SQL Server
SQL Server
Sign with BinarySecurityToken
See more XML Digital Signatures Examples
Demonstrates creating an XML signature using a BinarySecurityToken.Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
-- -------------------------------------------------------------------------
-- Load a cert + private key from a PFX.
DECLARE @cert int
EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
EXEC sp_OAMethod @cert, 'LoadPfxFile', @success OUT, 'qa_data/pfx/cert_test123.pfx', 'test123'
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @cert
RETURN
END
-- -------------------------------------------------------------------------
-- Create the XML that is to be signed.
--
-- The XML we're creating can be found at Sample Pre-Signed XML with BinarySecurityToken
-- The online tool at http://tools.chilkat.io/xmlCreate.cshtml can be used to generate the following XML creation code.
--
DECLARE @xml int
EXEC @hr = sp_OACreate 'Chilkat.Xml', @xml OUT
EXEC sp_OASetProperty @xml, 'Tag', 'S:Envelope'
EXEC sp_OAMethod @xml, 'AddAttribute', @success OUT, 'xmlns:S', 'http://www.w3.org/2003/05/soap-envelope'
EXEC sp_OAMethod @xml, 'AddAttribute', @success OUT, 'xmlns:wsse11', 'http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd'
EXEC sp_OAMethod @xml, 'AddAttribute', @success OUT, 'xmlns:wsse', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
EXEC sp_OAMethod @xml, 'AddAttribute', @success OUT, 'xmlns:wsu', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
EXEC sp_OAMethod @xml, 'AddAttribute', @success OUT, 'xmlns:xs', 'http://www.w3.org/2001/XMLSchema'
EXEC sp_OAMethod @xml, 'AddAttribute', @success OUT, 'xmlns:ds', 'http://www.w3.org/2000/09/xmldsig#'
EXEC sp_OAMethod @xml, 'AddAttribute', @success OUT, 'xmlns:exc14n', 'http://www.w3.org/2001/10/xml-exc-c14n#'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|To', 1, 'xmlns', 'http://www.w3.org/2005/08/addressing'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|To', 1, 'wsu:Id', '_5002'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Header|To', 'https://XXXXXXXXX'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|Action', 1, 'xmlns', 'http://www.w3.org/2005/08/addressing'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|Action', 1, 'xmlns:S', 'http://www.w3.org/2003/05/soap-envelope'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|Action', 1, 'S:mustUnderstand', 'true'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Header|Action', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|ReplyTo', 1, 'xmlns', 'http://www.w3.org/2005/08/addressing'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Header|ReplyTo|Address', 'http://www.w3.org/2005/08/addressing/anonymous'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|FaultTo', 1, 'xmlns', 'http://www.w3.org/2005/08/addressing'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Header|FaultTo|Address', 'http://www.w3.org/2005/08/addressing/anonymous'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|MessageID', 1, 'xmlns', 'http://www.w3.org/2005/08/addressing'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Header|MessageID', 'uuid:e9033251-4ff0-4618-8baf-4952ab5fd207'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security', 1, 'S:mustUnderstand', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security|wsu:Timestamp', 1, 'xmlns:ns17', 'http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security|wsu:Timestamp', 1, 'xmlns:ns16', 'http://schemas.xmlsoap.org/soap/envelope/'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security|wsu:Timestamp', 1, 'wsu:Id', '_1'
-- Get the current date/time in timestamp format, such as "2018-05-23T02:38:27Z"
DECLARE @dt int
EXEC @hr = sp_OACreate 'Chilkat.CkDateTime', @dt OUT
EXEC sp_OAMethod @dt, 'SetFromCurrentSystemTime', @success OUT
EXEC sp_OAMethod @dt, 'GetAsTimestamp', @sTmp0 OUT, 0
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Header|wsse:Security|wsu:Timestamp|wsu:Created', @sTmp0
-- Add 5 minutes.
