Chilkat HOME Android™ Classic ASP C C++ C# Mono C# .NET Core C# C# UWP/WinRT DataFlex Delphi ActiveX Delphi DLL Visual FoxPro Java Lianja MFC Objective-C Perl PHP ActiveX PHP Extension PowerBuilder PowerShell PureBasic CkPython Chilkat2-Python Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ Visual Basic 6.0 VB.NET VB.NET UWP/WinRT VBScript Xojo Plugin Node.js Excel Go
(MFC) Signed SOAP for www.sist.puglia.it/Schemas/PDD_SIST/SCATEL/ using BinarySecurityTokenCreates a signed SOAP request for www.sist.puglia.it/Schemas/PDD_SIST/SCATEL/ using a BinarySecurityToken.
#include <CkXml.h> #include <CkDateTime.h> #include <CkXmlDSigGen.h> #include <CkCert.h> #include <CkStringBuilder.h> #include <CkBinData.h> #include <CkXmlDSig.h> void ChilkatSample(void) { CkString strOut; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Create the following pre-signed SOAP XML: // Note: We'll be constructing a placeholder for the wseBinarySecurityToken in the soapenv:Header. // Chilkat will automatically replace the "BinarySecurityToken_Base64Binary_Content" with actual data when signing the XML. // However: Your application should insert the actual desired timestamp values for wsu:Created and wsuExpires // Typically this is the current system date/time and a few minutes from the current system date/time. // The example below shows a 5 minute window. We'll write code below to insert the current date/time and the current date/time + 5 minutes.. // <?xml version="1.0" encoding="utf-8"?> // <soapenv:Envelope // xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" // xmlns:scat="www.sist.puglia.it/Schemas/PDD_SIST/SCATEL/" // xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" // xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" // xmlns:ds="http://www.w3.org/2000/09/xmldsig#" // xmlns:exc14n="http://www.w3.org/2001/10/xml-exc-c14n#"> // <soapenv:Header xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> // <wsse:Security soapenv:mustUnderstand="1"> // <wsse:BinarySecurityToken // ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" // EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" // wsu:Id="X509Token">BinarySecurityToken_Base64Binary_Content</wsse:BinarySecurityToken> // <wsu:Timestamp wsu:Id="_1"> // <wsu:Created>2020-03-20T18:08:19Z</wsu:Created> // <wsu:Expires>2020-03-20T18:13:19Z</wsu:Expires> // </wsu:Timestamp> // </wsse:Security> // <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/> // </soapenv:Header> // <soapenv:Body> // <scat:getRuoliStruttureOperatore> // <scat:codFiscaleOperatore>CLDxxxxxxxxxxxxL</scat:codFiscaleOperatore> // </scat:getRuoliStruttureOperatore> // </soapenv:Body> // </soapenv:Envelope> bool success = true; // Create the XML to be signed... CkXml xmlToSign; xmlToSign.put_Tag("soapenv:Envelope"); xmlToSign.AddAttribute("xmlns:soapenv","http://schemas.xmlsoap.org/soap/envelope/"); xmlToSign.AddAttribute("xmlns:scat","www.sist.puglia.it/Schemas/PDD_SIST/SCATEL/"); xmlToSign.AddAttribute("xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); xmlToSign.AddAttribute("xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); xmlToSign.AddAttribute("xmlns:ds","http://www.w3.org/2000/09/xmldsig#"); xmlToSign.AddAttribute("xmlns:exc14n","http://www.w3.org/2001/10/xml-exc-c14n#"); xmlToSign.UpdateAttrAt("soapenv:Header",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); xmlToSign.UpdateAttrAt("soapenv:Header|wsse:Security",true,"soapenv:mustUnderstand","1"); xmlToSign.UpdateAttrAt("soapenv:Header|wsse:Security|wsse:BinarySecurityToken",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"); xmlToSign.UpdateAttrAt("soapenv:Header|wsse:Security|wsse:BinarySecurityToken",true,"EncodingType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"); xmlToSign.UpdateAttrAt("soapenv:Header|wsse:Security|wsse:BinarySecurityToken",true,"wsu:Id","X509Token"); xmlToSign.UpdateChildContent("soapenv:Header|wsse:Security|wsse:BinarySecurityToken","BinarySecurityToken_Base64Binary_Content"); xmlToSign.UpdateAttrAt("soapenv:Header|wsse:Security|wsu:Timestamp",true,"wsu:Id","_1"); // Insert