Sample code for 30+ languages & platforms
Visual FoxPro

Create Signed SOAP XML for DIAN Colombia WCF Service

See more XAdES Examples

Demonstrates how to create a signed SOAP XML document for DIAN Colombia.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL loXmlToSign
LOCAL loGen
LOCAL loCert
LOCAL loXmlCustomKeyInfo
LOCAL loSbXml
LOCAL loBdCert
LOCAL lnNReplaced
LOCAL loVerifier
LOCAL lnNumSigs
LOCAL lnVerifyIdx
LOCAL lnVerified

lnSuccess = 0

* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* This example will produce a signed SOAP XML message that looks like this:

* <?xml version="1.0" encoding="utf-8"?>
* <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:wcf="http://wcf.dian.colombia">
*     <soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
*         <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
*             <wsu:Timestamp wsu:Id="TS-F25839120CBA3ECDAD68754D0443A667636FDA68">
*                 <wsu:Created>2019-08-23T23:03:01Z</wsu:Created>
*                 <wsu:Expires>2019-08-24T15:43:01Z</wsu:Expires>
*             </wsu:Timestamp>
*             <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" 
* 			ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" 
* 			wsu:Id="ABCXYZ-9F0F7E15A59816E680B4735080A789DC1EED6C9C">MIIG8jCCBd ... zLjGQUB6lcz</wsse:BinarySecurityToken>
*             <ds:Signature Id="SIG-F25839120CBA3ECDAD68754D0443A667636FDA68" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
*                 <ds:SignedInfo>
*                     <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
*                         <ec:InclusiveNamespaces PrefixList="wsa soap wcf" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
*                     </ds:CanonicalizationMethod>
*                     <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
*                     <ds:Reference URI="#ID-F25839120CBA3ECDAD68754D0443A667636FDA68">
*                         <ds:Transforms>
*                             <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
*                                 <ec:InclusiveNamespaces PrefixList="soap wcf" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
*                             </ds:Transform>
*                         </ds:Transforms>
*                         <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
*                         <ds:DigestValue>gSIKtjS/BKA2bgecXkM8lYVBDqlXcU3juNYT9a+bSnM=</ds:DigestValue>
*                     </ds:Reference>
*                 </ds:SignedInfo>
*                 <ds:SignatureValue>sL7rOdyfkEnKgJja0eWrv ... YqG0T0pflBsGW9zXkjQ9NvAw==</ds:SignatureValue>
*                 <ds:KeyInfo Id="KI-F25839120CBA3ECDAD68754D0443A667636FDA68">
*                     <wsse:SecurityTokenReference wsu:Id="STR-F25839120CBA3ECDAD68754D0443A667636FDA68">
*                         <wsse:Reference URI="#ABCXYZ-9F0F7E15A59816E680B4735080A789DC1EED6C9C" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
*                     </wsse:SecurityTokenReference>
*                 </ds:KeyInfo>
*             </ds:Signature>
*         </wsse:Security>
*         <wsa:Action>http://wcf.dian.colombia/IWcfDianCustomerServices/GetStatus</wsa:Action>
*         <wsa:To wsu:Id="ID-F25839120CBA3ECDAD68754D0443A667636FDA68" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">https://vpfe-hab.dian.gov.co/WcfDianCustomerServices.svc</wsa:To>
*     </soap:Header>
*     <soap:Body>
*         <wcf:GetStatus>
*             <wcf:trackId>123456666</wcf:trackId>
*         </wcf:GetStatus>
*     </soap:Body>
* </soap:Envelope>

* Use this online tool to generate code from sample Signed XML: 
* Generate Code to Create Signed XML

lnSuccess = 1
* Create the XML to be signed...
loXmlToSign = CreateObject('Chilkat.Xml')
loXmlToSign.Tag = "soap:Envelope"
loXmlToSign.AddAttribute("xmlns:soap","http://www.w3.org/2003/05/soap-envelope")
loXmlToSign.AddAttribute("xmlns:wcf","http://wcf.dian.colombia")
loXmlToSign.UpdateAttrAt("soap:Header",1,"xmlns:wsa","http://www.w3.org/2005/08/addressing")
loXmlToSign.UpdateAttrAt("soap:Header|wsse:Security",1,"xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")
loXmlToSign.UpdateAttrAt("soap:Header|wsse:Security",1,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")
loXmlToSign.UpdateAttrAt("soap:Header|wsse:Security|wsu:Timestamp",1,"wsu:Id","TS-F25839120CBA3ECDAD68754D0443A667636FDA68")
loXmlToSign.UpdateChildContent("soap:Header|wsse:Security|wsu:Timestamp|wsu:Created","2019-08-23T23:03:01Z")
loXmlToSign.UpdateChildContent("soap:Header|wsse:Security|wsu:Timestamp|wsu:Expires","2019-08-24T15:43:01Z")
loXmlToSign.UpdateAttrAt("soap:Header|wsse:Security|wsse:BinarySecurityToken",1,"EncodingType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary")
loXmlToSign.UpdateAttrAt("soap:Header|wsse:Security|wsse:BinarySecurityToken",1,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3")
loXmlToSign.UpdateAttrAt("soap:Header|wsse:Security|wsse:BinarySecurityToken",1,"wsu:Id","ABCXYZ-9F0F7E15A59816E680B4735080A789DC1EED6C9C")
loXmlToSign.UpdateChildContent("soap:Header|wsse:Security|wsse:BinarySecurityToken","BinarySecurityToken_Base64Binary_Content")
loXmlToSign.UpdateChildContent("soap:Header|wsa:Action","http://wcf.dian.colombia/IWcfDianCustomerServices/GetStatus")
loXmlToSign.UpdateAttrAt("soap:Header|wsa:To",1,"wsu:Id","ID-F25839120CBA3ECDAD68754D0443A667636FDA68")
loXmlToSign.UpdateAttrAt("soap:Header|wsa:To",1,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")
loXmlToSign.UpdateChildContent("soap:Header|wsa:To","https://vpfe-hab.dian.gov.co/WcfDianCustomerServices.svc")
loXmlToSign.UpdateChildContent("soap:Body|wcf:GetStatus|wcf:trackId","123456666")

