Sample code for 30+ languages & platforms
DataFlex

Create XML Signature with External Data Reference

See more XML Digital Signatures Examples

Demonstrates how to create an XML digital signature where the data is external. In this case, the data is a JPG file.

This example requires Chilkat v9.5.0.69 or greater.

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Boolean iSuccess
    String sUrl
    Handle hoHttp
    Variant vSbXml
    Handle hoSbXml
    Variant vRsaKey
    Handle hoRsaKey
    Handle hoXmlSigGen
    String sJpgUrl
    Variant vJpgData
    Handle hoJpgData
    String sTemp1

    Move False To iSuccess

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // This example inserts an XML signature in the following XML:

    // <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    // <abc>
    //   <xyz>
    //     <jpg>
    //         <name>starfish.jpg</name>
    //         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
    //     </jpg>
    //   </xyz>
    // </abc>

    // The above XML is available at https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml
    // First fetch the XML:

    Move "https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml" To sUrl
    Get Create (RefClass(cComChilkatHttp)) To hoHttp
    If (Not(IsComObjectCreated(hoHttp))) Begin
        Send CreateComObject of hoHttp
    End
    Get Create (RefClass(cComChilkatStringBuilder)) To hoSbXml
    If (Not(IsComObjectCreated(hoSbXml))) Begin
        Send CreateComObject of hoSbXml
    End
    Get pvComObject of hoSbXml to vSbXml
    Get ComQuickGetSb Of hoHttp sUrl vSbXml To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoHttp To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // We'll use an RSA private key for signing.  
    Get Create (RefClass(cComChilkatPrivateKey)) To hoRsaKey
    If (Not(IsComObjectCreated(hoRsaKey))) Begin
        Send CreateComObject of hoRsaKey
    End
    Get ComLoadPemFile Of hoRsaKey "qa_data/rsa/rsaPrivKey_pkcs8.pem" To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoRsaKey To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    Get Create (RefClass(cComChilkatXmlDSigGen)) To hoXmlSigGen
    If (Not(IsComObjectCreated(hoXmlSigGen))) Begin
        Send CreateComObject of hoXmlSigGen
    End

    // Indicate were the Signature will be inserted:
    Set ComSigLocation Of hoXmlSigGen To "abc|xyz|jpg"

    // Provide the RSA key to be used for signing:
    Get pvComObject of hoRsaKey to vRsaKey
    Get ComSetPrivateKey Of hoXmlSigGen vRsaKey To iSuccess

    // Fetch the JPG image data.
    Move "https://www.chilkatsoft.com/images/starfish.jpg" To sJpgUrl
    Get Create (RefClass(cComChilkatBinData)) To hoJpgData
    If (Not(IsComObjectCreated(hoJpgData))) Begin
        Send CreateComObject of hoJpgData
    End
    Get pvComObject of hoJpgData to vJpgData
    Get ComQuickGetBd Of hoHttp sJpgUrl vJpgData To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoHttp To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Add the external data reference:
    Get pvComObject of hoJpgData to vJpgData
    Get ComAddExternalBinaryRef Of hoXmlSigGen sJpgUrl vJpgData "sha256" "" To iSuccess

    // Create the XML digital signature:
    Get pvComObject of hoSbXml to vSbXml
    Get ComCreateXmlDSigSb Of hoXmlSigGen vSbXml To iSuccess
    If (iSuccess <> True) Begin
        Get ComLastErrorText Of hoXmlSigGen To sTemp1
        Showln sTemp1
        Procedure_Return
    End

    // Examine the XML that now contains the Signature:
    Get ComGetAsString Of hoSbXml To sTemp1
    Showln sTemp1

    // <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    // <abc>
    //   <xyz>
    //     <jpg>
    //         <name>starfish.jpg</name>
    //         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
    //     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ApHRr6nilNrzt3dLveC9zlPoSllaCMfHsbAwr+vYBPkHkJ4wD5LzDDhi1tSJZAAeTckmvSqIG3Wi0rgXQiSM644MD3coBFx4QgrY+GZ+XJJE2Y0Ye3VvaQBiRdUW3INGsW4GLubncgQk5JhuAQjo6O/GKpfEuYqUJj/6CLHLQwMPwbZ2043ykgzuPFoOZf6EydJMBAn1ORMvrpUn+zuA9UngOTGap6eWE4CeiNx23BRC2wSztbUjdCLcqXvgiYu/v0tBNaTcwy7b6+IFtwv/lNUUBUQJ/3p+aErzFn3wLeH3yeqpDCU0U6Dqu5SS1jYupcWWsLHJjYnj2066DPJi/g==</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:RSAKeyValue><ds:Modulus>sXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNiwUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv/gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyTEvb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUbE9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRw==</ds:Modulus><ds:Exponent>AQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue></ds:KeyInfo></ds:Signature></jpg>
    //   </xyz>
    // </abc>
    // 


End_Procedure