|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(DataFlex) Sign Italian SPID Metadata XMLDemonstrates how to create an XML digital signature for Italian SPID Metadata.
Use ChilkatAx-win32.pkg Procedure Test Boolean iSuccess Variant vSbXml Handle hoSbXml Handle hoGen Variant vCert Handle hoCert Handle hoVerifier Integer iNumSigs Integer iVerifyIdx Boolean iVerified String sTemp1 // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. Move True To iSuccess // Load the XML to be signed. Get Create (RefClass(cComChilkatStringBuilder)) To hoSbXml If (Not(IsComObjectCreated(hoSbXml))) Begin Send CreateComObject of hoSbXml End Get ComLoadFile Of hoSbXml "qa_data/xml_dsig/spid_metadata.xml" "utf-8" To iSuccess If (iSuccess = False) Begin Showln "Failed to load the input file." Procedure_Return End // The XML to sign contains XML such as this: // <?xml version="1.0" encoding="utf-8"?> // <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://***.it" ID="_AE17AFFF-A600-49D5-B81D-76EEA55B50FF"> // <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true"> // <md:KeyDescriptor use="signing"> // <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> // <ds:X509Data> // <ds:X509Certificate>MIIF5...</ds:X509Certificate> // </ds:X509Data> // </ds:KeyInfo> // </md:KeyDescriptor> // <md:KeyDescriptor use="encryption"> // <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> // <ds:X509Data> // <ds:X509Certificate>MIIF5...</ds:X509Certificate> // </ds:X509Data> // </ds:KeyInfo> // </md:KeyDescriptor> // <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://***.it/it-it/spid/logout"/> // <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat> // <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://***.it/it-it/spid/loginresp" index="0" isDefault="true"/> // <md:AttributeConsumingService index="1"> // <md:ServiceName xml:lang="it">Servizi Online</md:ServiceName> // <md:ServiceDescription xml:lang="it">Accesso ai Servizi Online</md:ServiceDescription> // <md:RequestedAttribute Name="spidCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/> // <md:RequestedAttribute Name="name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/> // <md:RequestedAttribute Name="familyName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/> // <md:RequestedAttribute Name="fiscalNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/> // </md:AttributeConsumingService> // </md:SPSSODescriptor> // <md:Organization> // <md:OrganizationName xml:lang="it">SomeCompany s.r.l.</md:OrganizationName> // <md:OrganizationDisplayName xml:lang="it">SomeCompany s.r.l.</md:OrganizationDisplayName> // <md:OrganizationURL xml:lang="it">https://***.it</md:OrganizationURL> // </md:Organization> // </md:EntityDescriptor> Get Create (RefClass(cComChilkatXmlDSigGen)) To hoGen If (Not(IsComObjectCreated(hoGen))) Begin Send CreateComObject of hoGen End Set ComSigLocation Of hoGen To "md:EntityDescriptor|md:SPSSODescriptor" Set ComSigLocationMod Of hoGen To 2 Set ComSignedInfoCanonAlg Of hoGen To "EXCL_C14N" Set ComSignedInfoDigestMethod Of hoGen To "sha256" // -------- Reference 1 -------- Get ComAddSameDocRef Of hoGen "_AE17AFFF-A600-49D5-B81D-76EEA55B50FF" "sha256" "EXCL_C14N" "" "" To iSuccess // Provide a certificate + private key. (PFX password is test123) Get Create (RefClass(cComChilkatCert)) To hoCert If (Not(IsComObjectCreated(hoCert))) Begin Send CreateComObject of hoCert End Get ComLoadPfxFile Of hoCert "qa_data/pfx/cert_test123.pfx" "test123" To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoCert To sTemp1 Showln sTemp1 Procedure_Return End Get pvComObject of hoCert to vCert Get ComSetX509Cert Of hoGen vCert True To iSuccess Set ComKeyInfoType Of hoGen To "X509Data+KeyValue" Set ComX509Type Of hoGen To "Certificate" Set ComBehaviors Of hoGen To "IndentedSignature,ForceAddEnvelopedSignatureTransform,OmitAlreadyDefinedSigNamespace" // Sign the XML... Get pvComObject of hoSbXml to vSbXml Get ComCreateXmlDSigSb Of hoGen vSbXml To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoGen To sTemp1 Showln sTemp1 Procedure_Return End // ----------------------------------------------- // Save the signed XML to a file. Get ComWriteFile Of hoSbXml "qa_output/signedXml.xml" "utf-8" False To iSuccess Get ComGetAsString Of hoSbXml To sTemp1 Showln sTemp1 // ---------------------------------------- // Verify the signatures we just produced... Get Create (RefClass(cComChilkatXmlDSig)) To hoVerifier If (Not(IsComObjectCreated(hoVerifier))) Begin Send CreateComObject of hoVerifier End Get pvComObject of hoSbXml to vSbXml Get ComLoadSignatureSb Of hoVerifier vSbXml To iSuccess If (iSuccess <> True) Begin Get ComLastErrorText Of hoVerifier To sTemp1 Showln sTemp1 Procedure_Return End Get ComNumSignatures Of hoVerifier To iNumSigs Move 0 To iVerifyIdx While (iVerifyIdx < iNumSigs) Set ComSelector Of hoVerifier To iVerifyIdx Get ComVerifySignature Of hoVerifier True To iVerified If (iVerified <> True) Begin Get ComLastErrorText Of hoVerifier To sTemp1 Showln sTemp1 Procedure_Return End Move (iVerifyIdx + 1) To iVerifyIdx Loop Showln "All signatures were successfully verified." End_Procedure |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.