Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(AutoIt) Signed Zip as Base64 with XAdES-BESThis example is to help companies implement a solution for sending XAdES-BES to the Polish government for reporting purposes. Specifically: Przed podpisaniem deklaracja zbiorcza (PIT-11Z, PIT-8CZ, PIT-40Z, PIT-RZ) musi zostać The example demonstrates the following:
This example will also show the reverse:
; This example assumes the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. ; Zip the PIT-11Z.xml to create PIT-11Z.zip (not as a .zip file, but in-memory). $oSbXmlToZip = ObjCreate("Chilkat.StringBuilder") Local $bSuccess = $oSbXmlToZip.LoadFile("qa_data/xml/PIT-11Z.xml","utf-8") If ($bSuccess <> True) Then ConsoleWrite("Failed to load the XML to be zipped." & @CRLF) Exit EndIf $oZip = ObjCreate("Chilkat.Zip") ; Initialize the zip object. No file is created in this call. ; It should always return True. $bSuccess = $oZip.NewZip("PIT-11Z.zip") ; Add the XML to be zipped. Local $oEntry = $oZip.AppendString("PIT-11Z.xml",$oSbXmlToZip.GetAsString()) ; Write the zip to a BinData object. $oBdZip = ObjCreate("Chilkat.BinData") $oZip.WriteBd($oBdZip) ; The contents of the bdZip will be retrieved in base64 format when needed below.. $oGen = ObjCreate("Chilkat.XmlDSigGen") $oGen.SigLocation = "" $oGen.SigLocationMod = 0 $oGen.SigId = "Signature_2a8df7f8-b958-40cc-83f6-edb53b837347_19" $oGen.SigNamespacePrefix = "ds" $oGen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#" $oGen.SigValueId = "SignatureValue_2a8df7f8-b958-40cc-83f6-edb53b837347_52" $oGen.SignedInfoId = "SignedInfo_2a8df7f8-b958-40cc-83f6-edb53b837347_41" $oGen.SignedInfoCanonAlg = "C14N" $oGen.SignedInfoDigestMethod = "sha1" ; Set the KeyInfoId before adding references.. $oGen.KeyInfoId = "KeyInfo_2a8df7f8-b958-40cc-83f6-edb53b837347_24" ; Create an Object to be added to the Signature. $oObject1 = ObjCreate("Chilkat.Xml") $oObject1.Tag = "xades:QualifyingProperties" $oObject1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#") $oObject1.AddAttribute("Id","QualifyingProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_43") $oObject1.AddAttribute("Target","#Signature_2a8df7f8-b958-40cc-83f6-edb53b837347_19") $oObject1.UpdateAttrAt("xades:SignedProperties",True,"Id","SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e") $oObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties",True,"Id","SignedSignatureProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_0a") ; Chilkat will replace the strings "TO BE GENERATED BY CHILKAT" with actual values when the signature is created. $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT" ; Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1 $oObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",True,"Algorithm","http://www.w3.org/2000/09/xmldsig#sha1") $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT" $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT" $oObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties",True,"Id","SignedDataObjectProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4b") $oObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",True,"ObjectReference","#Reference1_2a8df7f8-b958-40cc-83f6-edb53b837347_27") $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Description","MIME-Version: 1.0" & @CRLF & "Content-Type: application/zip" & @CRLF & "Content-Transfer-Encoding: binary" & @CRLF & "Content-Disposition: filename="PIT-11Z.zip"" $oObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier",True,"Qualifier","OIDAsURI") $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier","http://www.certum.pl/OIDAsURI/signedFile/1.2.616.1.113527.3.1.1.3.1" $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Description","Opis formatu dokumentu oraz jego pelna nazwa" $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:DocumentationReferences|xades:DocumentationReference","http://www.certum.pl/OIDAsURI/signedFile.pdf" $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","application/zip" $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedDataObjectProperties|xades:CommitmentTypeIndication|xades:CommitmentTypeId|xades:Identifier","http://uri.etsi.org/01903/v1.2.2#ProofOfApproval" $oObject1.UpdateChildContent "xades:SignedProperties|xades:SignedDataObjectProperties|xades:CommitmentTypeIndication|xades:AllSignedDataObjects","" $oObject1.UpdateAttrAt("xades:UnsignedProperties",True,"Id","UnsignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_55") ; Emit XML in compact (single-line) format to avoid whitespace problems. $oObject1.EmitCompact = True $oGen.AddObject("",$oObject1.GetXml(),"","") ; Create an Object to be added to the Signature. ; This is where we add the base64 representation of the PIT-11Z.zip $oGen.AddObject("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347",$oBdZip.GetEncoded("base64"),"","http://www.w3.org/2000/09/xmldsig#base64") ; -------- Reference 1 -------- $oGen.AddObjectRef("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347","sha1","C14N_WithComments","","") $oGen.SetRefIdAttr("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347","Reference1_2a8df7f8-b958-40cc-83f6-edb53b837347_27") ; -------- Reference 2 -------- $oGen.AddObjectRef("SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e","sha1","","","http://uri.etsi.org/01903#SignedProperties") $oGen.SetRefIdAttr("SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e","SignedProperties-Reference_2a8df7f8-b958-40cc-83f6-edb53b837347_28") ; Provide a certificate + private key. (PFX password is test123) $oCert = ObjCreate("Chilkat.Cert") $bSuccess = $oCert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123") If ($bSuccess <> True) Then ConsoleWrite($oCert.LastErrorText & @CRLF) Exit EndIf $oGen.SetX509Cert($oCert,True) $oGen.KeyInfoType = "X509Data" $oGen.X509Type = "Certificate" ; This will be an enveloping signature where the Signature element ; is the XML document root, the signed data is contained within Object ; tag(s) within the Signature. ; Therefore, pass an empty sbXml to CreateXmlDsigSb. $oSbXml = ObjCreate("Chilkat.StringBuilder") ; The Polish government's XmlDSig implementation requires that we reproduce an attribute-sorting error. ; (This is an error in the XML canonicalization that is not noticed when both the signature-creation code and signature-verification code use ; the same XML canonicalization implementation w/ the bug.) $oGen.Behaviors = "AttributeSortingBug,CompactSignedXml" ; Sign the XML... $bSuccess = $oGen.CreateXmlDSigSb($oSbXml) If ($bSuccess <> True) Then ConsoleWrite($oGen.LastErrorText & @CRLF) Exit EndIf ; ----------------------------------------------- ; Save the signed XML to a file. $bSuccess = $oSbXml.WriteFile("qa_output/signedXml.xml","utf-8",False) ConsoleWrite($oSbXml.GetAsString() & @CRLF) ; ---------------------------------------- ; Verify the signature we just produced... $oVerifier = ObjCreate("Chilkat.XmlDSig") $bSuccess = $oVerifier.LoadSignatureSb($oSbXml) If ($bSuccess <> True) Then ConsoleWrite($oVerifier.LastErrorText & @CRLF) Exit EndIf Local $bVerified = $oVerifier.VerifySignature(True) If ($bVerified <> True) Then ConsoleWrite($oVerifier.LastErrorText & @CRLF) Exit EndIf ConsoleWrite("This signature was successfully verified." & @CRLF) ; ------------------------------------ ; Finally, let's extract the .zip from the signed XML, and then unzip the original PIT-11Z.xml from the in-memory zip. $oXml = ObjCreate("Chilkat.Xml") $oXml.LoadSb($oSbXml,True) ; The base64 image of the PIT-11Z.zip is in the 2nd ds:Object child of the ds:Signature (the ds:Signature is the root element of the signed XML). ; (ds:Object[0] would be the 1st ds:Object child. Index 1 is the 2nd ds:Object child.) Local $strZipBase64 = $oXml.GetChildContent("ds:Object[1]") $oBdZip.Clear() $oBdZip.AppendEncoded($strZipBase64,"base64") If ($oBdZip.NumBytes = 0) Then ConsoleWrite("Something went wrong.. we dont' have any data.." & @CRLF) Exit EndIf $bSuccess = $oZip.OpenBd($oBdZip) If ($bSuccess <> True) Then ConsoleWrite($oZip.LastErrorText & @CRLF) Exit EndIf ; Get the 1st file in the zip, which should be the PIT-11Z.xml $oEntry = $oZip.GetEntryByIndex(0) If ($oZip.LastMethodSuccess <> True) Then ConsoleWrite("Zip contains no files..." & @CRLF) Exit EndIf ; Get the XML: Local $sOrigXml = $oEntry.UnzipToString(0,"utf-8") ConsoleWrite("Original XML extracted from base64 zip:" & @CRLF) ConsoleWrite($sOrigXml & @CRLF) |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.