Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Tcl) Verify HMAC XML Digital SignatureDemonstrates how to validate an XML digital signature signed with an HMAC key.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # The XML containing the Signature to be verified contains the following: # <?xml version="1.0" encoding="UTF-8" standalone="no"?> # <collection Id="root"> # <album> # <title>Questions, unanswered</title> # <artist>Steve and the flubberblubs</artist> # <year>1989</year> # <t:tracks xmlns:t="http://test.xades4j/tracks"> # <t:song length="4:05" tracknumber="1"> # <t:title>What do you know?</t:title> # <t:artist>Steve and the flubberblubs</t:artist> # <t:lastplayed>2006-10-17-08:31</t:lastplayed> # </t:song> # <t:song length="3:45" tracknumber="2"> # <t:title>Who do you know?</t:title> # <t:artist>Steve and the flubberblubs</t:artist> # <t:lastplayed>2006-10-17-08:35</t:lastplayed> # </t:song> # <t:song length="5:14" tracknumber="3"> # <t:title>When do you know?</t:title> # <t:artist>Steve and the flubberblubs</t:artist> # <t:lastplayed>2006-10-17-08:39</t:lastplayed> # </t:song> # <t:song length="4:19" tracknumber="4"> # <t:title>Do you know?</t:title> # <t:artist>Steve and the flubberblubs</t:artist> # <t:lastplayed>2006-10-17-08:44</t:lastplayed> # </t:song> # </t:tracks> # </album> # <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/><ds:Reference URI="#root"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>rD/g8soqKz8EiPUBhEWfcQacS0ta4ULHX3dKMEH6ZoQ=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>R8dXP95VRYJBfL6d0Peogybdk27+R+JIfX8jnVu0NOI=</ds:SignatureValue></ds:Signature></collection> # The above XML is available at https://www.chilkatsoft.com/exampleData/hmacSigned.xml # First fetch the XML.. set url "https://www.chilkatsoft.com/exampleData/hmacSigned.xml" set http [new_CkHttp] set sbXml [new_CkStringBuilder] set success [CkHttp_QuickGetSb $http $url $sbXml] if {$success != 1} then { puts [CkHttp_lastErrorText $http] delete_CkHttp $http delete_CkStringBuilder $sbXml exit } set verifier [new_CkXmlDSig] # Load the XML containing the signature to be verified. set success [CkXmlDSig_LoadSignatureSb $verifier $sbXml] if {$success != 1} then { puts [CkXmlDSig_lastErrorText $verifier] delete_CkHttp $http delete_CkStringBuilder $sbXml delete_CkXmlDSig $verifier exit } # Provide the HMAC key # The HMAC key for this signature is the us-ascii bytes of the string "secret", # It can be set in any of the following ways (and also more ways not shown here..) CkXmlDSig_SetHmacKey $verifier "secret" "ascii" # or CkXmlDSig_SetHmacKey $verifier "c2VjcmV0" "base64" # or CkXmlDSig_SetHmacKey $verifier "736563726574" "hex" # Verify the signature set bVerified [CkXmlDSig_VerifySignature $verifier 1] puts "Signature verified = $bVerified" delete_CkHttp $http delete_CkStringBuilder $sbXml delete_CkXmlDSig $verifier |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.