Sample code for 30+ languages & platforms
PowerBuilder

Create EBICS Signature (XMLDSIG)

See more EBICS Examples

Demonstrates how to create an EBICS signature. (EBICS is the Electronic Banking Internet Communication Standard)

Chilkat PowerBuilder Downloads

PowerBuilder
integer li_rc
integer li_Success
oleobject loo_SbXml
oleobject loo_Gen
oleobject loo_Cert
oleobject loo_Verifier
oleobject loo_PubKey

li_Success = 0

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This is the sample XML to be signed:

// <?xml version="1.0" encoding="UTF-8"?>
// <ebicsRequest
//   xmlns="urn:org:ebics:H005"
//   xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
//   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
//   xsi:schemaLocation="urn:org:ebics:H005 ebics_request_H005.xsd"
//   Version="H005" Revision="1">
//   <header authenticate="true">
//     <static>
//       <HostID>EBIXHOST</HostID>
//       <Nonce>BDA2312973890654FAC9879A89794E65</Nonce>
//       <Timestamp>2005-01-30T15:30:45.123Z</Timestamp>
//       <PartnerID>CUSTM001</PartnerID>
//       <UserID>USR100</UserID>
//       <Product Language="en" InstituteID="Institute ID">Product Identifier</Product>
//       <OrderDetails>
//         <AdminOrderType>BTU</AdminOrderType>
//         <BTUOrderParams>
//           <Service>
//             <ServiceName>SCT</ServiceName>
//             <MsgName>pain.001</MsgName>
//           </Service>
//         </BTUOrderParams>
//       </OrderDetails>
//       <BankPubKeyDigests>
//         <Authentication Version="X002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">1H/rQr2Axe9hYTV2n/tCp+3UIQQ=</Authentication>
//         <Encryption Version="E002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">2lwiueWOIER823jSoiOkjl+woeI=</Encryption>
//       </BankPubKeyDigests>
//       <SecurityMedium>0000</SecurityMedium>
//       <NumSegments>2</NumSegments>
//     </static>
//     <mutable>
//       <TransactionPhase>Initialisation</TransactionPhase>
//     </mutable>
//   </header>
//   <body>
//     <PreValidation authenticate="true">
//       <DataDigest SignatureVersion="A006"> MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=</DataDigest>
//     </PreValidation>
//     <DataTransfer>
//       <DataEncryptionInfo authenticate="true">
//         <EncryptionPubKeyDigest Version="E002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">..here hash value of the public bank key for encryption..</EncryptionPubKeyDigest>
//         <TransactionKey>EIGI4En6KEB6ArEzw+iq4N1wm6EptcyxXxStA...</TransactionKey>
//         <HostID>EBIXHOST</HostID>
//       </DataEncryptionInfo>
//       <SignatureData authenticate="true">n6KEB6ArEzw+iq4N1wm6EptcyxXxStAO...</SignatureData>
//       <DataDigest SignatureVersion="A006"> MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=</DataDigest>
//     </DataTransfer>
//   </body>
// </ebicsRequest>

// Load the above XML from a file.
loo_SbXml = create oleobject
li_rc = loo_SbXml.ConnectToNewObject("Chilkat.StringBuilder")
if li_rc < 0 then
    destroy loo_SbXml
    MessageBox("Error","Connecting to COM object failed")
    return
end if
li_Success = loo_SbXml.LoadFile("qa_data/xml_dsig/ebics/fileToSign.xml","utf-8")
if li_Success = 0 then
    Write-Debug "Failed to load XML input file."
    destroy loo_SbXml
    return
end if

loo_Gen = create oleobject
li_rc = loo_Gen.ConnectToNewObject("Chilkat.XmlDSigGen")

// We're going to insert the signature between the </header> and the <body>
loo_Gen.SigLocation = "ebicsRequest|header"

// Set the SigLocationMod = 1 to insert *after* the SigLocation
loo_Gen.SigLocationMod = 1

// We wish to use "ds" for the namespace..
loo_Gen.SigNamespacePrefix = "ds"
loo_Gen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"

// Specify canonicalization and hash algorithms
loo_Gen.SignedInfoCanonAlg = "C14N"
loo_Gen.SignedInfoDigestMethod = "sha256"

// Add the reference.
// For EBICS signatures, we pass the special keyword "EBICS" in the 1st argument.
// This tells Chilkat to create the reference using URI="#xpointer(//*[@authenticate='true'])"
loo_Gen.AddSameDocRef("EBICS","sha256","C14N","","")

// Provide our certificate + private key. (PFX password is test123)
// (You'll use your own certificate, which can be loaded from many different sources by Chilkat, including smart cards.)
loo_Cert = create oleobject
li_rc = loo_Cert.ConnectToNewObject("Chilkat.Cert")

li_Success = loo_Cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
if li_Success = 0 then
    Write-Debug loo_Cert.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    return
end if

li_Success = loo_Gen.SetX509Cert(loo_Cert,1)
if li_Success = 0 then
    Write-Debug loo_Gen.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    return
end if

// We don't want a KeyInfo to be included.
loo_Gen.KeyInfoType = "None"

// Request an indented signature for readability.
// This can be removed after debugging (for a more compact signature).
loo_Gen.Behaviors = "IndentedSignature"

