Sample code for 30+ languages & platforms
SQL Server

Create XML Signature with External Data Reference

See more XML Digital Signatures Examples

Demonstrates how to create an XML digital signature where the data is external. In this case, the data is a JPG file.

This example requires Chilkat v9.5.0.69 or greater.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- This example inserts an XML signature in the following XML:

    -- <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    -- <abc>
    --   <xyz>
    --     <jpg>
    --         <name>starfish.jpg</name>
    --         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
    --     </jpg>
    --   </xyz>
    -- </abc>

    -- The above XML is available at https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml
    -- First fetch the XML:

    DECLARE @url nvarchar(4000)
    SELECT @url = 'https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml'
    DECLARE @http int
    EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @sbXml int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbXml OUT

    EXEC sp_OAMethod @http, 'QuickGetSb', @success OUT, @url, @sbXml
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @sbXml
        RETURN
      END

    -- We'll use an RSA private key for signing.  
    DECLARE @rsaKey int
    EXEC @hr = sp_OACreate 'Chilkat.PrivateKey', @rsaKey OUT

    EXEC sp_OAMethod @rsaKey, 'LoadPemFile', @success OUT, 'qa_data/rsa/rsaPrivKey_pkcs8.pem'
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @rsaKey, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @rsaKey
        RETURN
      END

    DECLARE @xmlSigGen int
    EXEC @hr = sp_OACreate 'Chilkat.XmlDSigGen', @xmlSigGen OUT

    -- Indicate were the Signature will be inserted:
    EXEC sp_OASetProperty @xmlSigGen, 'SigLocation', 'abc|xyz|jpg'

    -- Provide the RSA key to be used for signing:
    EXEC sp_OAMethod @xmlSigGen, 'SetPrivateKey', @success OUT, @rsaKey

    -- Fetch the JPG image data.
    DECLARE @jpgUrl nvarchar(4000)
    SELECT @jpgUrl = 'https://www.chilkatsoft.com/images/starfish.jpg'
    DECLARE @jpgData int
    EXEC @hr = sp_OACreate 'Chilkat.BinData', @jpgData OUT

    EXEC sp_OAMethod @http, 'QuickGetBd', @success OUT, @jpgUrl, @jpgData
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @rsaKey
        EXEC @hr = sp_OADestroy @xmlSigGen
        EXEC @hr = sp_OADestroy @jpgData
        RETURN
      END

    -- Add the external data reference:
    EXEC sp_OAMethod @xmlSigGen, 'AddExternalBinaryRef', @success OUT, @jpgUrl, @jpgData, 'sha256', ''

    -- Create the XML digital signature:
    EXEC sp_OAMethod @xmlSigGen, 'CreateXmlDSigSb', @success OUT, @sbXml
    IF @success <> 1
      BEGIN
        EXEC sp_OAGetProperty @xmlSigGen, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @sbXml
        EXEC @hr = sp_OADestroy @rsaKey
        EXEC @hr = sp_OADestroy @xmlSigGen
        EXEC @hr = sp_OADestroy @jpgData
        RETURN
      END

    -- Examine the XML that now contains the Signature:
    EXEC sp_OAMethod @sbXml, 'GetAsString', @sTmp0 OUT
    PRINT @sTmp0

    -- <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    -- <abc>
    --   <xyz>
    --     <jpg>
    --         <name>starfish.jpg</name>
    --         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
    --     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ApHRr6nilNrzt3dLveC9zlPoSllaCMfHsbAwr+vYBPkHkJ4wD5LzDDhi1tSJZAAeTckmvSqIG3Wi0rgXQiSM644MD3coBFx4QgrY+GZ+XJJE2Y0Ye3VvaQBiRdUW3INGsW4GLubncgQk5JhuAQjo6O/GKpfEuYqUJj/6CLHLQwMPwbZ2043ykgzuPFoOZf6EydJMBAn1ORMvrpUn+zuA9UngOTGap6eWE4CeiNx23BRC2wSztbUjdCLcqXvgiYu/v0tBNaTcwy7b6+IFtwv/lNUUBUQJ/3p+aErzFn3wLeH3yeqpDCU0U6Dqu5SS1jYupcWWsLHJjYnj2066DPJi/g==</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:RSAKeyValue><ds:Modulus>sXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNiwUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv/gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyTEvb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUbE9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRw==</ds:Modulus><ds:Exponent>AQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue></ds:KeyInfo></ds:Signature></jpg>
    --   </xyz>
    -- </abc>
    -- 

    EXEC @hr = sp_OADestroy @http
    EXEC @hr = sp_OADestroy @sbXml
    EXEC @hr = sp_OADestroy @rsaKey
    EXEC @hr = sp_OADestroy @xmlSigGen
    EXEC @hr = sp_OADestroy @jpgData


END
GO