SQL Server
SQL Server
Verify HMAC XML Digital Signature
See more XML Digital Signatures Examples
Demonstrates how to validate an XML digital signature signed with an HMAC key.Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
-- The XML containing the Signature to be verified contains the following:
-- <?xml version="1.0" encoding="UTF-8" standalone="no"?>
-- <collection Id="root">
-- <album>
-- <title>Questions, unanswered</title>
-- <artist>Steve and the flubberblubs</artist>
-- <year>1989</year>
-- <t:tracks xmlns:t="http://test.xades4j/tracks">
-- <t:song length="4:05" tracknumber="1">
-- <t:title>What do you know?</t:title>
-- <t:artist>Steve and the flubberblubs</t:artist>
-- <t:lastplayed>2006-10-17-08:31</t:lastplayed>
-- </t:song>
-- <t:song length="3:45" tracknumber="2">
-- <t:title>Who do you know?</t:title>
-- <t:artist>Steve and the flubberblubs</t:artist>
-- <t:lastplayed>2006-10-17-08:35</t:lastplayed>
-- </t:song>
-- <t:song length="5:14" tracknumber="3">
-- <t:title>When do you know?</t:title>
-- <t:artist>Steve and the flubberblubs</t:artist>
-- <t:lastplayed>2006-10-17-08:39</t:lastplayed>
-- </t:song>
-- <t:song length="4:19" tracknumber="4">
-- <t:title>Do you know?</t:title>
-- <t:artist>Steve and the flubberblubs</t:artist>
-- <t:lastplayed>2006-10-17-08:44</t:lastplayed>
-- </t:song>
-- </t:tracks>
-- </album>
-- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/><ds:Reference URI="#root"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>rD/g8soqKz8EiPUBhEWfcQacS0ta4ULHX3dKMEH6ZoQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>R8dXP95VRYJBfL6d0Peogybdk27+R+JIfX8jnVu0NOI=</ds:SignatureValue></ds:Signature></collection>
-- The above XML is available at https://www.chilkatsoft.com/exampleData/hmacSigned.xml
-- First fetch the XML..
DECLARE @url nvarchar(4000)
SELECT @url = 'https://www.chilkatsoft.com/exampleData/hmacSigned.xml'
DECLARE @http int
EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
DECLARE @sbXml int
EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbXml OUT
EXEC sp_OAMethod @http, 'QuickGetSb', @success OUT, @url, @sbXml
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @sbXml
RETURN
END
DECLARE @verifier int
EXEC @hr = sp_OACreate 'Chilkat.XmlDSig', @verifier OUT
-- Load the XML containing the signature to be verified.
EXEC sp_OAMethod @verifier, 'LoadSignatureSb', @success OUT, @sbXml
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @verifier, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @sbXml
EXEC @hr = sp_OADestroy @verifier
RETURN
END
-- Provide the HMAC key
-- The HMAC key for this signature is the us-ascii bytes of the string "secret",
-- It can be set in any of the following ways (and also more ways not shown here..)
EXEC sp_OAMethod @verifier, 'SetHmacKey', @success OUT, 'secret', 'ascii'
-- or
EXEC sp_OAMethod @verifier, 'SetHmacKey', @success OUT, 'c2VjcmV0', 'base64'
-- or
EXEC sp_OAMethod @verifier, 'SetHmacKey', @success OUT, '736563726574', 'hex'
-- Verify the signature
DECLARE @bVerified int
EXEC sp_OAMethod @verifier, 'VerifySignature', @bVerified OUT, 1
PRINT 'Signature verified = ' + @bVerified
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @sbXml
EXEC @hr = sp_OADestroy @verifier
END
GO