|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Unicode C++) XML-DSig Add Reference with Transforms Specified ExplicitlyDemonstrates how to use the new AddSameDocRef2 method to explicitly specify the XML Transforms fragment.
#include <CkXmlW.h> #include <CkXmlDSigGenW.h> #include <CkCertW.h> #include <CkStringBuilderW.h> #include <CkXmlDSigW.h> void ChilkatSample(void) { // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. bool success = true; // Create the following XML to be signed: // <doc> // <s id="s1">Some text...</s> // <p>Some text...</p> // <p class="note">A note...</p> // </doc> // Use this online tool to generate code from sample XML: // Generate Code to Create XML CkXmlW xmlToSign; xmlToSign.put_Tag(L"doc"); xmlToSign.UpdateAttrAt(L"s",true,L"id",L"s1"); xmlToSign.UpdateChildContent(L"s",L"Some text..."); xmlToSign.UpdateChildContent(L"p",L"Some text..."); xmlToSign.UpdateAttrAt(L"p[1]",true,L"class",L"note"); xmlToSign.UpdateChildContent(L"p[1]",L"A note..."); wprintf(L"%s\n",xmlToSign.getXml()); CkXmlDSigGenW gen; gen.put_SigLocation(L"doc"); gen.put_SigLocationMod(0); gen.put_SigId(L"Signature-78f29839-06af-448f-b479-ca46457fab1b-Signature"); gen.put_SigNamespacePrefix(L"ds"); gen.put_SigNamespaceUri(L"http://www.w3.org/2000/09/xmldsig#"); gen.put_SigValueId(L"Signature-78f29839-06af-448f-b479-ca46457fab1b-SignatureValue"); gen.put_SignedInfoCanonAlg(L"C14N"); gen.put_SignedInfoDigestMethod(L"sha1"); // Set the KeyInfoId before adding references.. gen.put_KeyInfoId(L"Signature-78f29839-06af-448f-b479-ca46457fab1b-KeyInfo"); // The following XML to be added as an Object to the Signature // Use this online tool to generate code from sample XML: // Generate Code to Create XML // <xades:QualifyingProperties Id="Signature-78f29839-06af-448f-b479-ca46457fab1b-QualifyingProperties" Target="#Signature-78f29839-06af-448f-b479-ca46457fab1b-Signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#"> // <xades:SignedProperties Id="Signature-78f29839-06af-448f-b479-ca46457fab1b-SignedProperties"> // <xades:SignedSignatureProperties> // <xades:SigningTime>TO BE GENERATED BY CHILKAT</xades:SigningTime> // <xades:SigningCertificate> // <xades:Cert> // <xades:CertDigest> // <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> // <ds:DigestValue>TO BE GENERATED BY CHILKAT</ds:DigestValue> // </xades:CertDigest> // <xades:IssuerSerial> // <ds:X509IssuerName>TO BE GENERATED BY CHILKAT</ds:X509IssuerName> // <ds:X509SerialNumber>TO BE GENERATED BY CHILKAT</ds:X509SerialNumber> // </xades:IssuerSerial> // </xades:Cert> // </xades:SigningCertificate> // </xades:SignedSignatureProperties> // <xades:SignedDataObjectProperties> // <xades:DataObjectFormat ObjectReference="#Reference-24eb6003-d41c-442c-a731-d4c58f94790b"> // <xades:Description/> // <xades:ObjectIdentifier> // <xades:Identifier Qualifier="OIDAsURN">urn:oid:1.2.840.10003.5.109.10</xades:Identifier> // <xades:Description/> // </xades:ObjectIdentifier> // <xades:MimeType>text/xml</xades:MimeType> // <xades:Encoding/> // </xades:DataObjectFormat> // </xades:SignedDataObjectProperties> // </xades:SignedProperties> // </xades:QualifyingProperties> CkXmlW object1; object1.put_Tag(L"xades:QualifyingProperties"); object1.AddAttribute(L"Id",L"Signature-78f29839-06af-448f-b479-ca46457fab1b-QualifyingProperties"); object1.AddAttribute(L"Target",L"#Signature-78f29839-06af-448f-b479-ca46457fab1b-Signature"); object1.AddAttribute(L"xmlns:ds",L"http://www.w3.org/2000/09/xmldsig#"); object1.AddAttribute(L"xmlns:xades",L"http://uri.etsi.org/01903/v1.3.2#"); object1.UpdateAttrAt(L"xades:SignedProperties",true,L"Id",L"Signature-78f29839-06af-448f-b479-ca46457fab1b-SignedProperties"); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime",L"TO BE GENERATED BY CHILKAT"); // Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1 object1.UpdateAttrAt(L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod",true,L"Algorithm",L"http://www.w3.org/2000/09/xmldsig#sha1"); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue",L"TO