EXEC sp_OAMethod @dt, 'AddSeconds', @success OUT, 300
EXEC sp_OAMethod @dt, 'GetAsTimestamp', @sTmp0 OUT, 0
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Header|wsse:Security|wsu:Timestamp|wsu:Expires', @sTmp0
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security|wsse:BinarySecurityToken', 1, 'xmlns:ns17', 'http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security|wsse:BinarySecurityToken', 1, 'xmlns:ns16', 'http://schemas.xmlsoap.org/soap/envelope/'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security|wsse:BinarySecurityToken', 1, 'ValueType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security|wsse:BinarySecurityToken', 1, 'EncodingType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Header|wsse:Security|wsse:BinarySecurityToken', 1, 'wsu:Id', 'uuid_43470044-78b4-4b23-926a-b7f590d24cb8'
DECLARE @bdCert int
EXEC @hr = sp_OACreate 'Chilkat.BinData', @bdCert OUT
EXEC sp_OAMethod @cert, 'ExportCertDerBd', @success OUT, @bdCert
-- Get the cert as base64 on one line.
EXEC sp_OAMethod @bdCert, 'GetEncoded', @sTmp0 OUT, 'base64'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Header|wsse:Security|wsse:BinarySecurityToken', @sTmp0
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken', 1, 'xmlns', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Body|RequestSecurityToken|RequestType', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|wsp:AppliesTo', 1, 'xmlns:wsp', 'http://schemas.xmlsoap.org/ws/2004/09/policy'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|wsp:AppliesTo|EndpointReference:EndpointReference', 1, 'xmlns:EndpointReference', 'http://www.w3.org/2005/08/addressing'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|wsp:AppliesTo|EndpointReference:EndpointReference', 1, 'xmlns', 'http://www.w3.org/2005/08/addressing'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Body|RequestSecurityToken|wsp:AppliesTo|EndpointReference:EndpointReference|Address', 'https://XXXXXXXXX/services'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Body|RequestSecurityToken|TokenType', 'http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims', 1, 'xmlns:i', 'http://schemas.xmlsoap.org/ws/2005/05/identity'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims', 1, 'Dialect', 'http://schemas.xmlsoap.org/ws/2005/05/identity'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType', 1, 'Optional', 'false'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/abn'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[1]', 1, 'Optional', 'false'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[1]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/commonname'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[2]', 1, 'Optional', 'false'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[2]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/credentialtype'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[3]', 1, 'Optional', 'false'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[3]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/samlsubjectid'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[4]', 1, 'Optional', 'false'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[4]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/fingerprint'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[5]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[5]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/sbr_personid'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[6]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[6]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/givennames'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[7]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[7]', 1, 'Uri', 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[8]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[8]', 1, 'Uri', 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[9]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[9]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/credentialadministrator'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[10]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[10]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/stalecrlminutes'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[11]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[11]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/subjectdn'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[12]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[12]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/issuerdn'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[13]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[13]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/notafterdate'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[14]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[14]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/certificateserialnumber'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[15]', 1, 'Optional', 'true'
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Claims|i:ClaimType[15]', 1, 'Uri', 'http://XXXXXXXXX/2008/06/identity/claims/previoussubject'
EXEC sp_OAMethod @dt, 'SetFromCurrentSystemTime', @success OUT
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Lifetime|wsu:Created', 1, 'xmlns:wsu', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
EXEC sp_OAMethod @dt, 'GetAsTimestamp', @sTmp0 OUT, 0
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Body|RequestSecurityToken|Lifetime|wsu:Created', @sTmp0
-- Add 40 minutes.
EXEC sp_OAMethod @dt, 'AddSeconds', @success OUT, 2400
EXEC sp_OAMethod @xml, 'UpdateAttrAt', @success OUT, 'S:Body|RequestSecurityToken|Lifetime|wsu:Expires', 1, 'xmlns:wsu', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
EXEC sp_OAMethod @dt, 'GetAsTimestamp', @sTmp0 OUT, 0
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Body|RequestSecurityToken|Lifetime|wsu:Expires', @sTmp0
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Body|RequestSecurityToken|KeyType', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey'
EXEC sp_OAMethod @xml, 'UpdateChildContent', NULL, 'S:Body|RequestSecurityToken|KeySize', '512'
-- Examine the pre-signed XML
-- println xml.GetXml();
-- Build the custom KeyInfo XML we'll use:
--
-- <wsse:SecurityTokenReference>
-- <wsse:Reference URI="#uuid_43470044-78b4-4b23-926a-b7f590d24cb8" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" /></wsse:SecurityTokenReference>
DECLARE @keyInfoXml int
EXEC @hr = sp_OACreate 'Chilkat.Xml', @keyInfoXml OUT
EXEC sp_OASetProperty @keyInfoXml, 'Tag', 'wsse:SecurityTokenReference'
EXEC sp_OAMethod @keyInfoXml, 'UpdateAttrAt', @success OUT, 'wsse:Reference', 1, 'URI', '#uuid_43470044-78b4-4b23-926a-b7f590d24cb8'
EXEC sp_OAMethod @keyInfoXml, 'UpdateAttrAt', @success OUT, 'wsse:Reference', 1, 'ValueType', 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'
-- -------------------------------------------------------------------------
-- Setup the XML Digital Signature Generator and add the XML Signature.