a 5-minute timestampe window. CkDateTime dtNow; dtNow.SetFromCurrentSystemTime(); xmlToSign.UpdateChildContent("soapenv:Header|wsse:Security|wsu:Timestamp|wsu:Created",dtNow.getAsTimestamp(false)); // Add 5 minutes to the time. dtNow.AddSeconds(300); xmlToSign.UpdateChildContent("soapenv:Header|wsse:Security|wsu:Timestamp|wsu:Expires",dtNow.getAsTimestamp(false)); xmlToSign.UpdateAttrAt("soapenv:Header|wsse:Security[1]",true,"xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); xmlToSign.UpdateChildContent("soapenv:Body|scat:getRuoliStruttureOperatore|scat:codFiscaleOperatore","CLDxxxxxxxxxxxxL"); strOut.append("XML to sign:"); strOut.append("\r\n"); strOut.append(xmlToSign.getXml()); strOut.append("\r\n"); CkXmlDSigGen gen; gen.put_SigLocation("soapenv:Envelope|soapenv:Header|wsse:Security"); gen.put_SigLocationMod(0); gen.put_SigNamespacePrefix("ds"); gen.put_SigNamespaceUri("http://www.w3.org/2000/09/xmldsig#"); gen.put_SignedInfoCanonAlg("EXCL_C14N"); gen.put_SignedInfoDigestMethod("sha1"); // Set the KeyInfoId before adding references.. gen.put_KeyInfoId("X509KeyId"); // -------- Reference 1 -------- gen.AddSameDocRef("_1","sha1","EXCL_C14N","",""); // Provide a certificate + private key. (PFX password is test123) CkCert cert; success = cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123"); if (success != true) { strOut.append(cert.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } gen.SetX509Cert(cert,true); gen.put_KeyInfoType("Custom"); // Create the custom KeyInfo XML.. CkXml xmlCustomKeyInfo; xmlCustomKeyInfo.put_Tag("wsse:SecurityTokenReference"); xmlCustomKeyInfo.AddAttribute("wsu:Id","X509TokenReference"); xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"URI","#X509Token"); xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"); xmlCustomKeyInfo.put_EmitXmlDecl(false); gen.put_CustomKeyInfoXml(xmlCustomKeyInfo.getXml()); // Load XML to be signed... CkStringBuilder sbXml; xmlToSign.GetXmlSb(sbXml); // Update BinarySecurityToken_Base64Binary_Content with the actual X509 of the signing cert. CkBinData bdCert; cert.ExportCertDerBd(bdCert); CkStringBuilder sbCert64; bdCert.GetEncodedSb("base64",sbCert64); int nReplaced = sbXml.Replace("BinarySecurityToken_Base64Binary_Content",sbCert64.getAsString()); gen.put_Behaviors("IndentedSignature"); // Sign the XML... success = gen.CreateXmlDSigSb(sbXml); if (success != true) { strOut.append(gen.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // ----------------------------------------------- // Save the signed XML to a file. success = sbXml.WriteFile("qa_output/signedXml.xml","utf-8",false); strOut.append(sbXml.getAsString()); strOut.append("\r\n"); // Produces the following signed XML: // Note: The following has been edited for readability. Therefore, what you see here will not actually validate because it's been modified. // <?xml version="1.0" encoding="utf-8"?