// Sign the XML.
li_Success = loo_Gen.CreateXmlDSigSb(loo_SbXml)
if li_Success = 0 then
    Write-Debug loo_Gen.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    return
end if

// This is the XML with the EBICS signature added:

// <?xml version="1.0" encoding="UTF-8"?>
// <ebicsRequest
// xmlns="urn:org:ebics:H005"
// xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
// xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
// xsi:schemaLocation="urn:org:ebics:H005 ebics_request_H005.xsd"
// Version="H005" Revision="1">
//   <header authenticate="true">
//     <static>
//       <HostID>EBIXHOST</HostID>
//       <Nonce>BDA2312973890654FAC9879A89794E65</Nonce>
//       <Timestamp>2005-01-30T15:30:45.123Z</Timestamp>
//       <PartnerID>CUSTM001</PartnerID>
//       <UserID>USR100</UserID>
//       <Product Language="en" InstituteID="Institute ID">Product Identifier</Product>
//       <OrderDetails>
//         <AdminOrderType>BTU</AdminOrderType>
//         <BTUOrderParams>
//           <Service>
//             <ServiceName>SCT</ServiceName>
//             <MsgName>pain.001</MsgName>
//           </Service>
//         </BTUOrderParams>
//       </OrderDetails>
//       <BankPubKeyDigests>
//         <Authentication Version="X002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">1H/rQr2Axe9hYTV2n/tCp+3UIQQ=</Authentication>
//         <Encryption Version="E002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">2lwiueWOIER823jSoiOkjl+woeI=</Encryption>
//       </BankPubKeyDigests>
//       <SecurityMedium>0000</SecurityMedium>
//       <NumSegments>2</NumSegments>
//     </static>
//     <mutable>
//       <TransactionPhase>Initialisation</TransactionPhase>
//     </mutable>
//   </header><AuthSignature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
//   <ds:SignedInfo>
//     <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
//     <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
//     <ds:Reference URI="#xpointer(//*[@authenticate='true'])">
//       <ds:Transforms>
//         <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
//       </ds:Transforms>
//       <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
//       <ds:DigestValue>jjLD90BedcIVxFENHse6pOnRubVUlHpKjXUF5BUd00k=</ds:DigestValue>
//     </ds:Reference>
//   </ds:SignedInfo>
//   <ds:SignatureValue>TlVgCXGf+3kKZ4LLwqxKoMaDZSBdiDRcGpdKB+tFZ7MZse9jDqtCai7PxcvRLC7yRGRj3XWrAB6IVqXh6tXGqiAtRfa7XjezvJTmUdMEJ3hTEgKqm7cKjjZX5C+lN5XTJghOy0X1bZBl/NBJu/aqY9s8PKsD5Cpm8bFkl2ReBBTCTSF5CRK3XZr+fvWuUX2sFrFS5UDXG8/cmhaKHT15LBOJgYuLYr80dtL251Jy20rIJ5KK8xUz9gpexE61Y/ml6mUPLm8YgdACRdNvCOPRLjCqYwFbnfgaVO6MtSRG819rWyNtBhqVxdzbntiV1UobKbwFiJ1LMMHF0NCo2LGLCw==</ds:SignatureValue>
// </AuthSignature>
//   <body>
//     <PreValidation authenticate="true">
//       <DataDigest SignatureVersion="A006"> MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=</DataDigest>
//     </PreValidation>
//     <DataTransfer>
//       <DataEncryptionInfo authenticate="true">
//         <EncryptionPubKeyDigest Version="E002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">..here hash value of the public bank key for encryption..</EncryptionPubKeyDigest>
//         <TransactionKey>EIGI4En6KEB6ArEzw+iq4N1wm6EptcyxXxStA...</TransactionKey>
//         <HostID>EBIXHOST</HostID>
//       </DataEncryptionInfo>
//       <SignatureData authenticate="true">n6KEB6ArEzw+iq4N1wm6EptcyxXxStAO...</SignatureData>
//       <DataDigest SignatureVersion="A006"> MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=</DataDigest>
//     </DataTransfer>
//   </body>
// </ebicsRequest>

Write-Debug "Here's the EBICS signed XML:"
Write-Debug loo_SbXml.GetAsString()
Write-Debug "----"

// Verify the signature we just produced...
loo_Verifier = create oleobject
li_rc = loo_Verifier.ConnectToNewObject("Chilkat.XmlDSig")

li_Success = loo_Verifier.LoadSignatureSb(loo_SbXml)
if li_Success = 0 then
    Write-Debug loo_Verifier.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    destroy loo_Verifier
    return
end if

// The signature has no KeyInfo, so we must externally provide the key.
loo_PubKey = create oleobject
li_rc = loo_PubKey.ConnectToNewObject("Chilkat.PublicKey")

loo_Cert.GetPublicKey(loo_PubKey)

li_Success = loo_Verifier.SetPublicKey(loo_PubKey)
if li_Success = 0 then
    Write-Debug loo_Verifier.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    destroy loo_Verifier
    destroy loo_PubKey
    return
end if

li_Success = loo_Verifier.VerifySignature(1)
if li_Success = 0 then
    Write-Debug loo_Verifier.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    destroy loo_Verifier
    destroy loo_PubKey
    return
end if

Write-Debug "EBICS signature verified."


destroy loo_SbXml
destroy loo_Gen
destroy loo_Cert
destroy loo_Verifier
destroy loo_PubKey