Sample code for 30+ languages & platforms
Objective-C

IPS MX Signature - Digitally Sign MX Document

See more XML Digital Signatures Examples

Demonstrates how to digitally sign ISO 20022 SWIFT MX messages.

Chilkat Objective-C Downloads

Objective-C
#import <CkoXml.h>
#import <CkoXmlDSigGen.h>
#import <CkoCert.h>
#import <CkoStringBuilder.h>
#import <CkoXmlDSig.h>
#import <CkoPublicKey.h>

BOOL success = NO;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

success = YES;

// First create the XML to be signed, or load it from a file, or a string,

// To load XML from a file:
CkoXml *xmlToSign = [[CkoXml alloc] init];
success = [xmlToSign LoadXmlFile: @"c:/someDir/mx_document.xml"];

// Or to load XML from a string
success = [xmlToSign LoadXml: @"..."];

// Or create the XML directly.
[xmlToSign Clear];

// Use this online tool to generate code from sample XML: 
// Generate Code to Create XML

xmlToSign.Tag = @"DataPDU";
[xmlToSign AddAttribute: @"xmlns" value: @"urn:cma:stp:xsd:stp.1.0"];
[xmlToSign UpdateAttrAt: @"Body|AppHdr" autoCreate: YES attrName: @"xmlns" attrValue: @"urn:iso:std:iso:20022:tech:xsd:head.001.001.01"];
[xmlToSign UpdateChildContent: @"Body|AppHdr|Fr|FIId|FinInstnId|BICFI" value: @"ZZZZZZZZ"];
[xmlToSign UpdateChildContent: @"Body|AppHdr|To|FIId|FinInstnId|BICFI" value: @"YYYYYYYYYY"];
[xmlToSign UpdateChildContent: @"Body|AppHdr|BizMsgIdr" value: @"ZZZZZZZZAXXX999999999999999999999"];
[xmlToSign UpdateChildContent: @"Body|AppHdr|MsgDefIdr" value: @"pacs.008.001.08"];
[xmlToSign UpdateChildContent: @"Body|AppHdr|BizSvc" value: @"IPS"];
[xmlToSign UpdateChildContent: @"Body|AppHdr|CreDt" value: @"2017-09-13T18:18:00Z"];
[xmlToSign UpdateAttrAt: @"Body|Document" autoCreate: YES attrName: @"xmlns" attrValue: @"urn:iso:std:iso:20022:tech:xsd:pacs.008.001.08"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|GrpHdr|MsgId" value: @"ZZZZZZZZAXXX999999999999999999999"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|GrpHdr|CreDtTm" value: @"2017-09-13T18:18:00"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|GrpHdr|NbOfTxs" value: @"1"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|GrpHdr|SttlmInf|SttlmMtd" value: @"CLRG"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtId|EndToEndId" value: @"NOTPROVIDED"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtId|TxId" value: @"ZZZZZZZZAXXX999999999999999999999"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|ClrChanl" value: @"RTNS"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|LclInstrm|Prtry" value: @"CSCT"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|PmtTpInf|CtgyPurp|Prtry" value: @"001"];
[xmlToSign UpdateAttrAt: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmAmt" autoCreate: YES attrName: @"Ccy" attrValue: @"JOD"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmAmt" value: @"71.12"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|IntrBkSttlmDt" value: @"2018-01-14"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|ChrgBr" value: @"SLEV"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstgAgt|FinInstnId|BICFI" value: @"ZZZZZZZZ"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstdAgt|FinInstnId|BICFI" value: @"UBSIJOA0"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Dbtr|Nm" value: @"John Johnson"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAcct|Id|IBAN" value: @"JO22CITI00000000000555555555"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|BICFI" value: @"ZZZZZZZZ"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|Othr|Id" value: @"200004"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgt|FinInstnId|Othr|SchmeNm|Prtry" value: @"1700099999"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|DbtrAgtAcct|Id|IBAN" value: @"JO66CITI22222222222222222222"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|BICFI" value: @"UBSIJOA0"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|Othr|Id" value: @"210027"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgt|FinInstnId|Othr|SchmeNm|Prtry" value: @"1400199999"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAgtAcct|Id|IBAN" value: @"JO44UBSI33333333333333333333"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Cdtr|Nm" value: @"Omega Jones"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|CdtrAcct|Id|IBAN" value: @"JO95UBSI00000000000777777777"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|InstrForNxtAgt|InstrInf" value: @"/BNF/Details"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Purp|Prtry" value: @"5814"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf" value: @"SOMEINFORMATIONABOUTPAYMENT-1"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf[1]" value: @"SOMEINFORMATIONABOUTPAYMENT-2"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RgltryRptg|Dtls|Inf[2]" value: @"SOMEINFORMATIONABOUTPAYMENT-3"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Tax|Cdtr|TaxId" value: @"9900083901"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|Tax|Dbtr|TaxId" value: @"1000387561"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RmtInf|Ustrd" value: @"EDV UCUN ODENIR"];
[xmlToSign UpdateChildContent: @"Body|Document|FIToFICstmrCdtTrf|CdtTrfTxInf|RmtInf|Ustrd[1]" value: @"EXTRA INFO"];