--
DECLARE @gen int
EXEC @hr = sp_OACreate 'Chilkat.XmlDSigGen', @gen OUT
EXEC sp_OASetProperty @gen, 'SigLocation', 'S:Envelope|S:Header|wsse:Security'
EXEC sp_OASetProperty @gen, 'SignedInfoPrefixList', 'wsse S'
EXEC sp_OAMethod @gen, 'AddSameDocRef', @success OUT, '_1', 'sha1', 'EXCL_C14N', 'wsu wsse S', ''
EXEC sp_OAMethod @gen, 'AddSameDocRef', @success OUT, '_5002', 'sha1', 'EXCL_C14N', 'S', ''
EXEC sp_OASetProperty @gen, 'KeyInfoType', 'Custom'
EXEC sp_OASetProperty @keyInfoXml, 'EmitXmlDecl', 0
EXEC sp_OAMethod @keyInfoXml, 'GetXml', @sTmp0 OUT
EXEC sp_OASetProperty @gen, 'CustomKeyInfoXml', @sTmp0
-- Specify the cert for signing (which has a private key because it was loaded from a PFX)
EXEC sp_OAMethod @gen, 'SetX509Cert', @success OUT, @cert, 1
-- Indicated we want an indented signature for easier human reading.
EXEC sp_OASetProperty @gen, 'Behaviors', 'IndentedSignature'
-- Sign the XML..
DECLARE @sbXml int
EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbXml OUT
EXEC sp_OAMethod @xml, 'GetXmlSb', @success OUT, @sbXml
EXEC sp_OAMethod @gen, 'CreateXmlDSigSb', @success OUT, @sbXml
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @gen, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @cert
EXEC @hr = sp_OADestroy @xml
EXEC @hr = sp_OADestroy @dt
EXEC @hr = sp_OADestroy @bdCert
EXEC @hr = sp_OADestroy @keyInfoXml
EXEC @hr = sp_OADestroy @gen
EXEC @hr = sp_OADestroy @sbXml
RETURN
END
-- Examine the signed XML
EXEC sp_OAMethod @sbXml, 'GetAsString', @sTmp0 OUT
PRINT @sTmp0
-- The resulting signature (extracted from the surrounding XML) looks something like this:
-- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-- <ds:SignedInfo>
-- <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
-- <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse S" />
-- </ds:CanonicalizationMethod>
-- <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
-- <ds:Reference URI="#_1">
-- <ds:Transforms>
-- <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
-- <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsu wsse S" />
-- </ds:Transform>
-- </ds:Transforms>
-- <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
-- <ds:DigestValue>VAJMC/L/BDvml7Qv5CBMePbKDE8=</ds:DigestValue>
-- </ds:Reference>
-- <ds:Reference URI="#_5002">
-- <ds:Transforms>
-- <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
-- <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="S" />
-- </ds:Transform>
-- </ds:Transforms>
-- <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
-- <ds:DigestValue>sW/QFsk6kGv1dzeu0H9Qc/2kvAQ=</ds:DigestValue>
-- </ds:Reference>
-- </ds:SignedInfo>
-- <ds:SignatureValue>....</ds:SignatureValue>
-- <ds:KeyInfo>
-- <wsse:SecurityTokenReference>
-- <wsse:Reference URI="#uuid_43470044-78b4-4b23-926a-b7f590d24cb8" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
-- </wsse:SecurityTokenReference>
-- </ds:KeyInfo>
-- </ds:Signature>
--
EXEC @hr = sp_OADestroy @cert
EXEC @hr = sp_OADestroy @xml
EXEC @hr = sp_OADestroy @dt
EXEC @hr = sp_OADestroy @bdCert
EXEC @hr = sp_OADestroy @keyInfoXml
EXEC @hr = sp_OADestroy @gen
EXEC @hr = sp_OADestroy @sbXml
END
GO