Sample code for 30+ languages & platforms
PureBasic

Create XML Signature with External Data Reference

See more XML Digital Signatures Examples

Demonstrates how to create an XML digital signature where the data is external. In this case, the data is a JPG file.

This example requires Chilkat v9.5.0.69 or greater.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkXmlDSigGen.pb"
IncludeFile "CkHttp.pb"
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkPrivateKey.pb"
IncludeFile "CkBinData.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; This example inserts an XML signature in the following XML:

    ; <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    ; <abc>
    ;   <xyz>
    ;     <jpg>
    ;         <name>starfish.jpg</name>
    ;         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
    ;     </jpg>
    ;   </xyz>
    ; </abc>

    ; The above XML is available at https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml
    ; First fetch the XML:

    url.s = "https://www.chilkatsoft.com/exampleData/addSignatureToThis.xml"
    http.i = CkHttp::ckCreate()
    If http.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    sbXml.i = CkStringBuilder::ckCreate()
    If sbXml.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkHttp::ckQuickGetSb(http,url,sbXml)
    If success <> 1
        Debug CkHttp::ckLastErrorText(http)
        CkHttp::ckDispose(http)
        CkStringBuilder::ckDispose(sbXml)
        ProcedureReturn
    EndIf

    ; We'll use an RSA private key for signing.  
    rsaKey.i = CkPrivateKey::ckCreate()
    If rsaKey.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkPrivateKey::ckLoadPemFile(rsaKey,"qa_data/rsa/rsaPrivKey_pkcs8.pem")
    If success <> 1
        Debug CkPrivateKey::ckLastErrorText(rsaKey)
        CkHttp::ckDispose(http)
        CkStringBuilder::ckDispose(sbXml)
        CkPrivateKey::ckDispose(rsaKey)
        ProcedureReturn
    EndIf

    xmlSigGen.i = CkXmlDSigGen::ckCreate()
    If xmlSigGen.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; Indicate were the Signature will be inserted:
    CkXmlDSigGen::setCkSigLocation(xmlSigGen, "abc|xyz|jpg")

    ; Provide the RSA key to be used for signing:
    CkXmlDSigGen::ckSetPrivateKey(xmlSigGen,rsaKey)

    ; Fetch the JPG image data.
    jpgUrl.s = "https://www.chilkatsoft.com/images/starfish.jpg"
    jpgData.i = CkBinData::ckCreate()
    If jpgData.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkHttp::ckQuickGetBd(http,jpgUrl,jpgData)
    If success <> 1
        Debug CkHttp::ckLastErrorText(http)
        CkHttp::ckDispose(http)
        CkStringBuilder::ckDispose(sbXml)
        CkPrivateKey::ckDispose(rsaKey)
        CkXmlDSigGen::ckDispose(xmlSigGen)
        CkBinData::ckDispose(jpgData)
        ProcedureReturn
    EndIf

    ; Add the external data reference:
    CkXmlDSigGen::ckAddExternalBinaryRef(xmlSigGen,jpgUrl,jpgData,"sha256","")

    ; Create the XML digital signature:
    success = CkXmlDSigGen::ckCreateXmlDSigSb(xmlSigGen,sbXml)
    If success <> 1
        Debug CkXmlDSigGen::ckLastErrorText(xmlSigGen)
        CkHttp::ckDispose(http)
        CkStringBuilder::ckDispose(sbXml)
        CkPrivateKey::ckDispose(rsaKey)
        CkXmlDSigGen::ckDispose(xmlSigGen)
        CkBinData::ckDispose(jpgData)
        ProcedureReturn
    EndIf

    ; Examine the XML that now contains the Signature:
    Debug CkStringBuilder::ckGetAsString(sbXml)

    ; <?xml version="1.0" encoding="UTF-8" standalone="no"?>
    ; <abc>
    ;   <xyz>
    ;     <jpg>
    ;         <name>starfish.jpg</name>
    ;         <url>https://www.chilkatsoft.com/images/starfish.jpg</url>
    ;     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ApHRr6nilNrzt3dLveC9zlPoSllaCMfHsbAwr+vYBPkHkJ4wD5LzDDhi1tSJZAAeTckmvSqIG3Wi0rgXQiSM644MD3coBFx4QgrY+GZ+XJJE2Y0Ye3VvaQBiRdUW3INGsW4GLubncgQk5JhuAQjo6O/GKpfEuYqUJj/6CLHLQwMPwbZ2043ykgzuPFoOZf6EydJMBAn1ORMvrpUn+zuA9UngOTGap6eWE4CeiNx23BRC2wSztbUjdCLcqXvgiYu/v0tBNaTcwy7b6+IFtwv/lNUUBUQJ/3p+aErzFn3wLeH3yeqpDCU0U6Dqu5SS1jYupcWWsLHJjYnj2066DPJi/g==</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:RSAKeyValue><ds:Modulus>sXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNiwUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv/gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyTEvb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUbE9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRw==</ds:Modulus><ds:Exponent>AQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue></ds:KeyInfo></ds:Signature></jpg>
    ;   </xyz>
    ; </abc>
    ; 


    CkHttp::ckDispose(http)
    CkStringBuilder::ckDispose(sbXml)
    CkPrivateKey::ckDispose(rsaKey)
    CkXmlDSigGen::ckDispose(xmlSigGen)
    CkBinData::ckDispose(jpgData)


    ProcedureReturn
EndProcedure