(Lianja) IPS MX Signature - Digitally Sign MX Document

See more XML Digital Signatures Examples

Demonstrates how to digitally sign ISO 20022 SWIFT MX messages.

Note: This example requires Chilkat v9.5.0.89 or later. Additional internal functionality was added to auto-recognize SWIFT MX messages and do what is appropriate to satisfy the SWIFT MX specifications.

Chilkat Lianja Extension Download Chilkat Lianja Extension

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

llSuccess = .T.

// First create the XML to be signed, or load it from a file, or a string,

// To load XML from a file:
loXmlToSign = createobject("CkXml")
llSuccess = loXmlToSign.LoadXmlFile("c:/someDir/mx_document.xml")

// Or to load XML from a string
llSuccess = loXmlToSign.LoadXml("...")

// Or create the XML directly.
loXmlToSign.Clear()

// Use this online tool to generate code from sample XML: 
// Generate Code to Create XML

loXmlToSign.Tag = "DataPDU"
loXmlToSign.AddAttribute("xmlns","urn:cma:stp:xsd:stp.1.0")
loXmlToSign.UpdateAttrAt("Body|AppHdr",.T.,"xmlns","urn:iso:std:iso:20022:tech:xsd:head.001.001.01")
loXmlToSign.UpdateChildContent("Body|AppHdr|Fr|FIId|FinInstnId|BICFI","ZZZZZZZZ")
loXmlToSign.UpdateChildContent("Body|AppHdr|To|FIId|FinInstnId|BICFI","YYYYYYYYYY")
loXmlToSign.UpdateChildContent("Body|AppHdr|BizMsgIdr","ZZZZZZZZAXXX999999999999999999999")
loXmlToSign.UpdateChildContent("Body|AppHdr|MsgDefIdr","pacs.008.001.08")
loXmlToSign.UpdateChildContent("Body|AppHdr|BizSvc","IPS")
loXmlToSign.UpdateChildContent("Body|AppHdr|CreDt","2017-09-13T18:18:00Z")
loXmlToSign.UpdateAttrAt("Body|Document",.T.,"xmlns","urn:iso:std:iso:20022:tech:xsd:pacs.008.001.08")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|GrpHdr|MsgId","ZZZZZZZZAXXX999999999999999999999")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|GrpHdr|CreDtTm","2017-09-13T18:18:00")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|GrpHdr|NbOfTxs","1")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|GrpHdr|SttlmInf|SttlmMtd","CLRG")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtId|EndToEndId","NOTPROVIDED")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtId|TxId","ZZZZZZZZAXXX999999999999999999999")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|ClrChanl","RTNS")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|LclInstrm|Prtry","CSCT")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|CtgyPurp|Prtry","001")
loXmlToSign.UpdateAttrAt("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmAmt",.T.,"Ccy","JOD")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmAmt","71.12")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmDt","2018-01-14")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|ChrgBr","SLEV")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstgAgt|FinInstnId|BICFI","ZZZZZZZZ")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstdAgt|FinInstnId|BICFI","UBSIJOA0")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Dbtr|Nm","John Johnson")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAcct|Id|IBAN","JO22CITI00000000000555555555")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|BICFI","ZZZZZZZZ")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|Othr|Id","200004")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|Othr|SchmeNm|Prtry","1700099999")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgtAcct|Id|IBAN","JO66CITI22222222222222222222")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|BICFI","UBSIJOA0")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|Othr|Id","210027")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|Othr|SchmeNm|Prtry","1400199999")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgtAcct|Id|IBAN","JO44UBSI33333333333333333333")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Cdtr|Nm","Omega Jones")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAcct|Id|IBAN","JO95UBSI00000000000777777777")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstrForNxtAgt|InstrInf","/BNF/Details")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Purp|Prtry","5814")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf","SOMEINFORMATIONABOUTPAYMENT-1")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf[1]","SOMEINFORMATIONABOUTPAYMENT-2")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf[2]","SOMEINFORMATIONABOUTPAYMENT-3")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Tax|Cdtr|TaxId","9900083901")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Tax|Dbtr|TaxId","1000387561")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RmtInf|Ustrd","EDV UCUN ODENIR")
loXmlToSign.UpdateChildContent("Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RmtInf|Ustrd[1]","EXTRA INFO")

// The following XML is to be signed:

