AutoIt
AutoIt
Aadhaar Paperless Offline e-kyc
See more XML Digital Signatures Examples
Opens an encrypted .zip containing Aadhaar Paperless Offline e-KYC XML. Gets the XML and validates the digital signature. Then computes the hash for the mobile number and Email ID.Chilkat AutoIt Downloads
Local $bSuccess = False
; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
; Open the .zip containing the Aadhaar Paperless Offline e-KYC XML.
; The .zip is encrypted using the "Share Phrase".
$oZip = ObjCreate("Chilkat.Zip")
$bSuccess = $oZip.OpenZip("qa_data/xml_dsig/offline_paperless_kyc.zip")
If ($bSuccess = False) Then
ConsoleWrite($oZip.LastErrorText & @CRLF)
Exit
EndIf
; The .zip should contain 1 XML file.
$oEntry = ObjCreate("Chilkat.ZipEntry")
$bSuccess = $oZip.EntryAt(0,$oEntry)
If ($bSuccess = False) Then
ConsoleWrite($oZip.LastErrorText & @CRLF)
Exit
EndIf
; To get the contents, we need to specify the Share Phrase.
Local $sharePhrase = "Lock@487"
$oZip.DecryptPassword = $sharePhrase
$oBdXml = ObjCreate("Chilkat.BinData")
; The XML file will be unzipped into the bdXml object.
$bSuccess = $oEntry.UnzipToBd($oBdXml)
If ($bSuccess = False) Then
ConsoleWrite($oEntry.LastErrorText & @CRLF)
Exit
EndIf
; First verify the XML digital signature.
$oDsig = ObjCreate("Chilkat.XmlDSig")
$bSuccess = $oDsig.LoadSignatureBd($oBdXml)
If ($bSuccess = False) Then
ConsoleWrite($oDsig.LastErrorText & @CRLF)
Exit
EndIf
; The UIDAI XML signature does not contain the KeyInfo, so we must load the uidai certificate
; and indicate that its public key is to be used for verifying the signature.
$oCert = ObjCreate("Chilkat.Cert")
$bSuccess = $oCert.LoadFromFile("qa_data/xml_dsig/uidai_auth_sign_prod_2023.cer")
If ($bSuccess = False) Then
ConsoleWrite($oCert.LastErrorText & @CRLF)
Exit
EndIf
; Get the certificate's public key.
$oPubKey = ObjCreate("Chilkat.PublicKey")
$oCert.GetPublicKey($oPubKey)
$oDsig.SetPublicKey($oPubKey)
; The XML in this example contains only 1 signature.
Local $bVerifyReferenceDigests = True
Local $bVerified = $oDsig.VerifySignature($bVerifyReferenceDigests)
If ($bVerified = False) Then
ConsoleWrite($oDsig.LastErrorText & @CRLF)
ConsoleWrite("The signature was not valid." & @CRLF)
Exit
EndIf
ConsoleWrite("The XML digital signature is valid." & @CRLF)
; Let's compute the hash for the Mobile Number.
; Hashing logic for Mobile Number :
; Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number
; (Ref ID field contains last 4 digits).
;
; Example :
; Mobile: 1234567890
; Aadhaar Number:XXXX XXXX 3632
; Passcode : Lock@487
; Hash: Sha256(Sha256(1234567890Lock@487))*2
; In case of Aadhaar number ends with Zero we will hashed one time.
$oCrypt = ObjCreate("Chilkat.Crypt2")
$oCrypt.HashAlgorithm = "sha256"
$oCrypt.EncodingMode = "hexlower"
Local $strToHash = "1234567890Lock@487"
$oBdHash = ObjCreate("Chilkat.BinData")
$bSuccess = $oBdHash.AppendString($strToHash,"utf-8")
; Hash a number of times equal to the last digit of your Aadhaar number.
; If the Aadhaar number ends with 0, then hash one time.
; For this example, we'll just set the number of times to hash
; for the case where an Aadhaar number ends in "9"
Local $iNumTimesToHash = 9
Local $i
For $i = 1 To $iNumTimesToHash
Local $sTmpStr = $oCrypt.HashBdENC($oBdHash)
$oBdHash.Clear()
$oBdHash.AppendString($sTmpStr,"utf-8")
Next
ConsoleWrite("Computed Mobile hash = " & $oBdHash.GetString("utf-8") & @CRLF)
; Let's get the mobile hash stored in the XML and compare it with our computed hash.
$oXml = ObjCreate("Chilkat.Xml")
$bSuccess = $oXml.LoadBd($oBdXml,True)
Local $sM_hash = $oXml.ChilkatPath("UidData|Poi|(m)")
ConsoleWrite("Stored Mobile hash = " & $sM_hash & @CRLF)
; Now do the same thing for the email hash:
$strToHash = "abc@gm.comLock@487"
$oBdHash.Clear()
$bSuccess = $oBdHash.AppendString($strToHash,"utf-8")
For $i = 1 To $iNumTimesToHash
Local $sTmpStr = $oCrypt.HashBdENC($oBdHash)
$oBdHash.Clear()
$oBdHash.AppendString($sTmpStr,"utf-8")
Next
ConsoleWrite("Computed Email hash = " & $oBdHash.GetString("utf-8") & @CRLF)
Local $sE_hash = $oXml.ChilkatPath("UidData|Poi|(e)")
ConsoleWrite("Stored Email hash = " & $sE_hash & @CRLF)