigSb(sbXml);
  if (success <> True) then
    begin
      WriteLn(gen.LastErrorText);
      Exit;
    end;

  //  Save the signed XML to a file.
  success := sbXml.WriteFile('qa_output/signedXml.xml','utf-8',False);

  //  Show the signed XML.
  WriteLn(sbXml.GetAsString());


  xmlToSign.Free;
  gen.Free;
  sbXml.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.