// <?xml version="1.0" encoding="UTF-8"?>
// <DataPDU xmlns="urn:cma:stp:xsd:stp.1.0">
// 	<Body>
// 		<AppHdr xmlns="urn:iso:std:iso:20022:tech:xsd:head.001.001.01">
// 			<Fr>
// 				<FIId>
// 					<FinInstnId>
// 						<BICFI>ZZZZZZZZ</BICFI>
// 					</FinInstnId>
// 				</FIId>
// 			</Fr>
// 			<To>
// 				<FIId>
// 					<FinInstnId>
// 						<BICFI>YYYYYYYYYY</BICFI>
// 					</FinInstnId>
// 				</FIId>
// 			</To>
// 			<BizMsgIdr>ZZZZZZZZAXXX999999999999999999999</BizMsgIdr>
// 			<MsgDefIdr>pacs.008.001.08</MsgDefIdr>
// 			<BizSvc>IPS</BizSvc>
// 			<CreDt>2017-09-13T18:18:00Z</CreDt>
// 		</AppHdr>
// 		<Document xmlns="urn:iso:std:iso:20022:tech:xsd:pacs.008.001.08">
// 			<FIToFICstmrCdtTrf>
// 				<GrpHdr>
// 					<MsgId>ZZZZZZZZAXXX999999999999999999999</MsgId>
// 					<CreDtTm>2017-09-13T18:18:00</CreDtTm>
// 					<NbOfTxs>1</NbOfTxs>
// 					<SttlmInf>
// 						<SttlmMtd>CLRG</SttlmMtd>
// 					</SttlmInf>
// 				</GrpHdr>
// 				<CdtTrfTxInf>
// 					<PmtId>
// 						<EndToEndId>NOTPROVIDED</EndToEndId>
// 						<TxId>ZZZZZZZZAXXX999999999999999999999</TxId>
// 					</PmtId>
// 					<PmtTpInf>
// 						<ClrChanl>RTNS</ClrChanl>
// 						<LclInstrm>
// 							<Prtry>CSCT</Prtry>
// 						</LclInstrm>
// 						<CtgyPurp>
// 							<Prtry>001</Prtry>
// 						</CtgyPurp>
// 					</PmtTpInf>
// 					<IntrBkSttlmAmt Ccy="JOD">71.12</IntrBkSttlmAmt>
// 					<IntrBkSttlmDt>2018-01-14</IntrBkSttlmDt>
// 					<ChrgBr>SLEV</ChrgBr>
// 					<InstgAgt>
// 						<FinInstnId>
// 							<BICFI>ZZZZZZZZ</BICFI>
// 						</FinInstnId>
// 					</InstgAgt>
// 					<InstdAgt>
// 						<FinInstnId>
// 							<BICFI>UBSIJOA0</BICFI>
// 						</FinInstnId>
// 					</InstdAgt>
// 					<Dbtr>
// 						<Nm>John Johnson</Nm>
// 					</Dbtr>
// 					<DbtrAcct>
// 						<Id>
// 							<IBAN>JO22CITI00000000000555555555</IBAN>
// 						</Id>
// 					</DbtrAcct>
// 					<DbtrAgt>
// 						<FinInstnId>
// 							<BICFI>ZZZZZZZZ</BICFI>
// 							<Othr>
// 								<Id>200004</Id>
// 								<SchmeNm>
// 									<Prtry>1700089999</Prtry>
// 								</SchmeNm>
// 							</Othr>
// 						</FinInstnId>
// 					</DbtrAgt>
// 					<DbtrAgtAcct>
// 						<Id>
// 							<IBAN>JO66CITI22222222222222222222</IBAN>
// 						</Id>
// 					</DbtrAgtAcct>
// 					<CdtrAgt>
// 						<FinInstnId>
// 							<BICFI>UBSIJOA0</BICFI>
// 							<Othr>
// 								<Id>210027</Id>
// 								<SchmeNm>
// 									<Prtry>1400199999</Prtry>
// 								</SchmeNm>
// 							</Othr>
// 						</FinInstnId>
// 					</CdtrAgt>
// 					<CdtrAgtAcct>
// 						<Id>
// 							<IBAN>JO44UBSI33333333333333333333</IBAN>
// 						</Id>
// 					</CdtrAgtAcct>
// 					<Cdtr>
// 						<Nm>Omega Jones</Nm>
// 					</Cdtr>
// 					<CdtrAcct>
// 						<Id>
// 							<IBAN>JO95UBSI00000000000777777777</IBAN>
// 						</Id>
// 					</CdtrAcct>
// 					<InstrForNxtAgt>
// 						<InstrInf>/BNF/Details</InstrInf>
// 					</InstrForNxtAgt>
// 					<Purp>
// 						<Prtry>5814</Prtry>
// 					</Purp>
// 					<RgltryRptg>
// 						<Dtls>
// 							<Inf>SOMEINFORMATIONABOUTPAYMENT-1</Inf>
// 							<Inf>SOMEINFORMATIONABOUTPAYMENT-2</Inf>
// 							<Inf>SOMEINFORMATIONABOUTPAYMENT-3</Inf>
// 						</Dtls>
// 					</RgltryRptg>
// 					<Tax>
// 						<Cdtr>
// 							<TaxId>9900083901</TaxId>
// 						</Cdtr>
// 						<Dbtr>
// 							<TaxId>1000387561</TaxId>
// 						</Dbtr>
// 					</Tax>
// 					<RmtInf>
// 						<Ustrd>EDV UCUN ODENIR</Ustrd>
// 						<Ustrd>EXTRA INFO</Ustrd>
// 					</RmtInf>
// 				</CdtTrfTxInf>
// 			</FIToFICstmrCdtTrf>
// 		</Document>
// 	</Body>
// </DataPDU>

