|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(C) Create XML Signature using Java KeyStore (.jks)Demonstrates how to create an XML digital signature using a certificate and private key from a Java KeyStore (.jks)
#include <C_CkXml.h> #include <C_CkJavaKeyStore.h> #include <C_CkCertChain.h> #include <C_CkCert.h> #include <C_CkXmlDSigGen.h> #include <C_CkStringBuilder.h> void ChilkatSample(void) { HCkXml xml; HCkJavaKeyStore jks; const char *password; BOOL success; HCkCertChain chain; HCkCert cert; HCkXmlDSigGen gen; BOOL bUsePrivateKey; HCkStringBuilder sbXml; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // The SOAP XML to be signed in this example contains the following: // <?xml version="1.0" encoding="UTF-8" standalone="no" ?> // <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> // <SOAP-ENV:Header> // <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1"></wsse:Security> // </SOAP-ENV:Header> // <SOAP-ENV:Body xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12" SOAP-SEC:id="Body"> // <z:FooBar xmlns:z="http://example.com" /> // </SOAP-ENV:Body> // </SOAP-ENV:Envelope> // // Build the XML to sign. // Use this online tool to generate the code from sample XML: // Generate Code to Create XML xml = CkXml_Create(); CkXml_putTag(xml,"SOAP-ENV:Envelope"); CkXml_AddAttribute(xml,"xmlns:SOAP-ENV","http://schemas.xmlsoap.org/soap/envelope/"); CkXml_UpdateAttrAt(xml,"SOAP-ENV:Header|wsse:Security",TRUE,"xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); CkXml_UpdateAttrAt(xml,"SOAP-ENV:Header|wsse:Security",TRUE,"SOAP-ENV:mustUnderstand","1"); CkXml_UpdateAttrAt(xml,"SOAP-ENV:Body",TRUE,"xmlns:SOAP-SEC","http://schemas.xmlsoap.org/soap/security/2000-12"); CkXml_UpdateAttrAt(xml,"SOAP-ENV:Body",TRUE,"SOAP-SEC:id","Body"); CkXml_UpdateAttrAt(xml,"SOAP-ENV:Body|z:FooBar",TRUE,"xmlns:z","http://example.com"); // Load a JavaKeyStore file containing the certificate + private key. jks = CkJavaKeyStore_Create(); password = "secret"; success = CkJavaKeyStore_LoadFile(jks,password,"qa_data/jks/test_secret.jks"); if (success != TRUE) { printf("%s\n",CkJavaKeyStore_lastErrorText(jks)); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); return; } // Make sure we have a private key. if (CkJavaKeyStore_getNumPrivateKeys(jks) < 1) { printf("No private key available.\n"); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); return; } // ------------------------------------------------------------------------- // Get the certificate chain associated with the 1st (and probably only) private key in the JKS. chain = CkJavaKeyStore_GetCertChain(jks,0); if (CkJavaKeyStore_getLastMethodSuccess(jks) != TRUE) { printf("%s\n",CkJavaKeyStore_lastErrorText(jks)); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); return; } cert = CkCertChain_GetCert(chain,0); if (CkCertChain_getLastMethodSuccess(chain) != TRUE) { printf("%s\n",CkCertChain_lastErrorText(chain)); CkCertChain_Dispose(chain); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); return; } CkCertChain_Dispose(chain); // Verify again that this cert has a private key. if (CkCert_HasPrivateKey(cert) != TRUE) { printf("Certificate has no associated private key.\n"); CkCert_Dispose(cert); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); return; } // Prepare for signing... // Use this online tool to generate the following code from an already-signed XML sample: // Generate Code to Create an XML Signature gen = CkXmlDSigGen_Create(); // Indicate where the Signature will be inserted. CkXmlDSigGen_putSigLocation(gen,"SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security"); // Add a reference to the fragment of the XML to be signed. CkXmlDSigGen_AddSameDocRef(gen,"Body","sha1","EXCL_C14N","",""); // (You can read about the SignedInfoPrefixList in the online reference documentation. It's optional..) CkXmlDSigGen_putSignedInfoPrefixList(gen,"wsse SOAP-ENV"); // Provide the private key for signing via the certificate, and indicate that // we want the base64 of the certificate embedded in the KeyInfo. CkXmlDSigGen_putKeyInfoType(gen,"X509Data"); CkXmlDSigGen_putX509Type(gen,"Certificate"); // Note: Because our certificate was loaded from a JKS which also contained the private key, // Chilkat automatically knows and has the private key associated with the certificate. // We set bUsePrivateKey to tell the SetX509Cert method to automatically use the private key // associated with the certificate for signing. bUsePrivateKey = TRUE; success = CkXmlDSigGen_SetX509Cert(gen,cert,bUsePrivateKey); if (success != TRUE) { printf("%s\n",CkXmlDSigGen_lastErrorText(gen)); CkCert_Dispose(cert); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); CkXmlDSigGen_Dispose(gen); return; } CkCert_Dispose(cert); // Everything's specified. Now create and insert the Signature sbXml = CkStringBuilder_Create(); CkXml_GetXmlSb(xml,sbXml); success = CkXmlDSigGen_CreateXmlDSigSb(gen,sbXml); if (success != TRUE) { printf("%s\n",CkXmlDSigGen_lastErrorText(gen)); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); CkXmlDSigGen_Dispose(gen); CkStringBuilder_Dispose(sbXml); return; } // Examine the XML with the digital signature inserted printf("%s\n",CkStringBuilder_getAsString(sbXml)); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); CkXmlDSigGen_Dispose(gen); CkStringBuilder_Dispose(sbXml); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.