|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Unicode C) Verify XML Signature with External Data ReferenceDemonstrates how to verify an XML digital signature where the data is external. In this case, the data is a JPG file. This example requires Chilkat v9.5.0.69 or greater.
#include <C_CkHttpW.h> #include <C_CkStringBuilderW.h> #include <C_CkXmlDSigW.h> #include <C_CkBinDataW.h> void ChilkatSample(void) { const wchar_t *url; HCkHttpW http; HCkStringBuilderW sbXml; BOOL success; HCkXmlDSigW verifier; const wchar_t *refUri; HCkBinDataW jpgData; BOOL bVerified; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // The XML containing the Signature to be verified contains the following: // <?xml version="1.0" encoding="UTF-8" standalone="no"?> // <abc> // <xyz> // <jpg> // <name>starfish.jpg</name> // <url>https://www.chilkatsoft.com/images/starfish.jpg</url> // <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg"><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>MbHOti6nOh9DJP/u7u1+a1u0wRYIGEdaAVk5ehxqeBhcR4qvGvCQ7wLxcfDuwFG2grSg43ANxDYngLqZTeFb5nCfywcuNBQI8FrNRVY5hkyv6kDW1BVN8ot9qPYX9oHxJp1e+nMszIiSxqHX3XDI7YnvFt/0CyeO5JaQQEzXzIwqqb8iUNcH/bJzR6CrTf1hGuQ5MPorG0bRwbYPPHHzipUqHBinK8VbHobnxL7GQHAhR8k9gDD35kZcMxf/74U7pGO19ZzTbdJW5S7q4bVVxvsuU3itTbhHI60pOE14ibrjZtIrPZLVUD3TQqIIF04TChW2NXdYOo3+ij4ZnP8x+g==</ds:SignatureValue><ds:KeyInfo><ds:KeyValue><ds:RSAKeyValue><ds:Modulus>sXeRhM55P13FbpNcXAMR3olbw2Wa6keZIHu5YTZYUBTlYWId+pNiwUz3zFIEo+0IfYR0H27ybIycQO+1IIzJofUFNMAL3tZps2OKPlsjuCPls6kXpXhv/gvhux8LrCtp4PcKWqJ6QVOZKChc7WAx40qFWzHi57ueqRTv3x0kESqGg/VjsqyTEvb55psJO2RsfhLT7+YVh3hImRM3RDaJdkTkPuOxeFyT6N7VXD09329sLuS3QkUbE9zEKDnz9X3d8dEQdJhSI9ba5fxl8R7fu8pB67ElfzFml96X1jLFtzy1pzOT5Fc4ROcaqlYckVzdBq9sxezm6MYmDBjNAcibRw==</ds:Modulus><ds:Exponent>AQAB</ds:Exponent></ds:RSAKeyValue></ds:KeyValue></ds:KeyInfo></ds:Signature></jpg> // </xyz> // </abc> // The above XML is available at https://www.chilkatsoft.com/exampleData/xmlsig_external_jpg_reference.xml // First fetch the XML.. url = L"https://www.chilkatsoft.com/exampleData/xmlsig_external_jpg_reference.xml"; http = CkHttpW_Create(); sbXml = CkStringBuilderW_Create(); success = CkHttpW_QuickGetSb(http,url,sbXml); if (success != TRUE) { wprintf(L"%s\n",CkHttpW_lastErrorText(http)); CkHttpW_Dispose(http); CkStringBuilderW_Dispose(sbXml); return; } verifier = CkXmlDSigW_Create(); // Load the XML containing the signatures to be verified. // Note that this particular Signature already contains the RSA public key that will be used // for verification. success = CkXmlDSigW_LoadSignatureSb(verifier,sbXml); if (success != TRUE) { wprintf(L"%s\n",CkXmlDSigW_lastErrorText(verifier)); CkHttpW_Dispose(http); CkStringBuilderW_Dispose(sbXml); CkXmlDSigW_Dispose(verifier); return; } // Get the Reference URI, which in this case is the URL to the binary data that was hashed. // This fetchs the URI attribute value from: <ds:Reference URI="https://www.chilkatsoft.com/images/starfish.jpg"> refUri = CkXmlDSigW_referenceUri(verifier,0); if (CkXmlDSigW_getLastMethodSuccess(verifier) != TRUE) { wprintf(L"No reference URI found.\n"); CkHttpW_Dispose(http); CkStringBuilderW_Dispose(sbXml); CkXmlDSigW_Dispose(verifier); return; } // Download the JPG data to be verified. jpgData = CkBinDataW_Create(); success = CkHttpW_QuickGetBd(http,refUri,jpgData); if (success != TRUE) { wprintf(L"%s\n",CkHttpW_lastErrorText(http)); CkHttpW_Dispose(http); CkStringBuilderW_Dispose(sbXml); CkXmlDSigW_Dispose(verifier); CkBinDataW_Dispose(jpgData); return; } // Provide the JPG data to the verifier CkXmlDSigW_SetRefDataBd(verifier,0,jpgData); // Verify the signature bVerified = CkXmlDSigW_VerifySignature(verifier,TRUE); wprintf(L"Signature verified = %d\n",bVerified); CkHttpW_Dispose(http); CkStringBuilderW_Dispose(sbXml); CkXmlDSigW_Dispose(verifier); CkBinDataW_Dispose(jpgData); } |
||||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.