loGen = createobject("CkXmlDSigGen")

loGen.SigLocation = "DataPDU|Body|AppHdr|Sgntr"
loGen.SigLocationMod = 0
loGen.SigNamespacePrefix = "ds"
loGen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
loGen.SignedInfoCanonAlg = "EXCL_C14N"
loGen.SignedInfoDigestMethod = "sha256"

// Set the KeyInfoId before adding references..
loGen.KeyInfoId = "_f9f2c543-e50a-4a50-bd91-50155d27f7e2"

// Create an Object to be added to the Signature.
loObject1 = createobject("CkXml")
loObject1.Tag = "xades:QualifyingProperties"
loObject1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#")
loObject1.UpdateAttrAt("xades:SignedProperties",.T.,"Id","_4ed8e0ed-f47c-4262-909b-0458532ce7aa-signedprops")
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT")

loGen.AddObject("",loObject1.GetXml(),"","")

// -------- Reference 1 --------
loGen.AddSameDocRef("_f9f2c543-e50a-4a50-bd91-50155d27f7e2","sha256","EXCL_C14N","","")

// -------- Reference 2 --------
loGen.AddObjectRef("_4ed8e0ed-f47c-4262-909b-0458532ce7aa-signedprops","sha256","EXCL_C14N","","http://uri.etsi.org/01903/v1.3.2#SignedProperties")

// -------- Reference 3 --------
loGen.AddSameDocRef("","sha256","EXCL_C14N","","")

// Provide a certificate + private key. (PFX password is test123)
loCert = createobject("CkCert")
llSuccess = loCert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
if (llSuccess <> .T.) then
    ? loCert.LastErrorText
    release loXmlToSign
    release loGen
    release loObject1
    release loCert
    return
endif

loGen.SetX509Cert(loCert,.T.)

loGen.KeyInfoType = "X509Data"
loGen.X509Type = "IssuerSerial"

// Load XML to be signed...
loSbXml = createobject("CkStringBuilder")
loXmlToSign.GetXmlSb(loSbXml)

// Can alternatively use "CompactSignedXml"
loGen.Behaviors = "IndentedSignature,LocalSigningTime"

// Sign the XML...
llSuccess = loGen.CreateXmlDSigSb(loSbXml)
if (llSuccess <> .T.) then
    ? loGen.LastErrorText
    release loXmlToSign
    release loGen
    release loObject1
    release loCert
    release loSbXml
    return
endif

// -----------------------------------------------

// Save the signed XML to a file.
llSuccess = loSbXml.WriteFile("qa_output/mx_signed.xml","utf-8",.F.)

? loSbXml.GetAsString()

// ----------------------------------------
// Verify the signatures we just produced...
loVerifier = createobject("CkXmlDSig")
llSuccess = loVerifier.LoadSignatureSb(loSbXml)
if (llSuccess <> .T.) then
    ? loVerifier.LastErrorText
    release loXmlToSign
    release loGen
    release loObject1
    release loCert
    release loSbXml
    release loVerifier
    return
endif

// Important: The above signature did not include the full X.509 certificate.
// You must call verifier.SetPublicKey to provide the public key of the certificate required for validation.

loVerifyCert = createobject("CkCert")
llSuccess = loVerifyCert.LoadFromFile("qa_data/certs/cert_test123.cer")
if (llSuccess <> .T.) then
    ? loVerifyCert.LastErrorText
    release loXmlToSign
    release loGen
    release loObject1
    release loCert
    release loSbXml
    release loVerifier
    release loVerifyCert
    return
endif

loPubKey = loVerifyCert.ExportPublicKey()
loVerifier.SetPublicKey(loPubKey)
release loPubKey

lnNumSigs = loVerifier.NumSignatures
lnVerifyIdx = 0
do while lnVerifyIdx < lnNumSigs
    loVerifier.Selector = lnVerifyIdx
    llVerified = loVerifier.VerifySignature(.T.)
    if (llVerified <> .T.) then
        ? loVerifier.LastErrorText
        release loXmlToSign
        release loGen
        release loObject1
        release loCert
        release loSbXml
        release loVerifier
        release loVerifyCert
        return
    endif

    lnVerifyIdx = lnVerifyIdx + 1
enddo
? "All signatures were successfully verified."


release loXmlToSign
release loGen
release loObject1
release loCert
release loSbXml
release loVerifier
release loVerifyCert