(C) UBL XAdES Enveloped Signature

Demonstrates how to create a UBL XAdES enveloped signature.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkXml.h>
#include <C_CkXmlDSigGen.h>
#include <C_CkCert.h>
#include <C_CkStringBuilder.h>
#include <C_CkXmlDSig.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkXml xmlToSign;
    HCkXmlDSigGen gen;
    HCkXml object1;
    HCkCert cert;
    HCkStringBuilder sbXml;
    HCkXmlDSig verifier;
    int numSigs;
    int verifyIdx;
    BOOL verified;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    success = TRUE;

    // 
    // The following code creates the XML document to be signed.
    // (It is also possible to simply load the XML into the Chilkat XML object by calling the LoadXml method.)

    // A sample (already signed) of this XML is available here:  External link: credit-note-en16931-xades-signed.xml

    // Also, you may use this online tool to generate code from sample XML: 
    // Generate Code to Create XML

    xmlToSign = CkXml_Create();
    CkXml_putTag(xmlToSign,"CreditNote");
    CkXml_AddAttribute(xmlToSign,"xmlns","urn:oasis:names:specification:ubl:schema:xsd:CreditNote-2");
    CkXml_AddAttribute(xmlToSign,"xmlns:cac","urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2");
    CkXml_AddAttribute(xmlToSign,"xmlns:cbc","urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2");
    CkXml_AddAttribute(xmlToSign,"xmlns:ext","urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2");
    CkXml_UpdateAttrAt(xmlToSign,"ext:UBLExtensions|ext:UBLExtension",TRUE,"xmlns:sac","urn:oasis:names:specification:ubl:schema:xsd:SignatureAggregateComponents-2");
    CkXml_UpdateAttrAt(xmlToSign,"ext:UBLExtensions|ext:UBLExtension",TRUE,"xmlns:sig","urn:oasis:names:specification:ubl:schema:xsd:CommonSignatureComponents-2");
    CkXml_UpdateChildContent(xmlToSign,"ext:UBLExtensions|ext:UBLExtension|ext:ExtensionContent|sig:UBLDocumentSignatures|sac:SignatureInformation","");
    CkXml_UpdateChildContent(xmlToSign,"cbc:CustomizationID","urn:cen.eu:en16931:2017");
    CkXml_UpdateChildContent(xmlToSign,"cbc:ProfileID","P1");
    CkXml_UpdateChildContent(xmlToSign,"cbc:ID","c2ad1540-cf12-4e83-b47c-906aac70242e");
    CkXml_UpdateChildContent(xmlToSign,"cbc:IssueDate","2009-12-15");
    CkXml_UpdateAttrAt(xmlToSign,"cbc:Note",TRUE,"languageID","en");
    CkXml_UpdateChildContent(xmlToSign,"cbc:Note","Ordered in our booth at the convention.");
    CkXml_UpdateAttrAt(xmlToSign,"cbc:DocumentCurrencyCode",TRUE,"listAgencyID","6");
    CkXml_UpdateAttrAt(xmlToSign,"cbc:DocumentCurrencyCode",TRUE,"listID","ISO 4217 Alpha");
    CkXml_UpdateChildContent(xmlToSign,"cbc:DocumentCurrencyCode","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cbc:AccountingCost","Project cost code 123");
    CkXml_UpdateChildContent(xmlToSign,"cac:InvoicePeriod|cbc:StartDate","2009-11-01");
    CkXml_UpdateChildContent(xmlToSign,"cac:InvoicePeriod|cbc:EndDate","2009-11-30");
    CkXml_UpdateChildContent(xmlToSign,"cac:OrderReference|cbc:ID","123");
    CkXml_UpdateChildContent(xmlToSign,"cac:ContractDocumentReference|cbc:ID","Contract321");
    CkXml_UpdateChildContent(xmlToSign,"cac:ContractDocumentReference|cbc:DocumentType","Framework agreement");
    CkXml_UpdateChildContent(xmlToSign,"cac:AdditionalDocumentReference|cbc:ID","Doc1");
    CkXml_UpdateChildContent(xmlToSign,"cac:AdditionalDocumentReference|cbc:DocumentType","Timesheet");
    CkXml_UpdateChildContent(xmlToSign,"cac:AdditionalDocumentReference|cac:Attachment|cac:ExternalReference|cbc:URI","http://www.suppliersite.eu/sheet001.html");
    CkXml_UpdateChildContent(xmlToSign,"cac:AdditionalDocumentReference[1]|cbc:ID","Doc2");
    CkXml_UpdateChildContent(xmlToSign,"cac:AdditionalDocumentReference[1]|cbc:DocumentType","Drawing");
    CkXml_UpdateAttrAt(xmlToSign,"cac:AdditionalDocumentReference[1]|cac:Attachment|cbc:EmbeddedDocumentBinaryObject",TRUE,"mimeCode","application/pdf");
    CkXml_UpdateChildContent(xmlToSign,"cac:AdditionalDocumentReference[1]|cac:Attachment|cbc:EmbeddedDocumentBinaryObject","UjBsR09EbGhjZ0dTQUxNQUFBUUNBRU1tQ1p0dU1GUXhEUzhi");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:PartyIdentification|cbc:ID","9934:18683136487::HR99:276");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:PostalAddress|cbc:StreetName","KATANCICEVA");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:PostalAddress|cbc:CityName","ZAGREB");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:PostalAddress|cbc:PostalZone","10000");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:PostalAddress|cac:Country|cbc:IdentificationCode","HR");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:PartyTaxScheme|cbc:CompanyID","HR18683136487");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:PartyTaxScheme|cac:TaxScheme|cbc:ID","FRE");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:PartyLegalEntity|cbc:RegistrationName","MINISTARSTVO FINANCIJA");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:Contact|cbc:Name","JURAJ MARKOVIC");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingSupplierParty|cac:Party|cac:Contact|cbc:ElectronicMail","juraj.markovic@fina.hr");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingCustomerParty|cac:Party|cac:PartyIdentification|cbc:ID","9934:49811265576::HR99:NOVO1");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingCustomerParty|cac:Party|cac:PostalAddress|cbc:StreetName","GETALDICEVA 4");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingCustomerParty|cac:Party|cac:PostalAddress|cbc:CityName","ZAGREB");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingCustomerParty|cac:Party|cac:PostalAddress|cbc:PostalZone","10000");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingCustomerParty|cac:Party|cac:PostalAddress|cac:Country|cbc:IdentificationCode","HR");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingCustomerParty|cac:Party|cac:PartyTaxScheme|cbc:CompanyID","HR49811265576");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingCustomerParty|cac:Party|cac:PartyTaxScheme|cac:TaxScheme|cbc:ID","VAT");
    CkXml_UpdateChildContent(xmlToSign,"cac:AccountingCustomerParty|cac:Party|cac:PartyLegalEntity|cbc:RegistrationName","NOVO1");
    CkXml_UpdateChildContent(xmlToSign,"cac:Delivery|cac:DeliveryLocation|cac:Address|cac:Country|cbc:IdentificationCode","HR");
    CkXml_UpdateChildContent(xmlToSign,"cac:PaymentMeans|cbc:PaymentMeansCode","30");
    CkXml_UpdateChildContent(xmlToSign,"cac:PaymentMeans|cbc:InstructionNote","Neki opis placanja");
    CkXml_UpdateChildContent(xmlToSign,"cac:PaymentMeans|cbc:PaymentID","HR00 12456");
    CkXml_UpdateChildContent(xmlToSign,"cac:PaymentMeans|cac:PayeeFinancialAccount|cbc:ID","HR1210010051863000160");
    CkXml_UpdateChildContent(xmlToSign,"cac:PaymentTerms|cbc:Note","Neki uvjeti placanja");
    CkXml_UpdateAttrAt(xmlToSign,"cac:TaxTotal|cbc:TaxAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:TaxTotal|cbc:TaxAmount","25.00");
    CkXml_UpdateAttrAt(xmlToSign,"cac:TaxTotal|cac:TaxSubtotal|cbc:TaxableAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:TaxTotal|cac:TaxSubtotal|cbc:TaxableAmount","100.00");
    CkXml_UpdateAttrAt(xmlToSign,"cac:TaxTotal|cac:TaxSubtotal|cbc:TaxAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:TaxTotal|cac:TaxSubtotal|cbc:TaxAmount","25.00");
    CkXml_UpdateChildContent(xmlToSign,"cac:TaxTotal|cac:TaxSubtotal|cac:TaxCategory|cbc:ID","S");
    CkXml_UpdateChildContent(xmlToSign,"cac:TaxTotal|cac:TaxSubtotal|cac:TaxCategory|cbc:Percent","25");
    CkXml_UpdateChildContent(xmlToSign,"cac:TaxTotal|cac:TaxSubtotal|cac:TaxCategory|cac:TaxScheme|cbc:ID","VAT");
    CkXml_UpdateAttrAt(xmlToSign,"cac:LegalMonetaryTotal|cbc:LineExtensionAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:LegalMonetaryTotal|cbc:LineExtensionAmount","100.00");
    CkXml_UpdateAttrAt(xmlToSign,"cac:LegalMonetaryTotal|cbc:TaxExclusiveAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:LegalMonetaryTotal|cbc:TaxExclusiveAmount","100.00");
    CkXml_UpdateAttrAt(xmlToSign,"cac:LegalMonetaryTotal|cbc:TaxInclusiveAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:LegalMonetaryTotal|cbc:TaxInclusiveAmount","125.00");
    CkXml_UpdateAttrAt(xmlToSign,"cac:LegalMonetaryTotal|cbc:PayableAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:LegalMonetaryTotal|cbc:PayableAmount","125.00");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cbc:ID","1");
    CkXml_UpdateAttrAt(xmlToSign,"cac:CreditNoteLine|cbc:CreditedQuantity",TRUE,"unitCode","H87");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cbc:CreditedQuantity","1.000");
    CkXml_UpdateAttrAt(xmlToSign,"cac:CreditNoteLine|cbc:LineExtensionAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cbc:LineExtensionAmount","100.00");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cbc:Description","Neki detaljniji opis proizvoda ide ovdje");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cbc:Name","Neki proizvod");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cac:OriginCountry|cbc:IdentificationCode","HR");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cac:ClassifiedTaxCategory|cbc:ID","S");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cac:ClassifiedTaxCategory|cbc:Percent","25");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cac:ClassifiedTaxCategory|cac:TaxScheme|cbc:ID","VAT");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cac:AdditionalItemProperty|cbc:Name","Boja");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cac:AdditionalItemProperty|cbc:Value","Plava");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cac:AdditionalItemProperty[1]|cbc:Name","Masa");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Item|cac:AdditionalItemProperty[1]|cbc:Value","1,2 Kg");
    CkXml_UpdateAttrAt(xmlToSign,"cac:CreditNoteLine|cac:Price|cbc:PriceAmount",TRUE,"currencyID","HRK");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Price|cbc:PriceAmount","100.000000");
    CkXml_UpdateAttrAt(xmlToSign,"cac:CreditNoteLine|cac:Price|cbc:BaseQuantity",TRUE,"unitCode","H87");
    CkXml_UpdateChildContent(xmlToSign,"cac:CreditNoteLine|cac:Price|cbc:BaseQuantity","1.000");

