C
C
Create JPK_VAT XaDES-BES Signed XML
See more XAdES Examples
Demonstrates how to sign XML for JPK_VAT.Chilkat C Downloads
#include <C_CkXml.h>
#include <C_CkXmlDSigGen.h>
#include <C_CkCert.h>
#include <C_CkStringBuilder.h>
#include <C_CkXmlDSig.h>
void ChilkatSample(void)
{
BOOL success;
HCkXml xmlToSign;
HCkXmlDSigGen gen;
HCkXml object1;
HCkXml xml1;
HCkXml xml2;
HCkCert cert;
HCkStringBuilder sbXml;
HCkXmlDSig verifier;
BOOL verified;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// This example will sign the following XML document:
// <?xml version="1.0" encoding="utf-8"?>
// <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
// <DocumentType>JPK</DocumentType>
// <Version>01.02.01.20160617</Version>
// <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">...</EncryptionKey>
// <DocumentList>
// <Document>
// <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
// <FileName>JPK_VAT_3_v1-1_20181208.xml</FileName>
// <ContentLength>8736</ContentLength>
// <HashValue algorithm="SHA-256" encoding="Base64">JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=</HashValue>
// <FileSignatureList filesNumber="1">
// <Packaging>
// <SplitZip mode="zip" type="split"/>
// </Packaging>
// <Encryption>
// <AES block="16" mode="CBC" padding="PKCS#7" size="256">
// <IV bytes="16" encoding="Base64">FFsCRAPYJD3J6cRvd44UDA==</IV>
// </AES>
// </Encryption>
// <FileSignature>
// <OrdinalNumber>1</OrdinalNumber>
// <FileName>JPK_VAT_3_v1-1_20181208-000.xml.zip.aes</FileName>
// <ContentLength>16</ContentLength>
// <HashValue algorithm="MD5" encoding="Base64">BX2DTD3ASC/zF6aq/012Cg==</HashValue>
// </FileSignature>
// </FileSignatureList>
// </Document>
// </DocumentList>
// </InitUpload>
// First we build the XML to be signed.
//
// Use this online tool to generate the code from sample XML:
// Generate Code to Create XML
success = TRUE;
xmlToSign = CkXml_Create();
CkXml_putTag(xmlToSign,"InitUpload");
CkXml_AddAttribute(xmlToSign,"xmlns","http://e-dokumenty.mf.gov.pl");
CkXml_UpdateChildContent(xmlToSign,"DocumentType","JPK");
CkXml_UpdateChildContent(xmlToSign,"Version","01.02.01.20160617");
CkXml_UpdateAttrAt(xmlToSign,"EncryptionKey",TRUE,"algorithm","RSA");
CkXml_UpdateAttrAt(xmlToSign,"EncryptionKey",TRUE,"encoding","Base64");
CkXml_UpdateAttrAt(xmlToSign,"EncryptionKey",TRUE,"mode","ECB");
CkXml_UpdateAttrAt(xmlToSign,"EncryptionKey",TRUE,"padding","PKCS#1");
CkXml_UpdateChildContent(xmlToSign,"EncryptionKey","...");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FormCode",TRUE,"schemaVersion","1-1");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FormCode",TRUE,"systemCode","JPK_VAT (3)");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|FormCode","JPK_VAT");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|FileName","JPK_VAT_3_v1-1_20181208.xml");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|ContentLength","8736");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|HashValue",TRUE,"algorithm","SHA-256");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|HashValue",TRUE,"encoding","Base64");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|HashValue","JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList",TRUE,"filesNumber","1");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|Packaging|SplitZip",TRUE,"mode","zip");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|Packaging|SplitZip",TRUE,"type","split");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,"block","16");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,"mode","CBC");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,"padding","PKCS#7");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,"size","256");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|Encryption|AES|IV",TRUE,"bytes","16");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|Encryption|AES|IV",TRUE,"encoding","Base64");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|FileSignatureList|Encryption|AES|IV","FFsCRAPYJD3J6cRvd44UDA==");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber","1");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|FileSignatureList|FileSignature|FileName","JPK_VAT_3_v1-1_20181208-000.xml.zip.aes");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|FileSignatureList|FileSignature|ContentLength","16");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|FileSignature|HashValue",TRUE,"algorithm","MD5");
CkXml_UpdateAttrAt(xmlToSign,"DocumentList|Document|FileSignatureList|FileSignature|HashValue",TRUE,"encoding","Base64");
CkXml_UpdateChildContent(xmlToSign,"DocumentList|Document|FileSignatureList|FileSignature|HashValue","BX2DTD3ASC/zF6aq/012Cg==");
// Also see the online tool to generate the code from sample already-signed XML:
// Generate XML Signature Creation Code from an Already-Signed XML Sample
gen = CkXmlDSigGen_Create();
CkXmlDSigGen_putSigLocation(gen,"InitUpload");
CkXmlDSigGen_putSigId(gen,"id-1234");
CkXmlDSigGen_putSigNamespacePrefix(gen,"ds");
CkXmlDSigGen_putSigNamespaceUri(gen,"http://www.w3.org/2000/09/xmldsig#");
CkXmlDSigGen_putSignedInfoCanonAlg(gen,"EXCL_C14N");
CkXmlDSigGen_putSignedInfoDigestMethod(gen,"sha256");
// Create an Object to be added to the Signature.
