Sample code for 30+ languages & platforms
VB.NET

Sign Italian SPID Metadata XML

See more XML Digital Signatures Examples

Demonstrates how to create an XML digital signature for Italian SPID Metadata.

Chilkat VB.NET Downloads

VB.NET
Dim success As Boolean = False

' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

success = True

' Load the XML to be signed.
Dim sbXml As New Chilkat.StringBuilder
success = sbXml.LoadFile("qa_data/xml_dsig/spid_metadata.xml","utf-8")
If (success = False) Then
    Debug.WriteLine("Failed to load the input file.")
    Exit Sub
End If


' The XML to sign contains XML such as this:

' <?xml version="1.0" encoding="utf-8"?>
' <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://***.it" ID="_AE17AFFF-A600-49D5-B81D-76EEA55B50FF">
'     <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true">
'         <md:KeyDescriptor use="signing">
'             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
'                 <ds:X509Data>
'                     <ds:X509Certificate>MIIF5...</ds:X509Certificate>
'                 </ds:X509Data>
'             </ds:KeyInfo>
'         </md:KeyDescriptor>
'         <md:KeyDescriptor use="encryption">
'             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
'                 <ds:X509Data>
'                     <ds:X509Certificate>MIIF5...</ds:X509Certificate>
'                 </ds:X509Data>
'             </ds:KeyInfo>
'         </md:KeyDescriptor>
'         <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://***.it/it-it/spid/logout"/>
'         <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
'         <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://***.it/it-it/spid/loginresp" index="0" isDefault="true"/>
'         <md:AttributeConsumingService index="1">
'             <md:ServiceName xml:lang="it">Servizi Online</md:ServiceName>
'             <md:ServiceDescription xml:lang="it">Accesso ai Servizi Online</md:ServiceDescription>
'             <md:RequestedAttribute Name="spidCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/>
'             <md:RequestedAttribute Name="name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/>
'             <md:RequestedAttribute Name="familyName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/>
'             <md:RequestedAttribute Name="fiscalNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"/>
'         </md:AttributeConsumingService>
'     </md:SPSSODescriptor>
'     <md:Organization>
'         <md:OrganizationName xml:lang="it">SomeCompany s.r.l.</md:OrganizationName>
'         <md:OrganizationDisplayName xml:lang="it">SomeCompany s.r.l.</md:OrganizationDisplayName>
'         <md:OrganizationURL xml:lang="it">https://***.it</md:OrganizationURL>
'     </md:Organization>
' </md:EntityDescriptor>

Dim gen As New Chilkat.XmlDSigGen

gen.SigLocation = "md:EntityDescriptor|md:SPSSODescriptor"
gen.SigLocationMod = 2
gen.SignedInfoCanonAlg = "EXCL_C14N"
gen.SignedInfoDigestMethod = "sha256"

' -------- Reference 1 --------
gen.AddSameDocRef("_AE17AFFF-A600-49D5-B81D-76EEA55B50FF","sha256","EXCL_C14N","","")

' Provide a certificate + private key. (PFX password is test123)
Dim cert As New Chilkat.Cert
success = cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
If (success <> True) Then
    Debug.WriteLine(cert.LastErrorText)
    Exit Sub
End If

gen.SetX509Cert(cert,True)

gen.KeyInfoType = "X509Data+KeyValue"
gen.X509Type = "Certificate"

gen.Behaviors = "IndentedSignature,ForceAddEnvelopedSignatureTransform,OmitAlreadyDefinedSigNamespace"

' Sign the XML...
success = gen.CreateXmlDSigSb(sbXml)
If (success <> True) Then
    Debug.WriteLine(gen.LastErrorText)
    Exit Sub
End If

' -----------------------------------------------

' Save the signed XML to a file.
success = sbXml.WriteFile("qa_output/signedXml.xml","utf-8",False)

Debug.WriteLine(sbXml.GetAsString())

' ----------------------------------------
' Verify the signatures we just produced...
Dim verifier As New Chilkat.XmlDSig
success = verifier.LoadSignatureSb(sbXml)
If (success <> True) Then
    Debug.WriteLine(verifier.LastErrorText)
    Exit Sub
End If


Dim numSigs As Integer = verifier.NumSignatures
Dim verifyIdx As Integer = 0
While verifyIdx < numSigs
    verifier.Selector = verifyIdx
    Dim verified As Boolean = verifier.VerifySignature(True)
    If (verified <> True) Then
        Debug.WriteLine(verifier.LastErrorText)
        Exit Sub
    End If

    verifyIdx = verifyIdx + 1
End While
Debug.WriteLine("All signatures were successfully verified.")