C
C
Create JPK VAT metadata XML
See more RSA Examples
Demonstrates how to create the JPK VAT metadata XML (InitUpload) that will be signed using XADES.Chilkat C Downloads
#include <C_CkXml.h>
#include <C_CkBinData.h>
#include <C_CkCrypt2.h>
#include <C_CkZip.h>
#include <C_CkPrng.h>
#include <C_CkCert.h>
#include <C_CkPublicKey.h>
#include <C_CkRsa.h>
void ChilkatSample(void)
{
BOOL success;
HCkXml xml;
HCkBinData bdXml;
HCkCrypt2 crypt;
HCkZip zip;
HCkBinData bdZip;
HCkPrng prng;
HCkBinData bdAesKey;
const char *ivBytes;
HCkCert cert;
HCkPublicKey pubKey;
HCkRsa rsa;
const char *finalXml;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First build an InitUpload XML template
// Use this online tool to generate the code from the sample XML below:
// Generate Code to Create XML
// <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
// <DocumentType>JPK</DocumentType>
// <Version>01.02.01.20160617</Version>
// <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">F9EhKFec...uWqAWUIg==</EncryptionKey>
// <DocumentList>
// <Document>
// <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
// <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName>
// <ContentLength>8736</ContentLength>
// <HashValue algorithm="SHA-256" encoding="Base64">JFDI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue>
// <FileSignatureList filesNumber="1">
// <Packaging>
// <SplitZip mode="zip" type="split"/>
// </Packaging>
// <Encryption>
// <AES block="16" mode="CBC" padding="PKCS#7" size="256">
// <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV>
// </AES>
// </Encryption>
// <FileSignature>
// <OrdinalNumber>1</OrdinalNumber>
// <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName>
// <ContentLength>16</ContentLength>
// <HashValue algorithm="MD5" encoding="Base64">5NX0q1935fvMjLFV7E1yDw==</HashValue>
// </FileSignature>
// </FileSignatureList>
// </Document>
// </DocumentList>
// </InitUpload>
xml = CkXml_Create();
CkXml_putTag(xml,"InitUpload");
CkXml_AddAttribute(xml,"xmlns","http://e-dokumenty.mf.gov.pl");
CkXml_UpdateChildContent(xml,"DocumentType","JPK");
CkXml_UpdateChildContent(xml,"Version","01.02.01.20160617");
CkXml_UpdateAttrAt(xml,"EncryptionKey",TRUE,"algorithm","RSA");
CkXml_UpdateAttrAt(xml,"EncryptionKey",TRUE,"encoding","Base64");
CkXml_UpdateAttrAt(xml,"EncryptionKey",TRUE,"mode","ECB");
CkXml_UpdateAttrAt(xml,"EncryptionKey",TRUE,"padding","PKCS#1");
CkXml_UpdateChildContent(xml,"EncryptionKey","TO BE DETERMINED");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FormCode",TRUE,"schemaVersion","1-1");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FormCode",TRUE,"systemCode","JPK_VAT (3)");
CkXml_UpdateChildContent(xml,"DocumentList|Document|FormCode","JPK_VAT");
CkXml_UpdateChildContent(xml,"DocumentList|Document|FileName","JPK_VAT_3_v1-1_20181201.xml");
CkXml_UpdateChildContent(xml,"DocumentList|Document|ContentLength","9999");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|HashValue",TRUE,"algorithm","SHA-256");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|HashValue",TRUE,"encoding","Base64");
CkXml_UpdateChildContent(xml,"DocumentList|Document|HashValue","TO BE DETERMINED");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList",TRUE,"filesNumber","1");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|Packaging|SplitZip",TRUE,"mode","zip");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|Packaging|SplitZip",TRUE,"type","split");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,"block","16");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,"mode","CBC");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,"padding","PKCS#7");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,"size","256");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|Encryption|AES|IV",TRUE,"bytes","16");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|Encryption|AES|IV",TRUE,"encoding","Base64");
CkXml_UpdateChildContent(xml,"DocumentList|Document|FileSignatureList|Encryption|AES|IV","TO BE DETERMINED");
CkXml_UpdateChildContent(xml,"DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber","1");
CkXml_UpdateChildContent(xml,"DocumentList|Document|FileSignatureList|FileSignature|FileName","JPK_VAT_3_v1-1_20181201-000.xml.zip.aes");
CkXml_UpdateChildContent(xml,"DocumentList|Document|FileSignatureList|FileSignature|ContentLength","9999");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|FileSignature|HashValue",TRUE,"algorithm","MD5");
CkXml_UpdateAttrAt(xml,"DocumentList|Document|FileSignatureList|FileSignature|HashValue",TRUE,"encoding","Base64");
CkXml_UpdateChildContent(xml,"DocumentList|Document|FileSignatureList|FileSignature|HashValue","TO BE DETERMINED");
// ------------------------------------------------------------
// Step 1: Load our JPK_VAT XML and update the DocumentList|Document|HashValue
// and DocumentList|Document|ContentLength
bdXml = CkBinData_Create();
success = CkBinData_LoadFile(bdXml,"qa_data/xml_dsig/jpk_vat/JPK_VAT_3_v1-1_20181201-000.xml");
if (success != TRUE) {
printf("Failed to load XML file.\n");
CkXml_Dispose(xml);
CkBinData_Dispose(bdXml);
return;
}
CkXml_UpdateChildContentInt(xml,"DocumentList|Document|ContentLength",CkBinData_getNumBytes(bdXml));
crypt = CkCrypt2_Create();
CkCrypt2_putHashAlgorithm(crypt,"sha256");
CkCrypt2_putEncodingMode(crypt,"base64");
CkXml_UpdateChildContent(xml,"DocumentList|Document|HashValue",CkCrypt2_hashBdENC(crypt,bdXml));
// ------------------------------------------------------------
// Step 2: Create a Zip archive containing the XML.
zip = CkZip_Create();
// The filename we pass here doesn't matter because we won't actually be creating a .zip file.