// The following XML is to be signed:

// <?xml version="1.0" encoding="UTF-8"?>
// <DataPDU xmlns="urn:cma:stp:xsd:stp.1.0">
// 	<Body>
// 		<AppHdr xmlns="urn:iso:std:iso:20022:tech:xsd:head.001.001.01">
// 			<Fr>
// 				<FIId>
// 					<FinInstnId>
// 						<BICFI>ZZZZZZZZ</BICFI>
// 					</FinInstnId>
// 				</FIId>
// 			</Fr>
// 			<To>
// 				<FIId>
// 					<FinInstnId>
// 						<BICFI>YYYYYYYYYY</BICFI>
// 					</FinInstnId>
// 				</FIId>
// 			</To>
// 			<BizMsgIdr>ZZZZZZZZAXXX999999999999999999999</BizMsgIdr>
// 			<MsgDefIdr>pacs.008.001.08</MsgDefIdr>
// 			<BizSvc>IPS</BizSvc>
// 			<CreDt>2017-09-13T18:18:00Z</CreDt>
// 		</AppHdr>
// 		<Document xmlns="urn:iso:std:iso:20022:tech:xsd:pacs.008.001.08">
// 			<FIToFICstmrCdtTrf>
// 				<GrpHdr>
// 					<MsgId>ZZZZZZZZAXXX999999999999999999999</MsgId>
// 					<CreDtTm>2017-09-13T18:18:00</CreDtTm>
// 					<NbOfTxs>1</NbOfTxs>
// 					<SttlmInf>
// 						<SttlmMtd>CLRG</SttlmMtd>
// 					</SttlmInf>
// 				</GrpHdr>
// 				<CdtTrfTxInf>
// 					<PmtId>
// 						<EndToEndId>NOTPROVIDED</EndToEndId>
// 						<TxId>ZZZZZZZZAXXX999999999999999999999</TxId>
// 					</PmtId>
// 					<PmtTpInf>
// 						<ClrChanl>RTNS</ClrChanl>
// 						<LclInstrm>
// 							<Prtry>CSCT</Prtry>
// 						</LclInstrm>
// 						<CtgyPurp>
// 							<Prtry>001</Prtry>
// 						</CtgyPurp>
// 					</PmtTpInf>
// 					<IntrBkSttlmAmt Ccy="JOD">71.12</IntrBkSttlmAmt>
// 					<IntrBkSttlmDt>2018-01-14</IntrBkSttlmDt>
// 					<ChrgBr>SLEV</ChrgBr>
// 					<InstgAgt>
// 						<FinInstnId>
// 							<BICFI>ZZZZZZZZ</BICFI>
// 						</FinInstnId>
// 					</InstgAgt>
// 					<InstdAgt>
// 						<FinInstnId>
// 							<BICFI>UBSIJOA0</BICFI>
// 						</FinInstnId>
// 					</InstdAgt>
// 					<Dbtr>
// 						<Nm>John Johnson</Nm>
// 					</Dbtr>
// 					<DbtrAcct>
// 						<Id>
// 							<IBAN>JO22CITI00000000000555555555</IBAN>
// 						</Id>
// 					</DbtrAcct>
// 					<DbtrAgt>
// 						<FinInstnId>
// 							<BICFI>ZZZZZZZZ</BICFI>
// 							<Othr>
// 								<Id>200004</Id>
// 								<SchmeNm>
// 									<Prtry>1700089999</Prtry>
// 								</SchmeNm>
// 							</Othr>
// 						</FinInstnId>
// 					</DbtrAgt>
// 					<DbtrAgtAcct>
// 						<Id>
// 							<IBAN>JO66CITI22222222222222222222</IBAN>
// 						</Id>
// 					</DbtrAgtAcct>
// 					<CdtrAgt>
// 						<FinInstnId>
// 							<BICFI>UBSIJOA0</BICFI>
// 							<Othr>
// 								<Id>210027</Id>
// 								<SchmeNm>
// 									<Prtry>1400199999</Prtry>
// 								</SchmeNm>
// 							</Othr>
// 						</FinInstnId>
// 					</CdtrAgt>
// 					<CdtrAgtAcct>
// 						<Id>
// 							<IBAN>JO44UBSI33333333333333333333</IBAN>
// 						</Id>
// 					</CdtrAgtAcct>
// 					<Cdtr>
// 						<Nm>Omega Jones</Nm>
// 					</Cdtr>
// 					<CdtrAcct>
// 						<Id>
// 							<IBAN>JO95UBSI00000000000777777777</IBAN>
// 						</Id>
// 					</CdtrAcct>
// 					<InstrForNxtAgt>
// 						<InstrInf>/BNF/Details</InstrInf>
// 					</InstrForNxtAgt>
// 					<Purp>
// 						<Prtry>5814</Prtry>
// 					</Purp>
// 					<RgltryRptg>
// 						<Dtls>
// 							<Inf>SOMEINFORMATIONABOUTPAYMENT-1</Inf>
// 							<Inf>SOMEINFORMATIONABOUTPAYMENT-2</Inf>
// 							<Inf>SOMEINFORMATIONABOUTPAYMENT-3</Inf>
// 						</Dtls>
// 					</RgltryRptg>
// 					<Tax>
// 						<Cdtr>
// 							<TaxId>9900083901</TaxId>
// 						</Cdtr>
// 						<Dbtr>
// 							<TaxId>1000387561</TaxId>
// 						</Dbtr>
// 					</Tax>
// 					<RmtInf>
// 						<Ustrd>EDV UCUN ODENIR</Ustrd>
// 						<Ustrd>EXTRA INFO</Ustrd>
// 					</RmtInf>
// 				</CdtTrfTxInf>
// 			</FIToFICstmrCdtTrf>
// 		</Document>
// 	</Body>
// </DataPDU>

