DataFlex
DataFlex
Create EBICS Signature (XMLDSIG)
See more EBICS Examples
Demonstrates how to create an EBICS signature. (EBICS is the Electronic Banking Internet Communication Standard)Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Variant vSbXml
Handle hoSbXml
Handle hoGen
Variant vCert
Handle hoCert
Handle hoVerifier
Variant vPubKey
Handle hoPubKey
String sTemp1
Move False To iSuccess
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// This is the sample XML to be signed:
// <?xml version="1.0" encoding="UTF-8"?>
// <ebicsRequest
// xmlns="urn:org:ebics:H005"
// xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
// xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
// xsi:schemaLocation="urn:org:ebics:H005 ebics_request_H005.xsd"
// Version="H005" Revision="1">
// <header authenticate="true">
// <static>
// <HostID>EBIXHOST</HostID>
// <Nonce>BDA2312973890654FAC9879A89794E65</Nonce>
// <Timestamp>2005-01-30T15:30:45.123Z</Timestamp>
// <PartnerID>CUSTM001</PartnerID>
// <UserID>USR100</UserID>
// <Product Language="en" InstituteID="Institute ID">Product Identifier</Product>
// <OrderDetails>
// <AdminOrderType>BTU</AdminOrderType>
// <BTUOrderParams>
// <Service>
// <ServiceName>SCT</ServiceName>
// <MsgName>pain.001</MsgName>
// </Service>
// </BTUOrderParams>
// </OrderDetails>
// <BankPubKeyDigests>
// <Authentication Version="X002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">1H/rQr2Axe9hYTV2n/tCp+3UIQQ=</Authentication>
// <Encryption Version="E002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">2lwiueWOIER823jSoiOkjl+woeI=</Encryption>
// </BankPubKeyDigests>
// <SecurityMedium>0000</SecurityMedium>
// <NumSegments>2</NumSegments>
// </static>
// <mutable>
// <TransactionPhase>Initialisation</TransactionPhase>
// </mutable>
// </header>
// <body>
// <PreValidation authenticate="true">
// <DataDigest SignatureVersion="A006"> MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=</DataDigest>
// </PreValidation>
// <DataTransfer>
// <DataEncryptionInfo authenticate="true">
// <EncryptionPubKeyDigest Version="E002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">..here hash value of the public bank key for encryption..</EncryptionPubKeyDigest>
// <TransactionKey>EIGI4En6KEB6ArEzw+iq4N1wm6EptcyxXxStA...</TransactionKey>
// <HostID>EBIXHOST</HostID>
// </DataEncryptionInfo>
// <SignatureData authenticate="true">n6KEB6ArEzw+iq4N1wm6EptcyxXxStAO...</SignatureData>
// <DataDigest SignatureVersion="A006"> MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=</DataDigest>
// </DataTransfer>
// </body>
// </ebicsRequest>
// Load the above XML from a file.
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbXml
If (Not(IsComObjectCreated(hoSbXml))) Begin
Send CreateComObject of hoSbXml
End
Get ComLoadFile Of hoSbXml "qa_data/xml_dsig/ebics/fileToSign.xml" "utf-8" To iSuccess
If (iSuccess = False) Begin
Showln "Failed to load XML input file."
Procedure_Return
End
Get Create (RefClass(cComChilkatXmlDSigGen)) To hoGen
If (Not(IsComObjectCreated(hoGen))) Begin
Send CreateComObject of hoGen
End
// We're going to insert the signature between the </header> and the <body>
Set ComSigLocation Of hoGen To "ebicsRequest|header"
// Set the SigLocationMod = 1 to insert *after* the SigLocation
Set ComSigLocationMod Of hoGen To 1
// We wish to use "ds" for the namespace..
Set ComSigNamespacePrefix Of hoGen To "ds"
Set ComSigNamespaceUri Of hoGen To "http://www.w3.org/2000/09/xmldsig#"
// Specify canonicalization and hash algorithms
Set ComSignedInfoCanonAlg Of hoGen To "C14N"
Set ComSignedInfoDigestMethod Of hoGen To "sha256"
// Add the reference.
// For EBICS signatures, we pass the special keyword "EBICS" in the 1st argument.
// This tells Chilkat to create the reference using URI="#xpointer(//*[@authenticate='true'])"
Get ComAddSameDocRef Of hoGen "EBICS" "sha256" "C14N" "" "" To iSuccess
// Provide our certificate + private key. (PFX password is test123)
// (You'll use your own certificate, which can be loaded from many different sources by Chilkat, including smart cards.)
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadPfxFile Of hoCert "qa_data/pfx/cert_test123.pfx" "test123" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
Get pvComObject of hoCert to vCert
Get ComSetX509Cert Of hoGen vCert True To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoGen To sTemp1
Showln sTemp1
Procedure_Return
End
// We don't want a KeyInfo to be included.
Set ComKeyInfoType Of hoGen To "None"
// Request an indented signature for readability.
// This can be removed after debugging (for a more compact signature).
Set ComBehaviors Of hoGen To "IndentedSignature"
// Sign the XML.