> // <soapenv:Envelope // xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" // xmlns:scat="www.sist.puglia.it/Schemas/PDD_SIST/SCATEL/" // xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" // xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" // xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:exc14n="http://www.w3.org/2001/10/xml-exc-c14n#"> // <soapenv:Header xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> // <wsse:Security soapenv:mustUnderstand="1"> // <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="X509Token">MIIFNTCCBB2gAwIBAgIQHozVnBl1lTsusAh26u6WZTANBgkqhkiG9w0BAQsFADCB // lzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G // A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPTA7BgNV // BAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUg // RW1haWwgQ0EwHhcNMTcxMjE0MDAwMDAwWhcNMTgxMjE0MjM1OTU5WjAmMSQwIgYJ // KoZIhvcNAQkBFhVhc2Rhc2Rhc2Rhc2RkQGJ5b20uZGUwggEiMA0GCSqGSIb3DQEB // AQUAA4IBDwAwggEKAoIBAQC96oQe50EDoiuJVITeKJzy6GzVq74cEa14eFypjMNb // YVyedfCI6cn9pVClLqL7dlwxFGCRA62bbNE9woKLBT3SO1IvgoFDVIrbJm+84GEo // qQReZe8HpZnF06d3DWwhUjjcuO1z2yliGdSymSee8/1OaztxEAEOWaZR+4MkfSNc // AzzjGtKcKjVMSdiiO0JGAG/IXEwzlulfkF8zVdqDGkQTQesvT4WBys4BYwTDI64d // sM7rcC9vwuK6gvpkUi9i1Wzu0W4v9T3iHAbl3rLihPcjQ95c4q7+NjwpRqQW1VXR // enR/0iyLEFOek0D4JvOoscUwJ0LYd8f9SxFEWIzc4iAfAgMBAAGjggHrMIIB5zAf // BgNVHSMEGDAWgBSCr2yM+MX+lmF86B89K3FIXsSLwDAdBgNVHQ4EFgQUrC0DOyBB // AgOWgo2EfVZbppe3xfEwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwIAYD // VR0lBBkwFwYIKwYBBQUHAwQGCysGAQQBsjEBAwUCMBEGCWCGSAGG+EIBAQQEAwIF // IDBGBgNVHSAEPzA9MDsGDCsGAQQBsjEBAgEBATArMCkGCCsGAQUFBwIBFh1odHRw // czovL3NlY3VyZS5jb21vZG8ubmV0L0NQUzBaBgNVHR8EUzBRME+gTaBLhklodHRw // Oi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDbGllbnRBdXRoZW50aWNhdGlv // bmFuZFNlY3VyZUVtYWlsQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUH // MAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNsaWVudEF1dGhl // bnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6 // Ly9vY3NwLmNvbW9kb2NhLmNvbTAgBgNVHREEGTAXgRVhc2Rhc2Rhc2Rhc2RkQGJ5 // b20uZGUwDQYJKoZIhvcNAQELBQADggEBAHEQTr0WFcwHVk0xozn26P3s6i3RWEco // kNr8AdOtEvU0UYf1AfyVxUs04rS3Fs0lu2TD0840S3R687xF4HXhLYxSdD0QoZyU // S2mgxxyVxCqhwptmLn7ZQjUKEuK6Kv6wZ3/XugsBoNrMYWlYX8g2jWVDBCJ+Z0eT // QkaYkeSxzBSMQP3DxJS/bWh5LfwSyWYk4a3SVRJV4QVyBDXKt2uwjj1wWfxfGtiw // 6uAd2F3YIymZKsRVdrU6+h0gXMnmtpX8T+SDV6M72PP2/ZzF6gVVItyyrIScK1J8 // mcEaR5GGkLBk1s9qQM9esp3FRlACVeb1Qlytr4vgc5FlCqn0rMtjlF4= // </wsse:BinarySecurityToken> // <wsu:Timestamp wsu:Id="_1"> // <wsu:Created>2020-03-26T17:19:50Z</wsu:Created> // <wsu:Expires>2020-03-26T17:24:50Z</wsu:Expires> // </wsu:Timestamp> // </wsse:Security> // <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> // <ds:SignedInfo> // <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> // <ds:Reference URI="#_1"> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> // <ds:DigestValue>cwrTw7wFZqNc50NxE//UT11qZCY=</ds:DigestValue> // </ds:Reference> // </ds:SignedInfo> // <ds:SignatureValue>s2UmYNVDz9dm3eU ... 619qSZqw==</ds:SignatureValue> // <ds:KeyInfo Id="X509KeyId"><wsse:SecurityTokenReference wsu:Id="X509TokenReference"> // <wsse:Reference URI="#X509Token" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/> // </wsse:SecurityTokenReference> // </ds:KeyInfo> // </ds:Signature></wsse:Security> // </soapenv:Header> // <soapenv:Body> // <scat:getRuoliStruttureOperatore> // <scat:codFiscaleOperatore>CLDxxxxxxxxxxxxL</scat:codFiscaleOperatore> // </scat:getRuoliStruttureOperatore> // </soapenv:Body> // </soapenv:Envelope> // ---------------------------------------- // Verify the signatures we just produced... CkXmlDSig verifier; success = verifier.LoadSignatureSb(sbXml); if (success != true) { strOut.append(verifier.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } int numSigs = verifier.get_NumSignatures(); int verifyIdx = 0; while (verifyIdx < numSigs) { verifier.put_Selector(verifyIdx); bool verified = verifier.VerifySignature(true); if (verified != true) { strOut.append(verifier.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } verifyIdx = verifyIdx + 1; } strOut.append("All signatures were successfully verified."); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); } |
© 2000-2022 Chilkat Software, Inc. All Rights Reserved.