object1 = CkXml_Create();
CkXml_putTag(object1,"xades:QualifyingProperties");
CkXml_AddAttribute(object1,"Target","#id-1234");
CkXml_AddAttribute(object1,"xmlns:xades","http://uri.etsi.org/01903/v1.3.2#");
CkXml_UpdateAttrAt(object1,"xades:SignedProperties",TRUE,"Id","xades-id-1234");
CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT");
CkXml_UpdateAttrAt(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",TRUE,"Algorithm","http://www.w3.org/2001/04/xmlenc#sha256");
CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT");
CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT");
CkXml_UpdateAttrAt(object1,"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",TRUE,"ObjectReference","#r-id-1");
CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","text/xml");
CkXmlDSigGen_AddObject(gen,"",CkXml_getXml(object1),"","");
// -------- Reference 1 --------
xml1 = CkXml_Create();
CkXml_putTag(xml1,"ds:Transforms");
CkXml_UpdateAttrAt(xml1,"ds:Transform",TRUE,"Algorithm","http://www.w3.org/TR/1999/REC-xpath-19991116");
CkXml_UpdateChildContent(xml1,"ds:Transform|ds:XPath","not(ancestor-or-self::ds:Signature)");
CkXml_UpdateAttrAt(xml1,"ds:Transform[1]",TRUE,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#");
CkXmlDSigGen_AddSameDocRef2(gen,"","sha256",xml1,"");
CkXmlDSigGen_SetRefIdAttr(gen,"","r-id-1");
// -------- Reference 2 --------
xml2 = CkXml_Create();
CkXml_putTag(xml2,"ds:Transforms");
CkXml_UpdateAttrAt(xml2,"ds:Transform",TRUE,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#");
CkXmlDSigGen_AddObjectRef2(gen,"xades-id-1234","sha256",xml2,"http://uri.etsi.org/01903#SignedProperties");
// Provide a certificate + private key. (PFX password is test123)
// See Load Certificate on Smartcard for an example showing how to load the cert from a smartcard..
cert = CkCert_Create();
success = CkCert_LoadPfxFile(cert,"qa_data/pfx/cert_test123.pfx","test123");
if (success != TRUE) {
printf("%s\n",CkCert_lastErrorText(cert));
CkXml_Dispose(xmlToSign);
CkXmlDSigGen_Dispose(gen);
CkXml_Dispose(object1);
CkXml_Dispose(xml1);
CkXml_Dispose(xml2);
CkCert_Dispose(cert);
return;
}
CkXmlDSigGen_SetX509Cert(gen,cert,TRUE);
CkXmlDSigGen_putKeyInfoType(gen,"X509Data");
CkXmlDSigGen_putX509Type(gen,"Certificate");
// Load XML to be signed...
sbXml = CkStringBuilder_Create();
CkXml_GetXmlSb(xmlToSign,sbXml);
CkXmlDSigGen_putBehaviors(gen,"IndentedSignature,TransformSignatureXPath,IssuerSerialHex");
// Sign the XML...
success = CkXmlDSigGen_CreateXmlDSigSb(gen,sbXml);
if (success != TRUE) {
printf("%s\n",CkXmlDSigGen_lastErrorText(gen));
CkXml_Dispose(xmlToSign);
CkXmlDSigGen_Dispose(gen);
CkXml_Dispose(object1);
CkXml_Dispose(xml1);
CkXml_Dispose(xml2);
CkCert_Dispose(cert);
CkStringBuilder_Dispose(sbXml);
return;
}
// Save the signed XMl to a file.
success = CkStringBuilder_WriteFile(sbXml,"qa_output/signedXml.xml","utf-8",FALSE);
printf("%s\n",CkStringBuilder_getAsString(sbXml));
// ----------------------------------------
// Verify the signature we just produced...
verifier = CkXmlDSig_Create();
success = CkXmlDSig_LoadSignatureSb(verifier,sbXml);
if (success != TRUE) {
printf("%s\n",CkXmlDSig_lastErrorText(verifier));
CkXml_Dispose(xmlToSign);
CkXmlDSigGen_Dispose(gen);
CkXml_Dispose(object1);
CkXml_Dispose(xml1);
CkXml_Dispose(xml2);
CkCert_Dispose(cert);
CkStringBuilder_Dispose(sbXml);
CkXmlDSig_Dispose(verifier);
return;
}
verified = CkXmlDSig_VerifySignature(verifier,TRUE);
if (verified != TRUE) {
printf("%s\n",CkXmlDSig_lastErrorText(verifier));
CkXml_Dispose(xmlToSign);
CkXmlDSigGen_Dispose(gen);
CkXml_Dispose(object1);
CkXml_Dispose(xml1);
CkXml_Dispose(xml2);
CkCert_Dispose(cert);
CkStringBuilder_Dispose(sbXml);
CkXmlDSig_Dispose(verifier);
return;
}
printf("This signature was successfully verified.\n");
CkXml_Dispose(xmlToSign);
CkXmlDSigGen_Dispose(gen);
CkXml_Dispose(object1);
CkXml_Dispose(xml1);
CkXml_Dispose(xml2);
CkCert_Dispose(cert);
CkStringBuilder_Dispose(sbXml);
CkXmlDSig_Dispose(verifier);
}