loGen = CreateObject('Chilkat.XmlDSigGen')

loGen.SigLocation = "soap:Envelope|soap:Header|wsse:Security"
loGen.SigLocationMod = 0
loGen.SigId = "SIG-F25839120CBA3ECDAD68754D0443A667636FDA68"
loGen.SigNamespacePrefix = "ds"
loGen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
loGen.SignedInfoCanonAlg = "EXCL_C14N"
loGen.SignedInfoDigestMethod = "sha256"

* Set the KeyInfoId before adding references..
loGen.KeyInfoId = "KI-F25839120CBA3ECDAD68754D0443A667636FDA68"

* -------- Reference 1 --------
loGen.AddSameDocRef("ID-F25839120CBA3ECDAD68754D0443A667636FDA68","sha256","EXCL_C14N","soap wcf","")

* Provide a certificate + private key. (PFX password is test123)
loCert = CreateObject('Chilkat.Cert')
lnSuccess = loCert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
IF (lnSuccess <> 1) THEN
    ? loCert.LastErrorText
    RELEASE loXmlToSign
    RELEASE loGen
    RELEASE loCert
    CANCEL
ENDIF

loGen.SetX509Cert(loCert,1)

loGen.KeyInfoType = "Custom"

* Create the custom KeyInfo XML..
loXmlCustomKeyInfo = CreateObject('Chilkat.Xml')
loXmlCustomKeyInfo.Tag = "wsse:SecurityTokenReference"
loXmlCustomKeyInfo.AddAttribute("wsu:Id","STR-F25839120CBA3ECDAD68754D0443A667636FDA68")
loXmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",1,"URI","#ABCXYZ-9F0F7E15A59816E680B4735080A789DC1EED6C9C")
loXmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",1,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3")

loXmlCustomKeyInfo.EmitXmlDecl = 0
loGen.CustomKeyInfoXml = loXmlCustomKeyInfo.GetXml()

* Load XML to be signed...
loSbXml = CreateObject('Chilkat.StringBuilder')
loXmlToSign.GetXmlSb(loSbXml)

* Update BinarySecurityToken_Base64Binary_Content with the actual X509 of the signing cert.
loBdCert = CreateObject('Chilkat.BinData')
loCert.ExportCertDerBd(loBdCert)

lnNReplaced = loSbXml.Replace("BinarySecurityToken_Base64Binary_Content",loBdCert.GetEncoded("base64"))

loGen.Behaviors = "IndentedSignature"

* Sign the XML...
lnSuccess = loGen.CreateXmlDSigSb(loSbXml)
IF (lnSuccess <> 1) THEN
    ? loGen.LastErrorText
    RELEASE loXmlToSign
    RELEASE loGen
    RELEASE loCert
    RELEASE loXmlCustomKeyInfo
    RELEASE loSbXml
    RELEASE loBdCert
    CANCEL
ENDIF

* -----------------------------------------------

* Save the signed XML to a file.
lnSuccess = loSbXml.WriteFile("qa_output/signedXml.xml","utf-8",0)

? loSbXml.GetAsString()

* ----------------------------------------
* Verify the signatures we just produced...
loVerifier = CreateObject('Chilkat.XmlDSig')
lnSuccess = loVerifier.LoadSignatureSb(loSbXml)
IF (lnSuccess <> 1) THEN
    ? loVerifier.LastErrorText
    RELEASE loXmlToSign
    RELEASE loGen
    RELEASE loCert
    RELEASE loXmlCustomKeyInfo
    RELEASE loSbXml
    RELEASE loBdCert
    RELEASE loVerifier
    CANCEL
ENDIF

lnNumSigs = loVerifier.NumSignatures
lnVerifyIdx = 0
DO WHILE lnVerifyIdx < lnNumSigs
    loVerifier.Selector = lnVerifyIdx
    lnVerified = loVerifier.VerifySignature(1)
    IF (lnVerified <> 1) THEN
        ? loVerifier.LastErrorText
        RELEASE loXmlToSign
        RELEASE loGen
        RELEASE loCert
        RELEASE loXmlCustomKeyInfo
        RELEASE loSbXml
        RELEASE loBdCert
        RELEASE loVerifier
        CANCEL
    ENDIF

    lnVerifyIdx = lnVerifyIdx + 1
ENDDO
? "All signatures were successfully verified."

* --------------------------------------------------------------------------------
* Also see Chilkat's Online WSDL Code Generator
* to generate code and SOAP Request and Response XML for each operation in a WSDL.
* --------------------------------------------------------------------------------

RELEASE loXmlToSign
RELEASE loGen
RELEASE loCert
RELEASE loXmlCustomKeyInfo
RELEASE loSbXml
RELEASE loBdCert
RELEASE loVerifier