(Unicode C++) Verify XML Signature with External URL References

Demonstrates how to verify an XML digital signature that includes references to URLs where the data to be digested is on a web server.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <CkXmlDSigW.h>
#include <CkHttpW.h>
#include <CkStringBuilderW.h>
#include <CkBinDataW.h>

void ChilkatSample(void)
    {
    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // The signed XML we wish to verify contains external references such as this:

    //     <ds:Reference Id="xmldsig-e7ae7ce2-9133-4d56-bd97-0a6aef738cc2-ref0" URI="https://www.chilkatsoft.com/images/starfish.jpg">
    //       <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    //       <ds:DigestValue>AOU810yJV5Np/DnO29qpObqiTSTTCDvxGsX5ayiTYXI=</ds:DigestValue>
    //     </ds:Reference>
    //     <ds:Reference Id="xmldsig-e7ae7ce2-9133-4d56-bd97-0a6aef738cc2-ref1" URI="https://www.chilkatsoft.com/hamlet.xml">
    //       <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    //       <ds:DigestValue>4sRRyWOzC7EOic4fQ9+Op1pa10DbgoBGjBvkq09LZmE=</ds:DigestValue>
    //     </ds:Reference>

    CkXmlDSigW verifier;
    CkHttpW http;

    // First load the signed XML
    CkStringBuilderW sbSignedXml;
    bool success = sbSignedXml.LoadFile(L"qa_data/xml_dsig_verify/signedWithExternalUrlRefs.xml",L"utf-8");
    if (success == false) {
        wprintf(L"Failed to load signed XML.\n");
        return;
    }

    success = verifier.LoadSignatureSb(sbSignedXml);
    if (success == false) {
        wprintf(L"%s\n",verifier.lastErrorText());
        return;
    }

    // Iterate over each reference.  If it is an external URL reference, download the data and provide it to the verifier.
    CkStringBuilderW sbRefUri;
    CkBinDataW bd;
    int numRefs = verifier.get_NumReferences();
    int i = 0;
    while (i < numRefs) {
        if (verifier.IsReferenceExternal(i) == true) {
            sbRefUri.Clear();
            sbRefUri.Append(verifier.referenceUri(i));
            if (sbRefUri.StartsWith(L"https://",false) == true) {
                wprintf(L"External URL Reference: %s\n",sbRefUri.getAsString());

                // Download the data at the URL and provide to the verifier.
                success = http.DownloadBd(sbRefUri.getAsString(),bd);
                if (success == false) {
                    wprintf(L"%s\n",http.lastErrorText());
                    return;
                }

                success = verifier.SetRefDataBd(i,bd);
                if (success == false) {
                    wprintf(L"%s\n",verifier.lastErrorText());
                    return;
                }

            }

        }

        i = i + 1;
    }

    // Now that we have the external data, verify the signature..
    bool bVerified = verifier.VerifySignature(true);
    if (bVerified == false) {
        wprintf(L"%s\n",verifier.lastErrorText());
    }

    wprintf(L"Signature verified = %d\n",bVerified);
    }