Chilkat HOME Android™ Classic ASP C C++ C# Mono C# .NET Core C# C# UWP/WinRT DataFlex Delphi ActiveX Delphi DLL Visual FoxPro Java Lianja MFC Objective-C Perl PHP ActiveX PHP Extension PowerBuilder PowerShell PureBasic CkPython Chilkat2-Python Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ Visual Basic 6.0 VB.NET VB.NET UWP/WinRT VBScript Xojo Plugin Node.js Excel Go
(MFC) Verify HMAC XML Digital SignatureDemonstrates how to validate an XML digital signature signed with an HMAC key.
#include <CkHttp.h> #include <CkStringBuilder.h> #include <CkXmlDSig.h> void ChilkatSample(void) { CkString strOut; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // The XML containing the Signature to be verified contains the following: // <?xml version="1.0" encoding="UTF-8" standalone="no"?> // <collection Id="root"> // <album> // <title>Questions, unanswered</title> // <artist>Steve and the flubberblubs</artist> // <year>1989</year> // <t:tracks xmlns:t="http://test.xades4j/tracks"> // <t:song length="4:05" tracknumber="1"> // <t:title>What do you know?</t:title> // <t:artist>Steve and the flubberblubs</t:artist> // <t:lastplayed>2006-10-17-08:31</t:lastplayed> // </t:song> // <t:song length="3:45" tracknumber="2"> // <t:title>Who do you know?</t:title> // <t:artist>Steve and the flubberblubs</t:artist> // <t:lastplayed>2006-10-17-08:35</t:lastplayed> // </t:song> // <t:song length="5:14" tracknumber="3"> // <t:title>When do you know?</t:title> // <t:artist>Steve and the flubberblubs</t:artist> // <t:lastplayed>2006-10-17-08:39</t:lastplayed> // </t:song> // <t:song length="4:19" tracknumber="4"> // <t:title>Do you know?</t:title> // <t:artist>Steve and the flubberblubs</t:artist> // <t:lastplayed>2006-10-17-08:44</t:lastplayed> // </t:song> // </t:tracks> // </album> // <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/><ds:Reference URI="#root"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>rD/g8soqKz8EiPUBhEWfcQacS0ta4ULHX3dKMEH6ZoQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>R8dXP95VRYJBfL6d0Peogybdk27+R+JIfX8jnVu0NOI=</ds:SignatureValue></ds:Signature></collection> // The above XML is available at https://www.chilkatsoft.com/exampleData/hmacSigned.xml // First fetch the XML.. const char *url = "https://www.chilkatsoft.com/exampleData/hmacSigned.xml"; CkHttp http; CkStringBuilder sbXml; bool success = http.QuickGetSb(url,sbXml); if (success != true) { strOut.append(http.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } CkXmlDSig verifier; // Load the XML containing the signature to be verified. success = verifier.LoadSignatureSb(sbXml); if (success != true) { strOut.append(verifier.lastErrorText()); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); return; } // Provide the HMAC key // The HMAC key for this signature is the us-ascii bytes of the string "secret", // It can be set in any of the following ways (and also more ways not shown here..) verifier.SetHmacKey("secret","ascii"); // or verifier.SetHmacKey("c2VjcmV0","base64"); // or verifier.SetHmacKey("736563726574","hex"); // Verify the signature bool bVerified = verifier.VerifySignature(true); strOut.append("Signature verified = "); strOut.appendInt(bVerified); strOut.append("\r\n"); SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); } |
© 2000-2022 Chilkat Software, Inc. All Rights Reserved.