    // Use this online tool to generate XAdES code from a sample signed XML: 
    // Generate Code to Creaet XAdES from Sample XAdES

    // The following code was generated by the online tool.

    gen = CkXmlDSigGen_Create();

    CkXmlDSigGen_putSigLocation(gen,"CreditNote|ext:UBLExtensions|ext:UBLExtension|ext:ExtensionContent|sig:UBLDocumentSignatures|sac:SignatureInformation");
    CkXmlDSigGen_putSigLocationMod(gen,0);
    CkXmlDSigGen_putSigId(gen,"Signature-7f4c4719515a4a0a8ce4d1b983a2ec69");
    CkXmlDSigGen_putSigNamespacePrefix(gen,"");
    CkXmlDSigGen_putSigNamespaceUri(gen,"http://www.w3.org/2000/09/xmldsig#");
    CkXmlDSigGen_putSignedInfoCanonAlg(gen,"C14N");
    CkXmlDSigGen_putSignedInfoDigestMethod(gen,"sha256");

    // Create an Object to be added to the Signature.
    object1 = CkXml_Create();
    CkXml_putTag(object1,"xades:QualifyingProperties");
    CkXml_AddAttribute(object1,"xmlns:ds","http://www.w3.org/2000/09/xmldsig#");
    CkXml_AddAttribute(object1,"xmlns:xades","http://uri.etsi.org/01903/v1.3.2#");
    CkXml_AddAttribute(object1,"Target","#Signature-7f4c4719515a4a0a8ce4d1b983a2ec69");
    CkXml_UpdateAttrAt(object1,"xades:SignedProperties",TRUE,"Id","SignedProperties-6573207f4ad64b49b0310f7a9e2dfadc");
    CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT");
    // Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1
    CkXml_UpdateAttrAt(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod",TRUE,"Algorithm","http://www.w3.org/2000/09/xmldsig#sha1");
    CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT");
    CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName","TO BE GENERATED BY CHILKAT");
    CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber","TO BE GENERATED BY CHILKAT");
    CkXml_UpdateAttrAt(object1,"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",TRUE,"ObjectReference","");
    CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Description","document");
    CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","application/xml");
    CkXml_UpdateChildContent(object1,"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Encoding","UTF-8");

