|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Visual FoxPro) Verify XML Signature having KeyInfo / X509Data / X509CertificateThis example demonstrates how to verify an XML Digital Signature where the KeyInfo element contains an X509Data element, which in turn contains an X509Certificate element which contains the base64-encoded certificate.
LOCAL lcSignedSoapXmlUrl LOCAL loHttp LOCAL loSbXml LOCAL lnSuccess LOCAL loVerifier LOCAL lnBVerified * This example requires the Chilkat API to have been previously unlocked. * See Global Unlock Sample for sample code. * The SOAP XML with digital signature verified in this example is available at * https://www.chilkatsoft.com/exampleData/sigWithX509Certificate.xml lcSignedSoapXmlUrl = "https://www.chilkatsoft.com/exampleData/sigWithX509Certificate.xml" * First, let's get the signed SOAP XML.. * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Http') loHttp = CreateObject('Chilkat.Http') * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder') loSbXml = CreateObject('Chilkat.StringBuilder') lnSuccess = loHttp.QuickGetSb(lcSignedSoapXmlUrl,loSbXml) IF (lnSuccess <> 1) THEN ? loHttp.LastErrorText RELEASE loHttp RELEASE loSbXml CANCEL ENDIF * The signed XML downloaded from the above URL contains the following. * Note: Everything we need to verify the signature is already available within the signed XML. * The KeyInfo part of the Signature contains the X.509 certificate in base64 format, * and the public key used to verify the signature is contained within the X.509. * Chilkat automatically fetches and uses the public key from the base64 certificate. * * <?xml version="1.0" encoding="UTF-8" standalone="no" ?> * <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> * <SOAP-ENV:Header> * <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse SOAP-ENV"/></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="#Body"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>PIiVPpuMc1jGpWaL8ftzTOcc4gc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>dlSGYRtxv8DiGQ9THPEdPTlbwjkidCUEutVWkqhnjzKOxjl6EZPp6ibf7ogrn1QJAabo7eb/d2UjD8LXzQYB+q9OmN29dsDcg4i9hzpttjU9xt8Sc3IgdaQ+6NXStWd1AKrjNTCY52sOpIWh45uff/yjf9ynsbCo/UR8+hk6ZDCrM78YEyMj52miXzVQtSZ7f+bvWtz8iPppXXC+/zwGPAI9EPC+9uRHRRh4vzGwid+clMmh9FF/0Oe4n0G5dBZvwLPncwOMg0UxLVs63ZRdTCSku4oKReQieqNr7+hzBAKaS8NRpxMtx2XC5aR0wYMkYT9API/vYubeU0L3r4lplw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDgzCCAmugAwIBAgIBADANBgkqhkiG9w0BAQUFADBcMRUwEwYDVQQDDAxUZXN0IENvbXBhbnkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMTcwOTEzMDA1NTM1WhcNMTgwOTEzMDA1NTM1WjBcMRUwEwYDVQQDDAxUZXN0IENvbXBhbnkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiWRKlx+88u4SKZnfCMraqMsfJCs6tcz3EjMYTWmRKhhUOE9pDkvZfv0mgF7pNHsTKvFRtoVnEVQaZC5TlHNOGa2QWit9YuruWjW8VSaU4s9gR1/Cg9/Zc8Z0yUEDpsaVnwuoARpVzvzoRzPmTNpMNEcQ07aBjHP7OJrwyvcdqQA1BbfDVMmRmw1d+/i8tyR3cTyzl/3TismN5nrmhGh/ZF75FFA/xDN7PbVYDPowiFnEVHiBrYh2mFTabRUnb7K4oLx+d1L5x3Az299F/HYZlBenXpJLtnCL3+HY6qsGXVbzKjlKNqbXsmlzVkChu093weN/qUvWO2883cEiXmdqxAgMBAAGjUDBOMB0GA1UdDgQWBBRsMy2bxsCKYyUYtTYz/zZbz7Le0zAfBgNVHSMEGDAWgBRsMy2bxsCKYyUYtTYz/zZbz7Le0zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBnFQ+Sc3s8y79DTsA7CvvAFeG/zvWQiu8yUM5LO1QcWeQQj29GMThqrY21dNfkynl7mZUMEeXKvwwzweFCc2odiUPHxoV1G4FEtzNaZ8Ap9jye78YQ8SB8NPQwC7ovecfSqNflT4NMAThSuxpGp8Ugf7a24LXozLzLbCRvG9sLGyRneZbfU8B43ELRLCkjzWR32N7D2pmKk4CEMiW0ScphU1JEHaimneMaTFc63hNzKpuj7+BGv4ZuvB1j/Mbmz53PGgFKnGQHPb2TIvMxyB+lML5vE0Bm8YWtP8DNyx11CCCdBdMWfeta6MjmmqcV5/YEq92c5O2Ql94tWFNLR6wQ</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></wsse:Security> * </SOAP-ENV:Header> * <SOAP-ENV:Body xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12" SOAP-SEC:id="Body"> * <z:FooBar xmlns:z="http://example.com" /> * </SOAP-ENV:Body> * </SOAP-ENV:Envelope> * To verify this signature, we simply load and verify: * For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.XmlDSig') loVerifier = CreateObject('Chilkat.XmlDSig') lnSuccess = loVerifier.LoadSignatureSb(loSbXml) IF (lnSuccess <> 1) THEN ? loVerifier.LastErrorText RELEASE loHttp RELEASE loSbXml RELEASE loVerifier CANCEL ENDIF lnBVerified = loVerifier.VerifySignature(1) IF (lnBVerified <> 1) THEN ? loVerifier.LastErrorText RELEASE loHttp RELEASE loSbXml RELEASE loVerifier CANCEL ENDIF ? "Signature verified!" RELEASE loHttp RELEASE loSbXml RELEASE loVerifier |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.