PowerBuilder
PowerBuilder
Verify XML Signature with External Data Reference
See more XML Digital Signatures Examples
Demonstrates how to verify an XML digital signature where the data is external. In this case, the data is a JPG file.This example requires Chilkat v9.5.0.69 or greater.
Chilkat PowerBuilder Downloads
integer li_rc
integer li_Success
string ls_Url
oleobject loo_Http
oleobject loo_SbXml
oleobject loo_Verifier
string ls_RefUri
oleobject loo_JpgData
integer li_BVerified
li_Success = 0
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// The XML containing the Signature to be verified contains the following:
// <?xml version="1.0" encoding="UTF-8" standalone="no"?>
// <abc>
// <xyz>
// <jpg>
// <name>starfish.jpg</name>
// <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
// <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>MbHOti6nOh9DJP/u7u1+a1u0wRYIGEdaAVk5ehxqeBhcR4qvGvCQ7wLxcfDuwFG2grSg43ANxDYngLqZTeFb5nCfywcuNBQI8FrNRVY5hkyv6kDW1BVN8ot9qPYX9oHxJp1e+nMszIiSxqHX3XDI7YnvFt/0CyeO5JaQQEzXzIwqqb8iUNcH/bJzR6CrTf1hGuQ5MPorG0bRwbYPPHHzipUqHBinK8VbHobnxL7GQHAhR8k9gDD35kZcMxf/74U7pGO19ZzTbdJW5S7q4bVVxvsuU3itTbhHI60pOE14ibrjZtIrPZLVUD3TQqIIF04TChW2NXdYOo3+ij4ZnP8x+g==</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:RSAKeyValue><ds:Modulus>sXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNiwUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv/gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyTEvb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUbE9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRw==</ds:Modulus><ds:Exponent>AQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue></ds:KeyInfo></ds:Signature></jpg>
// </xyz>
// </abc>
// The above XML is available at https://www.chilkatsoft.com/exampleData/xmlsig_external_jpg_reference.xml
// First fetch the XML..
ls_Url = "https://www.chilkatsoft.com/exampleData/xmlsig_external_jpg_reference.xml"
loo_Http = create oleobject
li_rc = loo_Http.ConnectToNewObject("Chilkat.Http")
if li_rc < 0 then
destroy loo_Http
MessageBox("Error","Connecting to COM object failed")
return
end if
loo_SbXml = create oleobject
li_rc = loo_SbXml.ConnectToNewObject("Chilkat.StringBuilder")
li_Success = loo_Http.QuickGetSb(ls_Url,loo_SbXml)
if li_Success <> 1 then
Write-Debug loo_Http.LastErrorText
destroy loo_Http
destroy loo_SbXml
return
end if
loo_Verifier = create oleobject
li_rc = loo_Verifier.ConnectToNewObject("Chilkat.XmlDSig")
// Load the XML containing the signatures to be verified.
// Note that this particular Signature already contains the RSA public key that will be used
// for verification.
li_Success = loo_Verifier.LoadSignatureSb(loo_SbXml)
if li_Success <> 1 then
Write-Debug loo_Verifier.LastErrorText
destroy loo_Http
destroy loo_SbXml
destroy loo_Verifier
return
end if
// Get the Reference URI, which in this case is the URL to the binary data that was hashed.
// This fetchs the URI attribute value from: <ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg">
ls_RefUri = loo_Verifier.ReferenceUri(0)
if loo_Verifier.LastMethodSuccess <> 1 then
Write-Debug "No reference URI found."
destroy loo_Http
destroy loo_SbXml
destroy loo_Verifier
return
end if
// Download the JPG data to be verified.
loo_JpgData = create oleobject
li_rc = loo_JpgData.ConnectToNewObject("Chilkat.BinData")
li_Success = loo_Http.QuickGetBd(ls_RefUri,loo_JpgData)
if li_Success <> 1 then
Write-Debug loo_Http.LastErrorText
destroy loo_Http
destroy loo_SbXml
destroy loo_Verifier
destroy loo_JpgData
return
end if
// Provide the JPG data to the verifier
loo_Verifier.SetRefDataBd(0,loo_JpgData)
// Verify the signature
li_BVerified = loo_Verifier.VerifySignature(1)
Write-Debug "Signature verified = " + string(li_BVerified)
destroy loo_Http
destroy loo_SbXml
destroy loo_Verifier
destroy loo_JpgData