    CkXmlDSigGen_AddObject(gen,"",CkXml_getXml(object1),"","");

    // -------- Reference 1 --------
    CkXmlDSigGen_AddSameDocRef(gen,"","sha256","","","");

    // -------- Reference 2 --------
    CkXmlDSigGen_AddObjectRef(gen,"SignedProperties-6573207f4ad64b49b0310f7a9e2dfadc","sha256","","","http://uri.etsi.org/01903#SignedProperties");

    // Provide a certificate + private key. (PFX password is test123)
    cert = CkCert_Create();
    success = CkCert_LoadPfxFile(cert,"qa_data/pfx/cert_test123.pfx","test123");
    if (success != TRUE) {
        printf("%s\n",CkCert_lastErrorText(cert));
        CkXml_Dispose(xmlToSign);
        CkXmlDSigGen_Dispose(gen);
        CkXml_Dispose(object1);
        CkCert_Dispose(cert);
        return;
    }

    CkXmlDSigGen_SetX509Cert(gen,cert,TRUE);

    CkXmlDSigGen_putKeyInfoType(gen,"X509Data+KeyValue");
    CkXmlDSigGen_putX509Type(gen,"IssuerSerial,SubjectName,SKI,Certificate");

    // Load XML to be signed...
    sbXml = CkStringBuilder_Create();
    CkXml_GetXmlSb(xmlToSign,sbXml);

    // Adding the "UBLDocumentSignatures" behavior causes the following Transform to be used for the 
    // first Reference:   
    //   <Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><XPath>count(ancestor-or-self::sig:UBLDocumentSignatures | here()/ancestor::sig:UBLDocumentSignatures[1]) &gt; count(ancestor-or-self::sig:UBLDocumentSignatures)</XPath></Transform>
    CkXmlDSigGen_putBehaviors(gen,"IndentedSignature,UBLDocumentSignatures");

    // Sign the XML...
    success = CkXmlDSigGen_CreateXmlDSigSb(gen,sbXml);
    if (success != TRUE) {
        printf("%s\n",CkXmlDSigGen_lastErrorText(gen));
        CkXml_Dispose(xmlToSign);
        CkXmlDSigGen_Dispose(gen);
        CkXml_Dispose(object1);
        CkCert_Dispose(cert);
        CkStringBuilder_Dispose(sbXml);
        return;
    }

    // -----------------------------------------------

    // Save the signed XML to a file.
    success = CkStringBuilder_WriteFile(sbXml,"qa_output/signedXml.xml","utf-8",FALSE);

    printf("%s\n",CkStringBuilder_getAsString(sbXml));

    // ----------------------------------------
    // Verify the signature we just produced...
    verifier = CkXmlDSig_Create();
    success = CkXmlDSig_LoadSignatureSb(verifier,sbXml);
    if (success != TRUE) {
        printf("%s\n",CkXmlDSig_lastErrorText(verifier));
        CkXml_Dispose(xmlToSign);
        CkXmlDSigGen_Dispose(gen);
        CkXml_Dispose(object1);
        CkCert_Dispose(cert);
        CkStringBuilder_Dispose(sbXml);
        CkXmlDSig_Dispose(verifier);
        return;
    }

    // We should have just one signature..
    numSigs = CkXmlDSig_getNumSignatures(verifier);
    verifyIdx = 0;
    while (verifyIdx < numSigs) {
        CkXmlDSig_putSelector(verifier,verifyIdx);
        verified = CkXmlDSig_VerifySignature(verifier,TRUE);
        if (verified != TRUE) {
            printf("%s\n",CkXmlDSig_lastErrorText(verifier));
            CkXml_Dispose(xmlToSign);
            CkXmlDSigGen_Dispose(gen);
            CkXml_Dispose(object1);
            CkCert_Dispose(cert);
            CkStringBuilder_Dispose(sbXml);
            CkXmlDSig_Dispose(verifier);
            return;
        }

        verifyIdx = verifyIdx + 1;
    }

    printf("The signature was successfully verified.\n");


    CkXml_Dispose(xmlToSign);
    CkXmlDSigGen_Dispose(gen);
    CkXml_Dispose(object1);
    CkCert_Dispose(cert);
    CkStringBuilder_Dispose(sbXml);
    CkXmlDSig_Dispose(verifier);

    }