Discuss this help topic in SecureBlackbox Forum
XML: Use HMAC signing
HMAC is used when there's a need to encrypt the signature and make it available only to the recipient. The recipient must have a secret key in order to verify the signature. To make use of HMAC signing you need to
C#:
Signer.SignatureMethodType = TElXMLSigMethodType.xmtMAC;
Signer.MACMethod = TElXMLMACMethod.xmmHMAC_SHA256; // using HMAC with SHA 256-bit
...
TElXMLKeyInfoHMACData HMACKeyData = new TElXMLKeyInfoHMACData();
HMACKeyData.Key.Key = KeyDataBuffer; // set a buffer with a key
Signer.KeyData = HMACKeyData;
...
Delphi:
Signer.SignatureMethodType := xmtMAC;
Signer.MACMethod := xmmHMAC_SHA256; // using HMAC with SHA 256-bit
...
HMACKeyData := TElXMLKeyInfoHMACData.Create(True);
HMACKeyData.Key.Key := KeyDataBuffer; // set a buffer with a key
Signer.KeyData := HMACKeyData;
...
// when signing is finished we need to clear KeyData object
HMACKeyData.Free();