CkZip_NewZip(zip,"anything.zip");
CkZip_AddBd(zip,"JPK_VAT_3_v1-1_20181201-000.xml",bdXml);
// Write the .zip file to a BinData object.
bdZip = CkBinData_Create();
CkZip_WriteBd(zip,bdZip);
// ------------------------------------------------------------
// Step 3: Generate a random 256-bit AES key (32-bytes)
prng = CkPrng_Create();
bdAesKey = CkBinData_Create();
CkPrng_GenRandomBd(prng,32,bdAesKey);
ivBytes = CkPrng_genRandom(prng,16,"base64");
// Store the IV (base64 string) in the XML.
CkXml_UpdateChildContent(xml,"DocumentList|Document|FileSignatureList|Encryption|AES|IV",ivBytes);
// ------------------------------------------------------------
// Step 4: AES encrypt our zip archive (the contents of bdZip)
CkCrypt2_putCipherMode(crypt,"cbc");
CkCrypt2_putKeyLength(crypt,256);
CkCrypt2_putCryptAlgorithm(crypt,"aes");
CkCrypt2_putPaddingScheme(crypt,0);
CkCrypt2_SetEncodedIV(crypt,ivBytes,"base64");
CkCrypt2_SetEncodedKey(crypt,CkBinData_getEncoded(bdAesKey,"base64"),"base64");
// AES by definition has a block size of 16.
CkCrypt2_EncryptBd(crypt,bdZip);
// bdZip now contains the AES encrypted data.
// Note: This is NOT the same as a zip where the contents are AES encrypted.
// In that case, we have an unencrypted zip structure with AES encrypted files within.
// In our case, the entire zip file image is encrypted.
// Save the bdZip to a file. This is what will get sent to e-dokumenty.mf.gov.pl
success = CkBinData_WriteFile(bdZip,"qa_output/JPK_VAT_3_v1-1_20181201-000.xml.zip.aes");
CkXml_UpdateChildContentInt(xml,"DocumentList|Document|FileSignatureList|FileSignature|ContentLength",CkBinData_getNumBytes(bdZip));
// ------------------------------------------------------------
// Step 4: RSA Encrypt the AES key using the public key certificate provided by the Ministry of Finance
cert = CkCert_Create();
success = CkCert_LoadFromFile(cert,"qa_data/pem/mf_public_rsa.pem");
if (success == FALSE) {
printf("%s\n",CkCert_lastErrorText(cert));
CkXml_Dispose(xml);
CkBinData_Dispose(bdXml);
CkCrypt2_Dispose(crypt);
CkZip_Dispose(zip);
CkBinData_Dispose(bdZip);
CkPrng_Dispose(prng);
CkBinData_Dispose(bdAesKey);
CkCert_Dispose(cert);
return;
}
pubKey = CkPublicKey_Create();
CkCert_GetPublicKey(cert,pubKey);
rsa = CkRsa_Create();
CkRsa_UsePublicKey(rsa,pubKey);
CkRsa_putEncodingMode(rsa,"base64");
CkRsa_putLittleEndian(rsa,FALSE);
// in-place RSA encrypt the contents of bdAesKey.
CkRsa_EncryptBd(rsa,bdAesKey,FALSE);
CkXml_UpdateChildContent(xml,"EncryptionKey",CkBinData_getEncoded(bdAesKey,"base64"));
// Step 5: We forgot to get the MD5 hash of the AES encrypted zip.
// (I'm assuming we need the MD5 of the encrypted zip as opposed to the MD5 of the pre-encrypted zip..)
CkCrypt2_putHashAlgorithm(crypt,"md5");
CkXml_UpdateChildContent(xml,"DocumentList|Document|FileSignatureList|FileSignature|HashValue",CkCrypt2_hashBdENC(crypt,bdZip));
// At this point, the XML is prepared and the AES encrypted image of the zip file is written
// to a file (and also in bdZip).
finalXml = CkXml_getXml(xml);
printf("%s\n",finalXml);
CkXml_SaveXml(xml,"qa_output/jpk_vat.xml");
printf("Finished.\n");
CkXml_Dispose(xml);
CkBinData_Dispose(bdXml);
CkCrypt2_Dispose(crypt);
CkZip_Dispose(zip);
CkBinData_Dispose(bdZip);
CkPrng_Dispose(prng);
CkBinData_Dispose(bdAesKey);
CkCert_Dispose(cert);
CkPublicKey_Dispose(pubKey);
CkRsa_Dispose(rsa);
}