PowerBuilder
PowerBuilder
Create/Verify XML Signature with External Text Reference
See more XML Digital Signatures Examples
Demonstrates how to create an XML digital signature where the referenced data is external. In this case, the data is a text file located at the following URL: https://www.chilkatsoft.com/helloWorld.txtChilkat PowerBuilder Downloads
integer li_rc
integer li_Success
oleobject loo_Xml
oleobject loo_Cert
oleobject loo_Gen
oleobject loo_Http
oleobject loo_SbExternalTxt
integer li_BUsePrivateKey
oleobject loo_SbXml
oleobject loo_Verifier
oleobject loo_SbExternalData
integer li_NumRefs
integer i
integer li_BExternal
string ls_Uri
integer li_BVerified
li_Success = 0
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// This example inserts an XML signature into the following XML:
// <?xml version="1.0" encoding="UTF-8" standalone="no"?>
// <abc>
// <xyz>
// <name>helloWorld.txt</name>
// <url>https://www.chilkatsoft.com/helloWorld.txt</url>
// </xyz>
// </abc>
// Build the above XML to be signed.
loo_Xml = create oleobject
li_rc = loo_Xml.ConnectToNewObject("Chilkat.Xml")
if li_rc < 0 then
destroy loo_Xml
MessageBox("Error","Connecting to COM object failed")
return
end if
loo_Xml.Tag = "abc"
loo_Xml.UpdateChildContent("xyz|name","helloWorld.txt")
loo_Xml.UpdateChildContent("xyz|url","https://www.chilkatsoft.com/helloWorld.txt")
loo_Cert = create oleobject
li_rc = loo_Cert.ConnectToNewObject("Chilkat.Cert")
li_Success = loo_Cert.LoadPfxFile("qa_data/pfx/test_secret.pfx","secret")
if li_Success = 0 then
Write-Debug loo_Cert.LastErrorText
destroy loo_Xml
destroy loo_Cert
return
end if
loo_Gen = create oleobject
li_rc = loo_Gen.ConnectToNewObject("Chilkat.XmlDSigGen")
// Indicate the location within the XML the Signature will be inserted.
loo_Gen.SigLocation = "abc|xyz"
// Get the content of the text data to be referenced.
loo_Http = create oleobject
li_rc = loo_Http.ConnectToNewObject("Chilkat.Http")
loo_SbExternalTxt = create oleobject
li_rc = loo_SbExternalTxt.ConnectToNewObject("Chilkat.StringBuilder")
li_Success = loo_Http.QuickGetSb("https://www.chilkatsoft.com/helloWorld.txt",loo_SbExternalTxt)
if li_Success = 0 then
Write-Debug loo_Http.LastErrorText
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
return
end if
li_Success = loo_Gen.AddExternalTextRef("https://www.chilkatsoft.com/helloWorld.txt",loo_SbExternalTxt,"utf-8",0,"sha256","")
if li_Success = 0 then
Write-Debug loo_Gen.LastErrorText
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
return
end if
// Provide the private key for signing via the certificate, and indicate that
// we want the base64 of the certificate embedded in the KeyInfo.
loo_Gen.KeyInfoType = "X509Data"
loo_Gen.X509Type = "Certificate"
li_BUsePrivateKey = 1
li_Success = loo_Gen.SetX509Cert(loo_Cert,li_BUsePrivateKey)
if li_Success <> 1 then
Write-Debug loo_Gen.LastErrorText
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
return
end if
// Indicate we want an indented signature for readability.
// This can be removed after debugging is finished..
loo_Gen.Behaviors = "IndentedSignature"
// Now create and insert the Signature
loo_SbXml = create oleobject
li_rc = loo_SbXml.ConnectToNewObject("Chilkat.StringBuilder")
loo_Xml.GetXmlSb(loo_SbXml)
li_Success = loo_Gen.CreateXmlDSigSb(loo_SbXml)
if li_Success <> 1 then
Write-Debug loo_Gen.LastErrorText
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
destroy loo_SbXml
return
end if
// Examine the XML with the digital signature inserted
Write-Debug loo_SbXml.GetAsString()
// Here is the output:
// <?xml version="1.0" encoding="utf-8"?>
// <abc>
// <xyz>
// <name>helloWorld.txt</name>
// <url>https://www.chilkatsoft.com/helloWorld.txt</url>
// <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
// <ds:SignedInfo>
// <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
// <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
// <ds:Reference URI="https://www.chilkatsoft.com/helloWorld.txt">
// <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
// <ds:DigestValue>f4OxZX/x/FO5LcGBSKHWXfwtSx+j1ncoSt3SABJtkGk=</ds:DigestValue>
// </ds:Reference>
// </ds:SignedInfo>
// <ds:SignatureValue>syFSl...pZDiFQ==</ds:SignatureValue>
// <ds:KeyInfo>
// <ds:X509Data>
// <ds:X509Certificate>MIIHAz...GwnUZWCaDE=</ds:X509Certificate>
// </ds:X509Data>
// </ds:KeyInfo>
// </ds:Signature></xyz>
// </abc>
// Let's verify the signature...
loo_Verifier = create oleobject
li_rc = loo_Verifier.ConnectToNewObject("Chilkat.XmlDSig")
li_Success = loo_Verifier.LoadSignatureSb(loo_SbXml)
if li_Success <> 1 then
Write-Debug loo_Verifier.LastErrorText
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
destroy loo_SbXml
destroy loo_Verifier
return
end if
// Let's examine the external references, and fetch the data for each..
loo_SbExternalData = create oleobject
li_rc = loo_SbExternalData.ConnectToNewObject("Chilkat.StringBuilder")
li_NumRefs = loo_Verifier.NumReferences
i = 0
do while i < li_NumRefs
li_BExternal = loo_Verifier.IsReferenceExternal(i)
if li_BExternal = 1 then
ls_Uri = loo_Verifier.ReferenceUri(i)
// We're assuming the URI is an https:// or http:// URL...
// Let's also assume we know that the referenced data is text and we want the utf-8 byte representation.
loo_SbExternalData.Clear()
li_Success = loo_Http.QuickGetSb(ls_Uri,loo_SbExternalData)
if li_Success = 0 then
Write-Debug loo_Http.LastErrorText
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
destroy loo_SbXml
destroy loo_Verifier
destroy loo_SbExternalData
return
end if
li_Success = loo_Verifier.SetRefDataSb(i,loo_SbExternalData,"utf-8")
if li_Success = 0 then
Write-Debug loo_Verifier.LastErrorText
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
destroy loo_SbXml
destroy loo_Verifier
destroy loo_SbExternalData
return
end if
end if
i = i + 1
loop
// Now that we have the external data available, we can verify the reference digest(s) and the signature.
li_BVerified = loo_Verifier.VerifySignature(1)
if li_BVerified <> 1 then
Write-Debug loo_Verifier.LastErrorText
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
destroy loo_SbXml
destroy loo_Verifier
destroy loo_SbExternalData
return
end if
Write-Debug "Signature verified!"
destroy loo_Xml
destroy loo_Cert
destroy loo_Gen
destroy loo_Http
destroy loo_SbExternalTxt
destroy loo_SbXml
destroy loo_Verifier
destroy loo_SbExternalData