|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Visual FoxPro) Sign Italian SPID Metadata XMLDemonstrates how to create an XML digital signature for Italian SPID Metadata.
LOCAL lnSuccess LOCAL loSbXml LOCAL loGen LOCAL loCert LOCAL loVerifier LOCAL lnNumSigs LOCAL lnVerifyIdx LOCAL lnVerified * This example assumes the Chilkat API to have been previously unlocked. * See Global Unlock Sample for sample code. lnSuccess = 1 * Load the XML to be signed. * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder') loSbXml = CreateObject('Chilkat.StringBuilder') lnSuccess = loSbXml.LoadFile("qa_data/xml_dsig/spid_metadata.xml","utf-8") IF (lnSuccess = 0) THEN ? "Failed to load the input file." RELEASE loSbXml CANCEL ENDIF * The XML to sign contains XML such as this: * <?xml version="1.0" encoding="utf-8"?> * <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://***.it" ID="_AE17AFFF-A600-49D5-B81D-76EEA55B50FF"> * <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true"> * <md:KeyDescriptor use="signing"> * <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> * <ds:X509Data> * <ds:X509Certificate>MIIF5...</ds:X509Certificate> * </ds:X509Data> * </ds:KeyInfo> * </md:KeyDescriptor> * <md:KeyDescriptor use="encryption"> * <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> * <ds:X509Data> * <ds:X509Certificate>MIIF5...</ds:X509Certificate> * </ds:X509Data> * </ds:KeyInfo> * </md:KeyDescriptor> * <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://***.it/it-it/spid/logout"/> * <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> * <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://***.it/it-it/spid/loginresp" index="0" isDefault="true"/> * <md:AttributeConsumingService index="1"> * <md:ServiceName xml:lang="it">Servizi Online</md:ServiceName> * <md:ServiceDescription xml:lang="it">Accesso ai Servizi Online</md:ServiceDescription> * <md:RequestedAttribute Name="spidCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/> * <md:RequestedAttribute Name="name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/> * <md:RequestedAttribute Name="familyName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/> * <md:RequestedAttribute Name="fiscalNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/> * </md:AttributeConsumingService> * </md:SPSSODescriptor> * <md:Organization> * <md:OrganizationName xml:lang="it">SomeCompany s.r.l.</md:OrganizationName> * <md:OrganizationDisplayName xml:lang="it">SomeCompany s.r.l.</md:OrganizationDisplayName> * <md:OrganizationURL xml:lang="it">https://***.it</md:OrganizationURL> * </md:Organization> * </md:EntityDescriptor> * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.XmlDSigGen') loGen = CreateObject('Chilkat.XmlDSigGen') loGen.SigLocation = "md:EntityDescriptor|md:SPSSODescriptor" loGen.SigLocationMod = 2 loGen.SignedInfoCanonAlg = "EXCL_C14N" loGen.SignedInfoDigestMethod = "sha256" * -------- Reference 1 -------- loGen.AddSameDocRef("_AE17AFFF-A600-49D5-B81D-76EEA55B50FF","sha256","EXCL_C14N","","") * Provide a certificate + private key. (PFX password is test123) * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Cert') loCert = CreateObject('Chilkat.Cert') lnSuccess = loCert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123") IF (lnSuccess <> 1) THEN ? loCert.LastErrorText RELEASE loSbXml RELEASE loGen RELEASE loCert CANCEL ENDIF loGen.SetX509Cert(loCert,1) loGen.KeyInfoType = "X509Data+KeyValue" loGen.X509Type = "Certificate" loGen.Behaviors = "IndentedSignature,ForceAddEnvelopedSignatureTransform,OmitAlreadyDefinedSigNamespace" * Sign the XML... lnSuccess = loGen.CreateXmlDSigSb(loSbXml) IF (lnSuccess <> 1) THEN ? loGen.LastErrorText RELEASE loSbXml RELEASE loGen RELEASE loCert CANCEL ENDIF * ----------------------------------------------- * Save the signed XML to a file. lnSuccess = loSbXml.WriteFile("qa_output/signedXml.xml","utf-8",0) ? loSbXml.GetAsString() * ---------------------------------------- * Verify the signatures we just produced... * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.XmlDSig') loVerifier = CreateObject('Chilkat.XmlDSig') lnSuccess = loVerifier.LoadSignatureSb(loSbXml) IF (lnSuccess <> 1) THEN ? loVerifier.LastErrorText RELEASE loSbXml RELEASE loGen RELEASE loCert RELEASE loVerifier CANCEL ENDIF lnNumSigs = loVerifier.NumSignatures lnVerifyIdx = 0 DO WHILE lnVerifyIdx < lnNumSigs loVerifier.Selector = lnVerifyIdx lnVerified = loVerifier.VerifySignature(1) IF (lnVerified <> 1) THEN ? loVerifier.LastErrorText RELEASE loSbXml RELEASE loGen RELEASE loCert RELEASE loVerifier CANCEL ENDIF lnVerifyIdx = lnVerifyIdx + 1 ENDDO ? "All signatures were successfully verified." RELEASE loSbXml RELEASE loGen RELEASE loCert RELEASE loVerifier |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.