BE GENERATED BY CHILKAT"); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName",L"TO BE GENERATED BY CHILKAT"); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber",L"TO BE GENERATED BY CHILKAT"); object1.UpdateAttrAt(L"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",true,L"ObjectReference",L"#Reference-24eb6003-d41c-442c-a731-d4c58f94790b"); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Description",L""); object1.UpdateAttrAt(L"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier",true,L"Qualifier",L"OIDAsURN"); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier",L"urn:oid:1.2.840.10003.5.109.10"); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Description",L""); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType",L"text/xml"); object1.UpdateChildContent(L"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Encoding",L""); wprintf(L"%s\n",object1.getXml()); gen.AddObject(L"",object1.getXml(),L"",L""); // -------- Reference 1 -------- // Create the following Transforms fragment: // Use this online tool to generate code from sample XML: // Generate Code to Create XML // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> // <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> // <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> // <ds:XPath xmlns:ds="http://www.w3.org/2000/09/xmldsig#">not(ancestor-or-self::ds:Signature)</ds:XPath> // </ds:Transform> // </ds:Transforms> CkXmlW xml1; xml1.put_Tag(L"ds:Transforms"); xml1.UpdateAttrAt(L"ds:Transform",true,L"Algorithm",L"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"); xml1.UpdateAttrAt(L"ds:Transform[1]",true,L"Algorithm",L"http://www.w3.org/2000/09/xmldsig#enveloped-signature"); xml1.UpdateAttrAt(L"ds:Transform[2]",true,L"Algorithm",L"http://www.w3.org/TR/1999/REC-xpath-19991116"); xml1.UpdateAttrAt(L"ds:Transform[2]|ds:XPath",true,L"xmlns:ds",L"http://www.w3.org/2000/09/xmldsig#"); xml1.UpdateChildContent(L"ds:Transform[2]|ds:XPath",L"not(ancestor-or-self::ds:Signature)"); // This is the "Transforms" XML fragment passed to AddSameDocRef2. wprintf(L"%s\n",xml1.getXml()); gen.AddSameDocRef2(L"",L"sha1",xml1,L""); gen.SetRefIdAttr(L"",L"Reference-24eb6003-d41c-442c-a731-d4c58f94790b"); // -------- Reference 2 -------- gen.AddObjectRef(L"Signature-78f29839-06af-448f-b479-ca46457fab1b-SignedProperties",L"sha1",L"",L"",L"http://uri.etsi.org/01903#SignedProperties"); // -------- Reference 3 -------- gen.AddSameDocRef(L"Signature-78f29839-06af-448f-b479-ca46457fab1b-KeyInfo",L"sha1",L"",L"",L""); // Provide a certificate + private key. (PFX password is test123) CkCertW cert; success = cert.LoadPfxFile(L"qa_data/pfx/cert_test123.pfx",L"test123"); if (success != true) { wprintf(L"%s\n",cert.lastErrorText()); return; } gen.SetX509Cert(cert,true); gen.put_KeyInfoType(L"X509Data+KeyValue"); gen.put_X509Type(L"CertChain"); // Load XML to be signed... CkStringBuilderW sbXml; xmlToSign.GetXmlSb(sbXml); gen.put_Behaviors(L"IndentedSignature"); // Sign the XML... success = gen.CreateXmlDSigSb(sbXml); if (success != true) { wprintf(L"%s\n",gen.lastErrorText()); return; } // ----------------------------------------------- // Save the signed XML to a file. success = sbXml.WriteFile(L"qa_output/signedXml.xml",L"utf-8",false); wprintf(L"%s\n",sbXml.getAsString()); // ---------------------------------------- // Verify the signatures we just produced... CkXmlDSigW verifier; success = verifier.LoadSignatureSb(sbXml); if (success != true) { wprintf(L"%s\n",verifier.lastErrorText()); return; } int numSigs = verifier.get_NumSignatures(); int verifyIdx = 0; while (verifyIdx < numSigs) { verifier.put_Selector(verifyIdx); bool verified = verifier.VerifySignature(true); if (verified != true) { wprintf(L"%s\n",verifier.lastErrorText()); return; } verifyIdx = verifyIdx + 1; } wprintf(L"All signatures were successfully verified.\n"); } |
|||||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.