#include <stdio.h> #import <msxml5.dll> using namespace MSXML2; // Notice that the Base64 encoded value of "secret" is "c2VjcmV0". unsigned char HMACSECRET[] = "secret"; #define HMACLENGTH -1 #define DSIGNS "xmlns:ds='http://www.w3.org/2000/09/xmldsig#'" #define SIG_IN "signature-template-enveloping-hmac-sha1.xml" #define SIG_OUT "signature-enveloping-hmac-sha1.xml" IXMLDOMDocument3Ptr xmldoc = NULL; IXMLDigitalSignatureExPtr xmldsig = NULL; VARIANT_BOOL objectsAreInitialized = VARIANT_FALSE; VARIANT_BOOL LoadXML(_bstr_t sigFile) { if (!objectsAreInitialized) { printf("Must initialize objects before loading signature.\n"); return VARIANT_FALSE; } if (xmldoc->load(sigFile) == VARIANT_FALSE) { printf("Can't load %s\n", (LPCSTR)sigFile); return VARIANT_FALSE; } xmldoc->setProperty("SelectionNamespaces", DSIGNS); xmldsig->signature = xmldoc->selectSingleNode(".//ds:Signature"); if (xmldsig->signature == NULL) { printf("Failed to set the signature property.\n"); return VARIANT_FALSE; } return VARIANT_TRUE; } VARIANT_BOOL SignXML(unsigned char *secret, long length) { IXMLDSigKeyPtr pKey, pKeyOut; if (xmldsig->signature == NULL) { printf("Invalid signature template.\n"); return VARIANT_FALSE; } pKey = xmldsig->createKeyFromHMACSecretBinary( secret, strlen((const char*)secret), length); if (pKey== NULL) { printf("Invalid key from HMACsecret\n"); return VARIANT_FALSE; } // KEYVALUE is defined in XMLDSIG_WRITEKEYINFO enum. pKeyOut = xmldsig->sign(pKey, KEYVALUE); if (pKeyOut== NULL) { printf("Invalid signature.\n"); return VARIANT_FALSE; } xmldoc->save(SIG_OUT); printf("The data referenced in the signature template was signed "); printf("successfully.\nResultant signature:\n\n%s\n",(LPCSTR)xmldoc->xml); return VARIANT_TRUE; } VARIANT_BOOL VerifyXML(unsigned char* secret, long length) { IXMLDSigKeyPtr pKey, pKeyOut; pKey = xmldsig->createKeyFromHMACSecretBinary( secret, strlen((const char*)secret), length); if (pKey== NULL) { printf("Invalid key from HMACsecretBinary\n"); return VARIANT_FALSE; } pKeyOut = xmldsig->verify(pKey); if (pKeyOut== NULL) { printf("Invalid signature.\n"); return VARIANT_FALSE; } printf("The data referenced in the signature object was verified successfully.\n"); return VARIANT_TRUE; } VARIANT_BOOL initObjects() { if (FAILED(xmldsig.CreateInstance(__uuidof(MXDigitalSignature50)) )) { printf("Installation of msxml5 is required to run this app.\n"); return VARIANT_FALSE; } if (FAILED(xmldoc.CreateInstance(__uuidof(DOMDocument50)) )) { printf("Installation of msxml5 is required to run this app.\n"); return VARIANT_FALSE; } xmldoc->async = VARIANT_FALSE; xmldoc->validateOnParse = VARIANT_FALSE; xmldoc->preserveWhiteSpace = VARIANT_TRUE; xmldoc->resolveExternals = VARIANT_FALSE; objectsAreInitialized = VARIANT_TRUE; return VARIANT_TRUE; } void cleanObjects() { if (xmldoc) xmldoc.Release(); if (xmldsig) xmldsig.Release(); } void main() { if ( CoInitialize(NULL) == E_FAIL) { printf("can't initialize COM Lib\n"); exit(-1); } if (!initObjects()) { cleanObjects(); exit(-1); } if(VARIANT_TRUE == LoadXML(SIG_IN)) { if (VARIANT_TRUE != SignXML(HMACSECRET, HMACLENGTH)) { printf("exit with failure.\n"); goto clean; } } if(VARIANT_TRUE == LoadXML(SIG_OUT)) { if (VARIANT_TRUE != VerifyXML(HMACSECRET, HMACLENGTH)) { printf("exit with failure.\n"); goto clean; } } clean: cleanObjects(); CoUninitialize(); }
Try It!