(C) Alliance Access LAU Sign Message (XML Signature using HMAC-SHA-256)

Demonstrates how to sign XML according to the requirements for Alliance Access LAU (Local Authentication) using HMAC-SHA-256.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkXml.h>
#include <C_CkXmlDSigGen.h>
#include <C_CkStringBuilder.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkXml xmlToSign;
    HCkXmlDSigGen gen;
    HCkStringBuilder sbXml;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // We begin with this message:

    // <?xml version="1.0" encoding="utf-8"?>
    // <Saa:DataPDU xmlns:Saa="urn:swift:saa:xsd:saa.2.0" xmlns:Sw="urn:swift:snl:ns.Sw"
    //   xmlns:SwGbl="urn:swift:snl:ns.SwGbl" xmlns:SwInt="urn:swift:snl:ns:SwInt" xmlns:SwSec="url:swift:snl:ns.SwSec">
    //     <Saa:Revision>2.0.7</Saa:Revision>
    //     <Saa:Header>
    //         <Saa:Message>
    // 			<test>blah blah</test>
    //         </Saa:Message>
    //     </Saa:Header>
    //     <Saa:Body>...</Saa:Body>
    //     <Saa:LAU>
    //     </Saa:LAU>
    // </Saa:DataPDU>

    // And we want so sign to create this as the result:
    // The signed XML we'll create will not be indented and pretty-printed like this.
    // Instead, we'll use the "CompactSignedXml" behavior to produce compact single-line XML.

    // <?xml version="1.0" encoding="utf-8"?>
    // <Saa:DataPDU xmlns:Saa="urn:swift:saa:xsd:saa.2.0" xmlns:Sw="urn:swift:snl:ns.Sw"
    //   xmlns:SwGbl="urn:swift:snl:ns.SwGbl" xmlns:SwInt="urn:swift:snl:ns:SwInt" xmlns:SwSec="url:swift:snl:ns.SwSec">
    //     <Saa:Revision>2.0.7</Saa:Revision>
    //     <Saa:Header>
    //         <Saa:Message>
    // 			<test>blah blah</test>
    //         </Saa:Message>
    //     </Saa:Header>
    //     <Saa:Body>...</Saa:Body>
    //     <Saa:LAU>
    //         <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    //             <ds:SignedInfo>
    //                 <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    //                 <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
    //                 <ds:Reference URI="">
    //                     <ds:Transforms>
    //                         <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
    //                         <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    //                     </ds:Transforms>
    //                     <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    //                     <ds:DigestValue>Y7oScHnYOUQvni/TSzZbDec+HR+mWIFH149GXpwj1Ws=</ds:DigestValue>
    //                 </ds:Reference>
    //             </ds:SignedInfo>
    //             <ds:SignatureValue>6ynF/FcwbPsHrtlj3h2agJigdnvpbO6hOzKSRGzqkw0=</ds:SignatureValue>
    //         </ds:Signature>
    //     </Saa:LAU>
    // </Saa:DataPDU>

    success = TRUE;

    // Create the XML to be signed...

    // (The XML does not need to be created this way.  It can be loaded from a file or a string.)
    // Also, use this online tool to generate code from sample XML: 
    // Generate Code to Create XML

    xmlToSign = CkXml_Create();
    CkXml_putTag(xmlToSign,"Saa:DataPDU");
    CkXml_AddAttribute(xmlToSign,"xmlns:Saa","urn:swift:saa:xsd:saa.2.0");
    CkXml_AddAttribute(xmlToSign,"xmlns:Sw","urn:swift:snl:ns.Sw");
    CkXml_AddAttribute(xmlToSign,"xmlns:SwGbl","urn:swift:snl:ns.SwGbl");
    CkXml_AddAttribute(xmlToSign,"xmlns:SwInt","urn:swift:snl:ns:SwInt");
    CkXml_AddAttribute(xmlToSign,"xmlns:SwSec","url:swift:snl:ns.SwSec");
    CkXml_UpdateChildContent(xmlToSign,"Saa:Revision","2.0.7");
    CkXml_UpdateChildContent(xmlToSign,"Saa:Header|Saa:Message|test","blah blah");
    CkXml_UpdateChildContent(xmlToSign,"Saa:Body","...");
    CkXml_UpdateChildContent(xmlToSign,"Saa:LAU","");

    gen = CkXmlDSigGen_Create();

    CkXmlDSigGen_putSigLocation(gen,"Saa:DataPDU|Saa:LAU");
    CkXmlDSigGen_putSigLocationMod(gen,0);
    CkXmlDSigGen_putSigNamespacePrefix(gen,"ds");
    CkXmlDSigGen_putSigNamespaceUri(gen,"http://www.w3.org/2000/09/xmldsig#");
    CkXmlDSigGen_putSignedInfoCanonAlg(gen,"EXCL_C14N");
    CkXmlDSigGen_putSignedInfoDigestMethod(gen,"sha256");

    // You may alternatively choose "IndentedSignature" instead of "CompactSignedXml"
    CkXmlDSigGen_putBehaviors(gen,"CompactSignedXml");

    CkXmlDSigGen_AddSameDocRef(gen,"","sha256","EXCL_C14N","","");

    // Specify the HMAC key.
    // For example, if the HMAC key is to be the us-ascii bytes of the string "secret",
    // the HMAC key can be set in any of the following ways (and also more ways not shown here..)
    CkXmlDSigGen_SetHmacKey(gen,"secret","ascii");
    // or
    CkXmlDSigGen_SetHmacKey(gen,"c2VjcmV0","base64");
    // or
    CkXmlDSigGen_SetHmacKey(gen,"736563726574","hex");

    // Sign the XML..
    sbXml = CkStringBuilder_Create();
    CkXml_GetXmlSb(xmlToSign,sbXml);
    success = CkXmlDSigGen_CreateXmlDSigSb(gen,sbXml);
    if (success != TRUE) {
        printf("%s\n",CkXmlDSigGen_lastErrorText(gen));
        CkXml_Dispose(xmlToSign);
        CkXmlDSigGen_Dispose(gen);
        CkStringBuilder_Dispose(sbXml);
        return;
    }

    // Save the signed XML to a file.
    success = CkStringBuilder_WriteFile(sbXml,"qa_output/signedXml.xml","utf-8",FALSE);

    // Show the signed XML.
    printf("%s\n",CkStringBuilder_getAsString(sbXml));


    CkXml_Dispose(xmlToSign);
    CkXmlDSigGen_Dispose(gen);
    CkStringBuilder_Dispose(sbXml);

    }