Sample code for 30+ languages & platforms
PowerBuilder

Sign Italian SPID Metadata XML

See more XML Digital Signatures Examples

Demonstrates how to create an XML digital signature for Italian SPID Metadata.

Chilkat PowerBuilder Downloads

PowerBuilder
integer li_rc
integer li_Success
oleobject loo_SbXml
oleobject loo_Gen
oleobject loo_Cert
oleobject loo_Verifier
integer li_NumSigs
integer li_VerifyIdx
integer li_Verified

li_Success = 0

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

li_Success = 1

// Load the XML to be signed.
loo_SbXml = create oleobject
li_rc = loo_SbXml.ConnectToNewObject("Chilkat.StringBuilder")
if li_rc < 0 then
    destroy loo_SbXml
    MessageBox("Error","Connecting to COM object failed")
    return
end if
li_Success = loo_SbXml.LoadFile("qa_data/xml_dsig/spid_metadata.xml","utf-8")
if li_Success = 0 then
    Write-Debug "Failed to load the input file."
    destroy loo_SbXml
    return
end if

// The XML to sign contains XML such as this:

// <?xml version="1.0" encoding="utf-8"?>
// <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://***.it" ID="_AE17AFFF-A600-49D5-B81D-76EEA55B50FF">
//     <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true">
//         <md:KeyDescriptor use="signing">
//             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
//                 <ds:X509Data>
//                     <ds:X509Certificate>MIIF5...</ds:X509Certificate>
//                 </ds:X509Data>
//             </ds:KeyInfo>
//         </md:KeyDescriptor>
//         <md:KeyDescriptor use="encryption">
//             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
//                 <ds:X509Data>
//                     <ds:X509Certificate>MIIF5...</ds:X509Certificate>
//                 </ds:X509Data>
//             </ds:KeyInfo>
//         </md:KeyDescriptor>
//         <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://***.it/it-it/spid/logout"/>
//         <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
//         <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://***.it/it-it/spid/loginresp" index="0" isDefault="true"/>
//         <md:AttributeConsumingService index="1">
//             <md:ServiceName xml:lang="it">Servizi Online</md:ServiceName>
//             <md:ServiceDescription xml:lang="it">Accesso ai Servizi Online</md:ServiceDescription>
//             <md:RequestedAttribute Name="spidCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/>
//             <md:RequestedAttribute Name="name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/>
//             <md:RequestedAttribute Name="familyName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/>
//             <md:RequestedAttribute Name="fiscalNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/>
//         </md:AttributeConsumingService>
//     </md:SPSSODescriptor>
//     <md:Organization>
//         <md:OrganizationName xml:lang="it">SomeCompany s.r.l.</md:OrganizationName>
//         <md:OrganizationDisplayName xml:lang="it">SomeCompany s.r.l.</md:OrganizationDisplayName>
//         <md:OrganizationURL xml:lang="it">https://***.it</md:OrganizationURL>
//     </md:Organization>
// </md:EntityDescriptor>

loo_Gen = create oleobject
li_rc = loo_Gen.ConnectToNewObject("Chilkat.XmlDSigGen")

loo_Gen.SigLocation = "md:EntityDescriptor|md:SPSSODescriptor"
loo_Gen.SigLocationMod = 2
loo_Gen.SignedInfoCanonAlg = "EXCL_C14N"
loo_Gen.SignedInfoDigestMethod = "sha256"

// -------- Reference 1 --------
loo_Gen.AddSameDocRef("_AE17AFFF-A600-49D5-B81D-76EEA55B50FF","sha256","EXCL_C14N","","")

// Provide a certificate + private key. (PFX password is test123)
loo_Cert = create oleobject
li_rc = loo_Cert.ConnectToNewObject("Chilkat.Cert")

li_Success = loo_Cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
if li_Success <> 1 then
    Write-Debug loo_Cert.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    return
end if

loo_Gen.SetX509Cert(loo_Cert,1)

loo_Gen.KeyInfoType = "X509Data+KeyValue"
loo_Gen.X509Type = "Certificate"

loo_Gen.Behaviors = "IndentedSignature,ForceAddEnvelopedSignatureTransform,OmitAlreadyDefinedSigNamespace"

// Sign the XML...
li_Success = loo_Gen.CreateXmlDSigSb(loo_SbXml)
if li_Success <> 1 then
    Write-Debug loo_Gen.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    return
end if

// -----------------------------------------------

// Save the signed XML to a file.
li_Success = loo_SbXml.WriteFile("qa_output/signedXml.xml","utf-8",0)

Write-Debug loo_SbXml.GetAsString()

// ----------------------------------------
// Verify the signatures we just produced...
loo_Verifier = create oleobject
li_rc = loo_Verifier.ConnectToNewObject("Chilkat.XmlDSig")

li_Success = loo_Verifier.LoadSignatureSb(loo_SbXml)
if li_Success <> 1 then
    Write-Debug loo_Verifier.LastErrorText
    destroy loo_SbXml
    destroy loo_Gen
    destroy loo_Cert
    destroy loo_Verifier
    return
end if

li_NumSigs = loo_Verifier.NumSignatures
li_VerifyIdx = 0
do while li_VerifyIdx < li_NumSigs
    loo_Verifier.Selector = li_VerifyIdx
    li_Verified = loo_Verifier.VerifySignature(1)
    if li_Verified <> 1 then
        Write-Debug loo_Verifier.LastErrorText
        destroy loo_SbXml
        destroy loo_Gen
        destroy loo_Cert
        destroy loo_Verifier
        return
    end if

    li_VerifyIdx = li_VerifyIdx + 1
loop
Write-Debug "All signatures were successfully verified."


destroy loo_SbXml
destroy loo_Gen
destroy loo_Cert
destroy loo_Verifier