Sample code for 30+ languages & platforms
DataFlex

Alliance Access LAU Sign Message (XML Signature using HMAC-SHA-256)

See more XML Digital Signatures Examples

Demonstrates how to sign XML according to the requirements for Alliance Access LAU (Local Authentication) using HMAC-SHA-256.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    Handle hoXmlToSign
    Handle hoGen
    Variant vSbXml
    Handle hoSbXml
    String sTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // We begin with this message:

    // <?xml version="1.0" encoding="utf-8"?>
    // <Saa:DataPDU xmlns:Saa="urn:swift:saa:xsd:saa.2.0" xmlns:Sw="urn:swift:snl:ns.Sw"
    //   xmlns:SwGbl="urn:swift:snl:ns.SwGbl" xmlns:SwInt="urn:swift:snl:ns:SwInt" xmlns:SwSec="url:swift:snl:ns.SwSec">
    //     <Saa:Revision>2.0.7</Saa:Revision>
    //     <Saa:Header>
    //         <Saa:Message>
    // 			<test>blah blah</test>
    //         </Saa:Message>
    //     </Saa:Header>
    //     <Saa:Body>...</Saa:Body>
    //     <Saa:LAU>
    //     </Saa:LAU>
    // </Saa:DataPDU>

    // And we want so sign to create this as the result:
    // The signed XML we'll create will not be indented and pretty-printed like this.
    // Instead, we'll use the "CompactSignedXml" behavior to produce compact single-line XML.

    // <?xml version="1.0" encoding="utf-8"?>
    // <Saa:DataPDU xmlns:Saa="urn:swift:saa:xsd:saa.2.0" xmlns:Sw="urn:swift:snl:ns.Sw"
    //   xmlns:SwGbl="urn:swift:snl:ns.SwGbl" xmlns:SwInt="urn:swift:snl:ns:SwInt" xmlns:SwSec="url:swift:snl:ns.SwSec">
    //     <Saa:Revision>2.0.7</Saa:Revision>
    //     <Saa:Header>
    //         <Saa:Message>
    // 			<test>blah blah</test>
    //         </Saa:Message>
    //     </Saa:Header>
    //     <Saa:Body>...</Saa:Body>
    //     <Saa:LAU>
    //         <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    //             <ds:SignedInfo>
    //                 <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    //                 <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
    //                 <ds:Reference URI="">
    //                     <ds:Transforms>
    //                         <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
    //                         <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    //                     </ds:Transforms>
    //                     <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    //                     <ds:DigestValue>Y7oScHnYOUQvni/TSzZbDec+HR+mWIFH149GXpwj1Ws=</ds:DigestValue>
    //                 </ds:Reference>
    //             </ds:SignedInfo>
    //             <ds:SignatureValue>6ynF/FcwbPsHrtlj3h2agJigdnvpbO6hOzKSRGzqkw0=</ds:SignatureValue>
    //         </ds:Signature>
    //     </Saa:LAU>
    // </Saa:DataPDU>

    Move True To iSuccess

    // Create the XML to be signed...

    // (The XML does not need to be created this way.  It can be loaded from a file or a string.)
    // Also, use this online tool to generate code from sample XML: 
    // Generate Code to Create XML

    Get Create (RefClass(cComChilkatXml)) To hoXmlToSign
    If (Not(IsComObjectCreated(hoXmlToSign))) Begin
        Send CreateComObject of hoXmlToSign
    End
    Set ComTag Of hoXmlToSign To "Saa:DataPDU"
    Get ComAddAttribute Of hoXmlToSign "xmlns:Saa" "urn:swift:saa:xsd:saa.2.0" To iSuccess
    Get ComAddAttribute Of hoXmlToSign "xmlns:Sw" "urn:swift:snl:ns.Sw" To iSuccess
    Get ComAddAttribute Of hoXmlToSign "xmlns:SwGbl" "urn:swift:snl:ns.SwGbl" To iSuccess
    Get ComAddAttribute Of hoXmlToSign "xmlns:SwInt" "urn:swift:snl:ns:SwInt" To iSuccess
    Get ComAddAttribute Of hoXmlToSign "xmlns:SwSec" "url:swift:snl:ns.SwSec" To iSuccess
    Send ComUpdateChildContent To hoXmlToSign "Saa:Revision" "2.0.7"
    Send ComUpdateChildContent To hoXmlToSign "Saa:Header|Saa:Message|test" "blah blah"
    Send ComUpdateChildContent To hoXmlToSign "Saa:Body" "..."
    Send ComUpdateChildContent To hoXmlToSign "Saa:LAU" ""

    Get Create (RefClass(cComChilkatXmlDSigGen)) To hoGen
    If (Not(IsComObjectCreated(hoGen))) Begin
        Send CreateComObject of hoGen
    End

    Set ComSigLocation Of hoGen To "Saa:DataPDU|Saa:LAU"
    Set ComSigLocationMod Of hoGen To 0
    Set ComSigNamespacePrefix Of hoGen To "ds"
    Set ComSigNamespaceUri Of hoGen To "http://www.w3.org/2000/09/xmldsig#"
    Set ComSignedInfoCanonAlg Of hoGen To "EXCL_C14N"
    Set ComSignedInfoDigestMethod Of hoGen To "sha256"

    // You may alternatively choose "IndentedSignature" instead of "CompactSignedXml"
    Set ComBehaviors Of hoGen To "CompactSignedXml"

    Get ComAddSameDocRef Of hoGen "" "sha256" "EXCL_C14N" "" "" To iSuccess

    // Specify the HMAC key.
    // For example, if the HMAC key is to be the us-ascii bytes of the string "secret",
    // the HMAC key can be set in any of the following ways (and also more ways not shown here..)
    Get ComSetHmacKey Of hoGen "secret" "ascii" To iSuccess
    // or
    Get ComSetHmacKey Of hoGen "c2VjcmV0" "base64" To iSuccess
    // or
    Get ComSetHmacKey Of hoGen "736563726574" "hex" To iSuccess

    // Sign the XML..
    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbXml
    If (Not(IsComObjectCreated(hoSbXml))) Begin
        Send CreateComObject of hoSbXml
    End
    Get pvComObject of hoSbXml to vSbXml
    Get ComGetXmlSb Of hoXmlToSign vSbXml To iSuccess
    Get pvComObject of hoSbXml to vSbXml
    Get ComCreateXmlDSigSb Of hoGen vSbXml To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoGen To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Save the signed XML to a file.
    Get ComWriteFile Of hoSbXml "qa_output/signedXml.xml" "utf-8" False To iSuccess

    // Show the signed XML.
    Get ComGetAsString Of hoSbXml To sTemp1
    Showln sTemp1


End_Procedure