|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Delphi DLL) Create XML Signature using Java KeyStore (.jks)Demonstrates how to create an XML digital signature using a certificate and private key from a Java KeyStore (.jks)
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, XmlDSigGen, JavaKeyStore, StringBuilder, CertChain, Cert, Xml; ... procedure TForm1.Button1Click(Sender: TObject); var xml: HCkXml; jks: HCkJavaKeyStore; password: PWideChar; success: Boolean; chain: HCkCertChain; cert: HCkCert; gen: HCkXmlDSigGen; bUsePrivateKey: Boolean; sbXml: HCkStringBuilder; begin // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // The SOAP XML to be signed in this example contains the following: // <?xml version="1.0" encoding="UTF-8" standalone="no" ?> // <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> // <SOAP-ENV:Header> // <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1"></wsse:Security> // </SOAP-ENV:Header> // <SOAP-ENV:Body xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12" SOAP-SEC:id="Body"> // <z:FooBar xmlns:z="http://example.com" /> // </SOAP-ENV:Body> // </SOAP-ENV:Envelope> // // Build the XML to sign. // Use this online tool to generate the code from sample XML: // Generate Code to Create XML xml := CkXml_Create(); CkXml_putTag(xml,'SOAP-ENV:Envelope'); CkXml_AddAttribute(xml,'xmlns:SOAP-ENV','http://schemas.xmlsoap.org/soap/envelope/'); CkXml_UpdateAttrAt(xml,'SOAP-ENV:Header|wsse:Security',True,'xmlns:wsse','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'); CkXml_UpdateAttrAt(xml,'SOAP-ENV:Header|wsse:Security',True,'SOAP-ENV:mustUnderstand','1'); CkXml_UpdateAttrAt(xml,'SOAP-ENV:Body',True,'xmlns:SOAP-SEC','http://schemas.xmlsoap.org/soap/security/2000-12'); CkXml_UpdateAttrAt(xml,'SOAP-ENV:Body',True,'SOAP-SEC:id','Body'); CkXml_UpdateAttrAt(xml,'SOAP-ENV:Body|z:FooBar',True,'xmlns:z','http://example.com'); // Load a JavaKeyStore file containing the certificate + private key. jks := CkJavaKeyStore_Create(); password := 'secret'; success := CkJavaKeyStore_LoadFile(jks,password,'qa_data/jks/test_secret.jks'); if (success <> True) then begin Memo1.Lines.Add(CkJavaKeyStore__lastErrorText(jks)); Exit; end; // Make sure we have a private key. if (CkJavaKeyStore_getNumPrivateKeys(jks) < 1) then begin Memo1.Lines.Add('No private key available.'); Exit; end; // ------------------------------------------------------------------------- // Get the certificate chain associated with the 1st (and probably only) private key in the JKS. chain := CkJavaKeyStore_GetCertChain(jks,0); if (CkJavaKeyStore_getLastMethodSuccess(jks) <> True) then begin Memo1.Lines.Add(CkJavaKeyStore__lastErrorText(jks)); Exit; end; cert := CkCertChain_GetCert(chain,0); if (CkCertChain_getLastMethodSuccess(chain) <> True) then begin Memo1.Lines.Add(CkCertChain__lastErrorText(chain)); CkCertChain_Dispose(chain); Exit; end; CkCertChain_Dispose(chain); // Verify again that this cert has a private key. if (CkCert_HasPrivateKey(cert) <> True) then begin Memo1.Lines.Add('Certificate has no associated private key.'); CkCert_Dispose(cert); Exit; end; // Prepare for signing... // Use this online tool to generate the following code from an already-signed XML sample: // Generate Code to Create an XML Signature gen := CkXmlDSigGen_Create(); // Indicate where the Signature will be inserted. CkXmlDSigGen_putSigLocation(gen,'SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security'); // Add a reference to the fragment of the XML to be signed. CkXmlDSigGen_AddSameDocRef(gen,'Body','sha1','EXCL_C14N','',''); // (You can read about the SignedInfoPrefixList in the online reference documentation. It's optional..) CkXmlDSigGen_putSignedInfoPrefixList(gen,'wsse SOAP-ENV'); // Provide the private key for signing via the certificate, and indicate that // we want the base64 of the certificate embedded in the KeyInfo. CkXmlDSigGen_putKeyInfoType(gen,'X509Data'); CkXmlDSigGen_putX509Type(gen,'Certificate'); // Note: Because our certificate was loaded from a JKS which also contained the private key, // Chilkat automatically knows and has the private key associated with the certificate. // We set bUsePrivateKey to tell the SetX509Cert method to automatically use the private key // associated with the certificate for signing. bUsePrivateKey := True; success := CkXmlDSigGen_SetX509Cert(gen,cert,bUsePrivateKey); if (success <> True) then begin Memo1.Lines.Add(CkXmlDSigGen__lastErrorText(gen)); CkCert_Dispose(cert); Exit; end; CkCert_Dispose(cert); // Everything's specified. Now create and insert the Signature sbXml := CkStringBuilder_Create(); CkXml_GetXmlSb(xml,sbXml); success := CkXmlDSigGen_CreateXmlDSigSb(gen,sbXml); if (success <> True) then begin Memo1.Lines.Add(CkXmlDSigGen__lastErrorText(gen)); Exit; end; // Examine the XML with the digital signature inserted Memo1.Lines.Add(CkStringBuilder__getAsString(sbXml)); CkXml_Dispose(xml); CkJavaKeyStore_Dispose(jks); CkXmlDSigGen_Dispose(gen); CkStringBuilder_Dispose(sbXml); end; |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.