Sample code for 30+ languages & platforms
Ruby

Alliance Access LAU Sign Message (XML Signature using HMAC-SHA-256)

See more XML Digital Signatures Examples

Demonstrates how to sign XML according to the requirements for Alliance Access LAU (Local Authentication) using HMAC-SHA-256.

Chilkat Ruby Downloads

Ruby
require 'chilkat'

success = false

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# We begin with this message:

# <?xml version="1.0" encoding="utf-8"?>
# <Saa:DataPDU xmlns:Saa="urn:swift:saa:xsd:saa.2.0" xmlns:Sw="urn:swift:snl:ns.Sw"
#   xmlns:SwGbl="urn:swift:snl:ns.SwGbl" xmlns:SwInt="urn:swift:snl:ns:SwInt" xmlns:SwSec="url:swift:snl:ns.SwSec">
#     <Saa:Revision>2.0.7</Saa:Revision>
#     <Saa:Header>
#         <Saa:Message>
# 			<test>blah blah</test>
#         </Saa:Message>
#     </Saa:Header>
#     <Saa:Body>...</Saa:Body>
#     <Saa:LAU>
#     </Saa:LAU>
# </Saa:DataPDU>

# And we want so sign to create this as the result:
# The signed XML we'll create will not be indented and pretty-printed like this.
# Instead, we'll use the "CompactSignedXml" behavior to produce compact single-line XML.

# <?xml version="1.0" encoding="utf-8"?>
# <Saa:DataPDU xmlns:Saa="urn:swift:saa:xsd:saa.2.0" xmlns:Sw="urn:swift:snl:ns.Sw"
#   xmlns:SwGbl="urn:swift:snl:ns.SwGbl" xmlns:SwInt="urn:swift:snl:ns:SwInt" xmlns:SwSec="url:swift:snl:ns.SwSec">
#     <Saa:Revision>2.0.7</Saa:Revision>
#     <Saa:Header>
#         <Saa:Message>
# 			<test>blah blah</test>
#         </Saa:Message>
#     </Saa:Header>
#     <Saa:Body>...</Saa:Body>
#     <Saa:LAU>
#         <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
#             <ds:SignedInfo>
#                 <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
#                 <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/>
#                 <ds:Reference URI="">
#                     <ds:Transforms>
#                         <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
#                         <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
#                     </ds:Transforms>
#                     <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
#                     <ds:DigestValue>Y7oScHnYOUQvni/TSzZbDec+HR+mWIFH149GXpwj1Ws=</ds:DigestValue>
#                 </ds:Reference>
#             </ds:SignedInfo>
#             <ds:SignatureValue>6ynF/FcwbPsHrtlj3h2agJigdnvpbO6hOzKSRGzqkw0=</ds:SignatureValue>
#         </ds:Signature>
#     </Saa:LAU>
# </Saa:DataPDU>

success = true

# Create the XML to be signed...

# (The XML does not need to be created this way.  It can be loaded from a file or a string.)
# Also, use this online tool to generate code from sample XML: 
# Generate Code to Create XML

xmlToSign = Chilkat::CkXml.new()
xmlToSign.put_Tag("Saa:DataPDU")
xmlToSign.AddAttribute("xmlns:Saa","urn:swift:saa:xsd:saa.2.0")
xmlToSign.AddAttribute("xmlns:Sw","urn:swift:snl:ns.Sw")
xmlToSign.AddAttribute("xmlns:SwGbl","urn:swift:snl:ns.SwGbl")
xmlToSign.AddAttribute("xmlns:SwInt","urn:swift:snl:ns:SwInt")
xmlToSign.AddAttribute("xmlns:SwSec","url:swift:snl:ns.SwSec")
xmlToSign.UpdateChildContent("Saa:Revision","2.0.7")
xmlToSign.UpdateChildContent("Saa:Header|Saa:Message|test","blah blah")
xmlToSign.UpdateChildContent("Saa:Body","...")
xmlToSign.UpdateChildContent("Saa:LAU","")

gen = Chilkat::CkXmlDSigGen.new()

gen.put_SigLocation("Saa:DataPDU|Saa:LAU")
gen.put_SigLocationMod(0)
gen.put_SigNamespacePrefix("ds")
gen.put_SigNamespaceUri("http://www.w3.org/2000/09/xmldsig#")
gen.put_SignedInfoCanonAlg("EXCL_C14N")
gen.put_SignedInfoDigestMethod("sha256")

# You may alternatively choose "IndentedSignature" instead of "CompactSignedXml"
gen.put_Behaviors("CompactSignedXml")

gen.AddSameDocRef("","sha256","EXCL_C14N","","")

# Specify the HMAC key.
# For example, if the HMAC key is to be the us-ascii bytes of the string "secret",
# the HMAC key can be set in any of the following ways (and also more ways not shown here..)
gen.SetHmacKey("secret","ascii")
# or
gen.SetHmacKey("c2VjcmV0","base64")
# or
gen.SetHmacKey("736563726574","hex")

# Sign the XML..
sbXml = Chilkat::CkStringBuilder.new()
xmlToSign.GetXmlSb(sbXml)
success = gen.CreateXmlDSigSb(sbXml)
if (success != true)
    print gen.lastErrorText() + "\n";
    exit
end

# Save the signed XML to a file.
success = sbXml.WriteFile("qa_output/signedXml.xml","utf-8",false)

# Show the signed XML.
print sbXml.getAsString() + "\n";