Get pvComObject of hoSbXml to vSbXml
Get ComCreateXmlDSigSb Of hoGen vSbXml To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoGen To sTemp1
Showln sTemp1
Procedure_Return
End
// This is the XML with the EBICS signature added:
// <?xml version="1.0" encoding="UTF-8"?>
// <ebicsRequest
// xmlns="urn:org:ebics:H005"
// xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
// xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
// xsi:schemaLocation="urn:org:ebics:H005 ebics_request_H005.xsd"
// Version="H005" Revision="1">
// <header authenticate="true">
// <static>
// <HostID>EBIXHOST</HostID>
// <Nonce>BDA2312973890654FAC9879A89794E65</Nonce>
// <Timestamp>2005-01-30T15:30:45.123Z</Timestamp>
// <PartnerID>CUSTM001</PartnerID>
// <UserID>USR100</UserID>
// <Product Language="en" InstituteID="Institute ID">Product Identifier</Product>
// <OrderDetails>
// <AdminOrderType>BTU</AdminOrderType>
// <BTUOrderParams>
// <Service>
// <ServiceName>SCT</ServiceName>
// <MsgName>pain.001</MsgName>
// </Service>
// </BTUOrderParams>
// </OrderDetails>
// <BankPubKeyDigests>
// <Authentication Version="X002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">1H/rQr2Axe9hYTV2n/tCp+3UIQQ=</Authentication>
// <Encryption Version="E002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">2lwiueWOIER823jSoiOkjl+woeI=</Encryption>
// </BankPubKeyDigests>
// <SecurityMedium>0000</SecurityMedium>
// <NumSegments>2</NumSegments>
// </static>
// <mutable>
// <TransactionPhase>Initialisation</TransactionPhase>
// </mutable>
// </header><AuthSignature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
// <ds:SignedInfo>
// <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
// <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
// <ds:Reference URI="#xpointer(//*[@authenticate='true'])">
// <ds:Transforms>
// <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
// </ds:Transforms>
// <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
// <ds:DigestValue>jjLD90BedcIVxFENHse6pOnRubVUlHpKjXUF5BUd00k=</ds:DigestValue>
// </ds:Reference>
// </ds:SignedInfo>
// <ds:SignatureValue>TlVgCXGf+3kKZ4LLwqxKoMaDZSBdiDRcGpdKB+tFZ7MZse9jDqtCai7PxcvRLC7yRGRj3XWrAB6IVqXh6tXGqiAtRfa7XjezvJTmUdMEJ3hTEgKqm7cKjjZX5C+lN5XTJghOy0X1bZBl/NBJu/aqY9s8PKsD5Cpm8bFkl2ReBBTCTSF5CRK3XZr+fvWuUX2sFrFS5UDXG8/cmhaKHT15LBOJgYuLYr80dtL251Jy20rIJ5KK8xUz9gpexE61Y/ml6mUPLm8YgdACRdNvCOPRLjCqYwFbnfgaVO6MtSRG819rWyNtBhqVxdzbntiV1UobKbwFiJ1LMMHF0NCo2LGLCw==</ds:SignatureValue>
// </AuthSignature>
// <body>
// <PreValidation authenticate="true">
// <DataDigest SignatureVersion="A006"> MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=</DataDigest>
// </PreValidation>
// <DataTransfer>
// <DataEncryptionInfo authenticate="true">
// <EncryptionPubKeyDigest Version="E002" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">..here hash value of the public bank key for encryption..</EncryptionPubKeyDigest>
// <TransactionKey>EIGI4En6KEB6ArEzw+iq4N1wm6EptcyxXxStA...</TransactionKey>
// <HostID>EBIXHOST</HostID>
// </DataEncryptionInfo>
// <SignatureData authenticate="true">n6KEB6ArEzw+iq4N1wm6EptcyxXxStAO...</SignatureData>
// <DataDigest SignatureVersion="A006"> MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=</DataDigest>
// </DataTransfer>
// </body>
// </ebicsRequest>
Showln "Here's the EBICS signed XML:"
Get ComGetAsString Of hoSbXml To sTemp1
Showln sTemp1
Showln "----"
// Verify the signature we just produced...
Get Create (RefClass(cComChilkatXmlDSig)) To hoVerifier
If (Not(IsComObjectCreated(hoVerifier))) Begin
Send CreateComObject of hoVerifier
End
Get pvComObject of hoSbXml to vSbXml
Get ComLoadSignatureSb Of hoVerifier vSbXml To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoVerifier To sTemp1
Showln sTemp1
Procedure_Return
End
// The signature has no KeyInfo, so we must externally provide the key.
Get Create (RefClass(cComChilkatPublicKey)) To hoPubKey
If (Not(IsComObjectCreated(hoPubKey))) Begin
Send CreateComObject of hoPubKey
End
Get pvComObject of hoPubKey to vPubKey
Get ComGetPublicKey Of hoCert vPubKey To iSuccess
Get pvComObject of hoPubKey to vPubKey
Get ComSetPublicKey Of hoVerifier vPubKey To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoVerifier To sTemp1
Showln sTemp1
Procedure_Return
End
Get ComVerifySignature Of hoVerifier True To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoVerifier To sTemp1
Showln sTemp1
Procedure_Return
End
Showln "EBICS signature verified."
End_Procedure