|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(SQL Server) Verify XML Signature with External URL ReferencesDemonstrates how to verify an XML digital signature that includes references to URLs where the data to be digested is on a web server.
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int DECLARE @iTmp0 int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) -- This example requires the Chilkat API to have been previously unlocked. -- See Global Unlock Sample for sample code. -- The signed XML we wish to verify contains external references such as this: -- <ds:Reference Id="xmldsig-e7ae7ce2-9133-4d56-bd97-0a6aef738cc2-ref0" URI="https://www.chilkatsoft.com/images/starfish.jpg"> -- <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> -- <ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue> -- </ds:Reference> -- <ds:Reference Id="xmldsig-e7ae7ce2-9133-4d56-bd97-0a6aef738cc2-ref1" URI="https://www.chilkatsoft.com/hamlet.xml"> -- <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> -- <ds:DigestValue>4sRRyWOzC7EOic4fQ9+Op1pa10DbgoBGjBvkq09LZmE=</ds:DigestValue> -- </ds:Reference> DECLARE @verifier int -- Use "Chilkat_9_5_0.XmlDSig" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.XmlDSig', @verifier OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END DECLARE @http int -- Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT -- First load the signed XML DECLARE @sbSignedXml int -- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbSignedXml OUT DECLARE @success int EXEC sp_OAMethod @sbSignedXml, 'LoadFile', @success OUT, 'qa_data/xml_dsig_verify/signedWithExternalUrlRefs.xml', 'utf-8' IF @success = 0 BEGIN PRINT 'Failed to load signed XML.' EXEC @hr = sp_OADestroy @verifier EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @sbSignedXml RETURN END EXEC sp_OAMethod @verifier, 'LoadSignatureSb', @success OUT, @sbSignedXml IF @success = 0 BEGIN EXEC sp_OAGetProperty @verifier, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @verifier EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @sbSignedXml RETURN END -- Iterate over each reference. If it is an external URL reference, download the data and provide it to the verifier. DECLARE @sbRefUri int -- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbRefUri OUT DECLARE @bd int -- Use "Chilkat_9_5_0.BinData" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.BinData', @bd OUT DECLARE @numRefs int EXEC sp_OAGetProperty @verifier, 'NumReferences', @numRefs OUT DECLARE @i int SELECT @i = 0 WHILE @i < @numRefs BEGIN EXEC sp_OAMethod @verifier, 'IsReferenceExternal', @iTmp0 OUT, @i IF @iTmp0 = 1 BEGIN EXEC sp_OAMethod @sbRefUri, 'Clear', NULL EXEC sp_OAMethod @verifier, 'ReferenceUri', @sTmp0 OUT, @i EXEC sp_OAMethod @sbRefUri, 'Append', @success OUT, @sTmp0 EXEC sp_OAMethod @sbRefUri, 'StartsWith', @iTmp0 OUT, 'https://', 0 IF @iTmp0 = 1 BEGIN EXEC sp_OAMethod @sbRefUri, 'GetAsString', @sTmp0 OUT PRINT 'External URL Reference: ' + @sTmp0 -- Download the data at the URL and provide to the verifier. EXEC sp_OAMethod @sbRefUri, 'GetAsString', @sTmp0 OUT EXEC sp_OAMethod @http, 'DownloadBd', @success OUT, @sTmp0, @bd IF @success = 0 BEGIN EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @verifier EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @sbSignedXml EXEC @hr = sp_OADestroy @sbRefUri EXEC @hr = sp_OADestroy @bd RETURN END EXEC sp_OAMethod @verifier, 'SetRefDataBd', @success OUT, @i, @bd IF @success = 0 BEGIN EXEC sp_OAGetProperty @verifier, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @verifier EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @sbSignedXml EXEC @hr = sp_OADestroy @sbRefUri EXEC @hr = sp_OADestroy @bd RETURN END END END SELECT @i = @i + 1 END -- Now that we have the external data, verify the signature.. DECLARE @bVerified int EXEC sp_OAMethod @verifier, 'VerifySignature', @bVerified OUT, 1 IF @bVerified = 0 BEGIN EXEC sp_OAGetProperty @verifier, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 END PRINT 'Signature verified = ' + @bVerified EXEC @hr = sp_OADestroy @verifier EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @sbSignedXml EXEC @hr = sp_OADestroy @sbRefUri EXEC @hr = sp_OADestroy @bd END GO |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.