Tcl
Tcl
Verify HMAC XML Digital Signature
See more XML Digital Signatures Examples
Demonstrates how to validate an XML digital signature signed with an HMAC key.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# The XML containing the Signature to be verified contains the following:
# <?xml version="1.0" encoding="UTF-8" standalone="no"?>
# <collection Id="root">
# <album>
# <title>Questions, unanswered</title>
# <artist>Steve and the flubberblubs</artist>
# <year>1989</year>
# <t:tracks xmlns:t="http://test.xades4j/tracks">
# <t:song length="4:05" tracknumber="1">
# <t:title>What do you know?</t:title>
# <t:artist>Steve and the flubberblubs</t:artist>
# <t:lastplayed>2006-10-17-08:31</t:lastplayed>
# </t:song>
# <t:song length="3:45" tracknumber="2">
# <t:title>Who do you know?</t:title>
# <t:artist>Steve and the flubberblubs</t:artist>
# <t:lastplayed>2006-10-17-08:35</t:lastplayed>
# </t:song>
# <t:song length="5:14" tracknumber="3">
# <t:title>When do you know?</t:title>
# <t:artist>Steve and the flubberblubs</t:artist>
# <t:lastplayed>2006-10-17-08:39</t:lastplayed>
# </t:song>
# <t:song length="4:19" tracknumber="4">
# <t:title>Do you know?</t:title>
# <t:artist>Steve and the flubberblubs</t:artist>
# <t:lastplayed>2006-10-17-08:44</t:lastplayed>
# </t:song>
# </t:tracks>
# </album>
# <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/><ds:Reference URI="#root"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>rD/g8soqKz8EiPUBhEWfcQacS0ta4ULHX3dKMEH6ZoQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>R8dXP95VRYJBfL6d0Peogybdk27+R+JIfX8jnVu0NOI=</ds:SignatureValue></ds:Signature></collection>
# The above XML is available at https://www.chilkatsoft.com/exampleData/hmacSigned.xml
# First fetch the XML..
set url "https://www.chilkatsoft.com/exampleData/hmacSigned.xml"
set http [new_CkHttp]
set sbXml [new_CkStringBuilder]
set success [CkHttp_QuickGetSb $http $url $sbXml]
if {$success != 1} then {
puts [CkHttp_lastErrorText $http]
delete_CkHttp $http
delete_CkStringBuilder $sbXml
exit
}
set verifier [new_CkXmlDSig]
# Load the XML containing the signature to be verified.
set success [CkXmlDSig_LoadSignatureSb $verifier $sbXml]
if {$success != 1} then {
puts [CkXmlDSig_lastErrorText $verifier]
delete_CkHttp $http
delete_CkStringBuilder $sbXml
delete_CkXmlDSig $verifier
exit
}
# Provide the HMAC key
# The HMAC key for this signature is the us-ascii bytes of the string "secret",
# It can be set in any of the following ways (and also more ways not shown here..)
CkXmlDSig_SetHmacKey $verifier "secret" "ascii"
# or
CkXmlDSig_SetHmacKey $verifier "c2VjcmV0" "base64"
# or
CkXmlDSig_SetHmacKey $verifier "736563726574" "hex"
# Verify the signature
set bVerified [CkXmlDSig_VerifySignature $verifier 1]
puts "Signature verified = $bVerified"
delete_CkHttp $http
delete_CkStringBuilder $sbXml
delete_CkXmlDSig $verifier