CkoXmlDSigGen *gen = [[CkoXmlDSigGen alloc] init];

gen.SigLocation = @"DataPDU|Body|AppHdr|Sgntr";
gen.SigLocationMod = [NSNumber numberWithInt:0];
gen.SigNamespacePrefix = @"ds";
gen.SigNamespaceUri = @"http://www.w3.org/2000/09/xmldsig#";
gen.SignedInfoCanonAlg = @"EXCL_C14N";
gen.SignedInfoDigestMethod = @"sha256";

// Set the KeyInfoId before adding references..
gen.KeyInfoId = @"_f9f2c543-e50a-4a50-bd91-50155d27f7e2";

// Create an Object to be added to the Signature.
CkoXml *object1 = [[CkoXml alloc] init];
object1.Tag = @"xades:QualifyingProperties";
[object1 AddAttribute: @"xmlns:xades" value: @"http://uri.etsi.org/01903/v1.3.2#"];
[object1 UpdateAttrAt: @"xades:SignedProperties" autoCreate: YES attrName: @"Id" attrValue: @"_4ed8e0ed-f47c-4262-909b-0458532ce7aa-signedprops"];
[object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime" value: @"TO BE GENERATED BY CHILKAT"];

[gen AddObject: @"" content: [object1 GetXml] mimeType: @"" encoding: @""];

// -------- Reference 1 --------
[gen AddSameDocRef: @"_f9f2c543-e50a-4a50-bd91-50155d27f7e2" digestMethod: @"sha256" canonMethod: @"EXCL_C14N" prefixList: @"" refType: @""];

// -------- Reference 2 --------
[gen AddObjectRef: @"_4ed8e0ed-f47c-4262-909b-0458532ce7aa-signedprops" digestMethod: @"sha256" canonMethod: @"EXCL_C14N" prefixList: @"" refType: @"http://uri.etsi.org/01903/v1.3.2#SignedProperties"];

// -------- Reference 3 --------
[gen AddSameDocRef: @"" digestMethod: @"sha256" canonMethod: @"EXCL_C14N" prefixList: @"" refType: @""];

// Provide a certificate + private key. (PFX password is test123)
CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadPfxFile: @"qa_data/pfx/cert_test123.pfx" password: @"test123"];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

[gen SetX509Cert: cert usePrivateKey: YES];

gen.KeyInfoType = @"X509Data";
gen.X509Type = @"IssuerSerial";

// Load XML to be signed...
CkoStringBuilder *sbXml = [[CkoStringBuilder alloc] init];
[xmlToSign GetXmlSb: sbXml];

// Can alternatively use "CompactSignedXml"
gen.Behaviors = @"IndentedSignature,LocalSigningTime";

// Sign the XML...
success = [gen CreateXmlDSigSb: sbXml];
if (success == NO) {
    NSLog(@"%@",gen.LastErrorText);
    return;
}

// -----------------------------------------------

// Save the signed XML to a file.
success = [sbXml WriteFile: @"qa_output/mx_signed.xml" charset: @"utf-8" emitBom: NO];

NSLog(@"%@",[sbXml GetAsString]);

// ----------------------------------------
// Verify the signatures we just produced...
CkoXmlDSig *verifier = [[CkoXmlDSig alloc] init];
success = [verifier LoadSignatureSb: sbXml];
if (success == NO) {
    NSLog(@"%@",verifier.LastErrorText);
    return;
}

// Important: The above signature did not include the full X.509 certificate.
// You must call verifier.SetPublicKey to provide the public key of the certificate required for validation.

CkoCert *verifyCert = [[CkoCert alloc] init];
success = [verifyCert LoadFromFile: @"qa_data/certs/cert_test123.cer"];
if (success == NO) {
    NSLog(@"%@",verifyCert.LastErrorText);
    return;
}

CkoPublicKey *pubKey = [[CkoPublicKey alloc] init];
[verifyCert GetPublicKey: pubKey];

[verifier SetPublicKey: pubKey];

int numSigs = [verifier.NumSignatures intValue];
int verifyIdx = 0;
while (verifyIdx < numSigs) {
    verifier.Selector = [NSNumber numberWithInt: verifyIdx];
    BOOL verified = [verifier VerifySignature: YES];
    if (verified != YES) {
        NSLog(@"%@",verifier.LastErrorText);
        return;
    }

    verifyIdx = verifyIdx + 1;
}

NSLog(@"%@",@"All signatures were successfully verified.");