Chilkat2-Python
Chilkat2-Python
Create JPK_VAT XaDES-BES Signed XML
See more XAdES Examples
Demonstrates how to sign XML for JPK_VAT.Chilkat Chilkat2-Python Downloads
import sys
import chilkat2
success = False
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# This example will sign the following XML document:
# <?xml version="1.0" encoding="utf-8"?>
# <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
# <DocumentType>JPK</DocumentType>
# <Version>01.02.01.20160617</Version>
# <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">...</EncryptionKey>
# <DocumentList>
# <Document>
# <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
# <FileName>JPK_VAT_3_v1-1_20181208.xml</FileName>
# <ContentLength>8736</ContentLength>
# <HashValue algorithm="SHA-256" encoding="Base64">JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=</HashValue>
# <FileSignatureList filesNumber="1">
# <Packaging>
# <SplitZip mode="zip" type="split"/>
# </Packaging>
# <Encryption>
# <AES block="16" mode="CBC" padding="PKCS#7" size="256">
# <IV bytes="16" encoding="Base64">FFsCRAPYJD3J6cRvd44UDA==</IV>
# </AES>
# </Encryption>
# <FileSignature>
# <OrdinalNumber>1</OrdinalNumber>
# <FileName>JPK_VAT_3_v1-1_20181208-000.xml.zip.aes</FileName>
# <ContentLength>16</ContentLength>
# <HashValue algorithm="MD5" encoding="Base64">BX2DTD3ASC/zF6aq/012Cg==</HashValue>
# </FileSignature>
# </FileSignatureList>
# </Document>
# </DocumentList>
# </InitUpload>
# First we build the XML to be signed.
#
# Use this online tool to generate the code from sample XML:
# Generate Code to Create XML
success = True
xmlToSign = chilkat2.Xml()
xmlToSign.Tag = "InitUpload"
xmlToSign.AddAttribute("xmlns","http://e-dokumenty.mf.gov.pl")
xmlToSign.UpdateChildContent("DocumentType","JPK")
xmlToSign.UpdateChildContent("Version","01.02.01.20160617")
xmlToSign.UpdateAttrAt("EncryptionKey",True,"algorithm","RSA")
xmlToSign.UpdateAttrAt("EncryptionKey",True,"encoding","Base64")
xmlToSign.UpdateAttrAt("EncryptionKey",True,"mode","ECB")
xmlToSign.UpdateAttrAt("EncryptionKey",True,"padding","PKCS#1")
xmlToSign.UpdateChildContent("EncryptionKey","...")
xmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",True,"schemaVersion","1-1")
xmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",True,"systemCode","JPK_VAT (3)")
xmlToSign.UpdateChildContent("DocumentList|Document|FormCode","JPK_VAT")
xmlToSign.UpdateChildContent("DocumentList|Document|FileName","JPK_VAT_3_v1-1_20181208.xml")
xmlToSign.UpdateChildContent("DocumentList|Document|ContentLength","8736")
xmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",True,"algorithm","SHA-256")
xmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",True,"encoding","Base64")
xmlToSign.UpdateChildContent("DocumentList|Document|HashValue","JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList",True,"filesNumber","1")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",True,"mode","zip")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",True,"type","split")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",True,"block","16")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",True,"mode","CBC")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",True,"padding","PKCS#7")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",True,"size","256")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",True,"bytes","16")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",True,"encoding","Base64")
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|Encryption|AES|IV","FFsCRAPYJD3J6cRvd44UDA==")
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber","1")
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|FileName","JPK_VAT_3_v1-1_20181208-000.xml.zip.aes")
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|ContentLength","16")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",True,"algorithm","MD5")
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",True,"encoding","Base64")
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|HashValue","BX2DTD3ASC/zF6aq/012Cg==")
# Also see the online tool to generate the code from sample already-signed XML:
# Generate XML Signature Creation Code from an Already-Signed XML Sample
gen = chilkat2.XmlDSigGen()
gen.SigLocation = "InitUpload"
gen.SigId = "id-1234"
gen.SigNamespacePrefix = "ds"
gen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
gen.SignedInfoCanonAlg = "EXCL_C14N"
gen.SignedInfoDigestMethod = "sha256"
# Create an Object to be added to the Signature.
object1 = chilkat2.Xml()
object1.Tag = "xades:QualifyingProperties"
object1.AddAttribute("Target","#id-1234")
object1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#")
object1.UpdateAttrAt("xades:SignedProperties",True,"Id","xades-id-1234")
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT")
object1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",True,"Algorithm","http://www.w3.org/2001/04/xmlenc#sha256")
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT")
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT")
object1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",True,"ObjectReference","#r-id-1")
object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","text/xml")
gen.AddObject("",object1.GetXml(),"","")
# -------- Reference 1 --------
xml1 = chilkat2.Xml()
xml1.Tag = "ds:Transforms"
xml1.UpdateAttrAt("ds:Transform",True,"Algorithm","http://www.w3.org/TR/1999/REC-xpath-19991116")
xml1.UpdateChildContent("ds:Transform|ds:XPath","not(ancestor-or-self::ds:Signature)")
xml1.UpdateAttrAt("ds:Transform[1]",True,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#")
gen.AddSameDocRef2("","sha256",xml1,"")
gen.SetRefIdAttr("","r-id-1")
# -------- Reference 2 --------
xml2 = chilkat2.Xml()
xml2.Tag = "ds:Transforms"
xml2.UpdateAttrAt("ds:Transform",True,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#")
gen.AddObjectRef2("xades-id-1234","sha256",xml2,"http://uri.etsi.org/01903#SignedProperties")
# Provide a certificate + private key. (PFX password is test123)
# See Load Certificate on Smartcard for an example showing how to load the cert from a smartcard..
cert = chilkat2.Cert()
success = cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
if (success != True):
print(cert.LastErrorText)
sys.exit()
gen.SetX509Cert(cert,True)
gen.KeyInfoType = "X509Data"
gen.X509Type = "Certificate"
# Load XML to be signed...
sbXml = chilkat2.StringBuilder()
xmlToSign.GetXmlSb(sbXml)
gen.Behaviors = "IndentedSignature,TransformSignatureXPath,IssuerSerialHex"
# Sign the XML...
success = gen.CreateXmlDSigSb(sbXml)
if (success != True):
print(gen.LastErrorText)
sys.exit()
# Save the signed XMl to a file.
success = sbXml.WriteFile("qa_output/signedXml.xml","utf-8",False)
print(sbXml.GetAsString())
# ----------------------------------------
# Verify the signature we just produced...
verifier = chilkat2.XmlDSig()
success = verifier.LoadSignatureSb(sbXml)
if (success != True):
print(verifier.LastErrorText)
sys.exit()
verified = verifier.VerifySignature(True)
if (verified != True):
print(verifier.LastErrorText)
sys.exit()
print("This signature was successfully verified.")