C
C
Sign Mexico Pedimento
See more Misc Examples
Add a signature to a Mexico pedimento file.Chilkat C Downloads
#include <C_CkStringBuilder.h>
#include <C_CkPrivateKey.h>
#include <C_CkXml.h>
#include <C_CkAsn.h>
#include <C_CkRsa.h>
#include <C_CkBinData.h>
#include <C_CkCert.h>
void ChilkatSample(void)
{
BOOL success;
BOOL bCRLF;
HCkStringBuilder sb;
const char *md5_base64;
HCkPrivateKey privKey;
HCkXml xml;
HCkAsn asn;
HCkRsa rsa;
HCkBinData bdSig;
HCkCert cert;
const char *serialHex;
HCkStringBuilder sbSerial;
int numReplaced;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// This is the contents before signing:
// 500|1|3621|4199800|400||
// 601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||
// 507|4199800|IM|2006-7888">
// 507|4199800|MS|2">
// 800|4199800|1">
// 801|M3621037.222|1|5|011|
// This is the contents after signing
// 500|1|3621|4199800|400||
// 601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||
// 507|4199800|IM|2006-7888">
// 507|4199800|MS|2">
// 800|4199800|1|fhP2Ker54D2+3+UZch23F0E72 .... 9qNSPIuAqpj524qLZbbA==|30001000000500003416|
// 801|M3621037.222|1|5|011|
// First create the text to be signed.
bCRLF = TRUE;
sb = CkStringBuilder_Create();
// Use CRLF line endings.
CkStringBuilder_AppendLine(sb,"500|1|3621|4199800|400||",bCRLF);
CkStringBuilder_AppendLine(sb,"601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||",bCRLF);
CkStringBuilder_AppendLine(sb,"507|4199800|IM|2006-7888">",bCRLF);
CkStringBuilder_AppendLine(sb,"507|4199800|MS|2">",bCRLF);
// Generate the MD5 hash of what we have so far..
md5_base64 = CkStringBuilder_getHash(sb,"md5","base64","utf-8");
printf("MD5 hash = %s\n",md5_base64);
// Complete the original file.
// After signing, we'll update the BASE64_SIGNATURE and CERT_SERIAL
CkStringBuilder_AppendLine(sb,"800|4199800|1|BASE64_SIGNATURE|CERT_SERIAL|",bCRLF);
CkStringBuilder_AppendLine(sb,"801|M3621037.222|1|5|011|",bCRLF);
// We're going to sign the MD5 hash using the private key.
privKey = CkPrivateKey_Create();
success = CkPrivateKey_LoadAnyFormatFile(privKey,"qa_data/certs/mexico_test/Certificados_de_Prueba/Certificados_Pruebas/Personas Morales/EKU9003173C9_20230517223532/CSD_EKU9003173C9_20230517223903/CSD_Sucursal_1_EKU9003173C9_20230517_223850.key","12345678a");
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkStringBuilder_Dispose(sb);
CkPrivateKey_Dispose(privKey);
return;
}
// Generate the ASN.1 to be signed.
// <sequence>
// <sequence>
// <oid>1.2.840.113549.2.5</oid>
// <null/>
// </sequence>
// <octets>SwxHfaJhG+N3pPqay6UzVA==</octets>
// </sequence>
xml = CkXml_Create();
CkXml_putTag(xml,"sequence");
CkXml_UpdateChildContent(xml,"sequence|oid","1.2.840.113549.2.5");
CkXml_UpdateChildContent(xml,"sequence|null","");
CkXml_UpdateChildContent(xml,"octets",md5_base64);
asn = CkAsn_Create();
CkAsn_LoadAsnXml(asn,CkXml_getXml(xml));
printf("ASN.1 = %s\n",CkAsn_getEncodedDer(asn,"base64"));
// Sign with the private key.
rsa = CkRsa_Create();
success = CkRsa_UsePrivateKey(rsa,privKey);
if (success == FALSE) {
printf("%s\n",CkRsa_lastErrorText(rsa));
CkStringBuilder_Dispose(sb);
CkPrivateKey_Dispose(privKey);
CkXml_Dispose(xml);
CkAsn_Dispose(asn);
CkRsa_Dispose(rsa);
return;
}
// Create the opaque signature.
bdSig = CkBinData_Create();
CkBinData_AppendEncoded(bdSig,CkAsn_getEncodedDer(asn,"base64"),"base64");
success = CkRsa_SignRawBd(rsa,bdSig);
if (success == FALSE) {
printf("%s\n",CkRsa_lastErrorText(rsa));
CkStringBuilder_Dispose(sb);
CkPrivateKey_Dispose(privKey);
CkXml_Dispose(xml);
CkAsn_Dispose(asn);
CkRsa_Dispose(rsa);
CkBinData_Dispose(bdSig);
return;
}
// bd now contains the opaque signature, which embeds the ASN.1, which contains the MD5 hash.
// We're going to add this line:
// 800|4199800|1|BASE64_SIGNATURE|CERT_SERIAL_NUM|
cert = CkCert_Create();
success = CkCert_LoadFromFile(cert,"qa_data/certs/mexico_test/Certificados_de_Prueba/Certificados_Pruebas/Personas Morales/EKU9003173C9_20230517223532/CSD_EKU9003173C9_20230517223903/CSD_Sucursal_1_EKU9003173C9_20230517_223850.cer");
if (success == FALSE) {
printf("%s\n",CkCert_lastErrorText(cert));
CkStringBuilder_Dispose(sb);
CkPrivateKey_Dispose(privKey);
CkXml_Dispose(xml);
CkAsn_Dispose(asn);
CkRsa_Dispose(rsa);
CkBinData_Dispose(bdSig);
CkCert_Dispose(cert);
return;
}
serialHex = CkCert_serialNumber(cert);
// The serial in hex form looks like this: 3330303031303030303030353030303033343136
// Decode to us-ascii.
sbSerial = CkStringBuilder_Create();
CkStringBuilder_DecodeAndAppend(sbSerial,serialHex,"hex","us-ascii");
printf("serial number in us-ascii: %s\n",CkStringBuilder_getAsString(sbSerial));
numReplaced = CkStringBuilder_Replace(sb,"CERT_SERIAL",CkStringBuilder_getAsString(sbSerial));
numReplaced = CkStringBuilder_Replace(sb,"BASE64_SIGNATURE",CkBinData_getEncoded(bdSig,"base64"));
printf("------------------------------------\n");
printf("Result:\n");
printf("%s\n",CkStringBuilder_getAsString(sb));
CkStringBuilder_Dispose(sb);
CkPrivateKey_Dispose(privKey);
CkXml_Dispose(xml);
CkAsn_Dispose(asn);
CkRsa_Dispose(rsa);
CkBinData_Dispose(bdSig);
CkCert_Dispose(cert);
CkStringBuilder_Dispose(sbSerial);
}