Chilkat2-Python
Chilkat2-Python
Aadhaar Paperless Offline e-kyc
See more XML Digital Signatures Examples
Opens an encrypted .zip containing Aadhaar Paperless Offline e-KYC XML. Gets the XML and validates the digital signature. Then computes the hash for the mobile number and Email ID.Chilkat Chilkat2-Python Downloads
import sys
import chilkat2
success = False
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Open the .zip containing the Aadhaar Paperless Offline e-KYC XML.
# The .zip is encrypted using the "Share Phrase".
zip = chilkat2.Zip()
success = zip.OpenZip("qa_data/xml_dsig/offline_paperless_kyc.zip")
if (success == False):
print(zip.LastErrorText)
sys.exit()
# The .zip should contain 1 XML file.
entry = chilkat2.ZipEntry()
success = zip.EntryAt(0,entry)
if (success == False):
print(zip.LastErrorText)
sys.exit()
# To get the contents, we need to specify the Share Phrase.
sharePhrase = "Lock@487"
zip.DecryptPassword = sharePhrase
bdXml = chilkat2.BinData()
# The XML file will be unzipped into the bdXml object.
success = entry.UnzipToBd(bdXml)
if (success == False):
print(entry.LastErrorText)
sys.exit()
# First verify the XML digital signature.
dsig = chilkat2.XmlDSig()
success = dsig.LoadSignatureBd(bdXml)
if (success == False):
print(dsig.LastErrorText)
sys.exit()
# The UIDAI XML signature does not contain the KeyInfo, so we must load the uidai certificate
# and indicate that its public key is to be used for verifying the signature.
cert = chilkat2.Cert()
success = cert.LoadFromFile("qa_data/xml_dsig/uidai_auth_sign_prod_2023.cer")
if (success == False):
print(cert.LastErrorText)
sys.exit()
# Get the certificate's public key.
pubKey = chilkat2.PublicKey()
cert.GetPublicKey(pubKey)
dsig.SetPublicKey(pubKey)
# The XML in this example contains only 1 signature.
bVerifyReferenceDigests = True
bVerified = dsig.VerifySignature(bVerifyReferenceDigests)
if (bVerified == False):
print(dsig.LastErrorText)
print("The signature was not valid.")
sys.exit()
print("The XML digital signature is valid.")
# Let's compute the hash for the Mobile Number.
# Hashing logic for Mobile Number :
# Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number
# (Ref ID field contains last 4 digits).
#
# Example :
# Mobile: 1234567890
# Aadhaar Number:XXXX XXXX 3632
# Passcode : Lock@487
# Hash: Sha256(Sha256(1234567890Lock@487))*2
# In case of Aadhaar number ends with Zero we will hashed one time.
crypt = chilkat2.Crypt2()
crypt.HashAlgorithm = "sha256"
crypt.EncodingMode = "hexlower"
strToHash = "1234567890Lock@487"
bdHash = chilkat2.BinData()
success = bdHash.AppendString(strToHash,"utf-8")
# Hash a number of times equal to the last digit of your Aadhaar number.
# If the Aadhaar number ends with 0, then hash one time.
# For this example, we'll just set the number of times to hash
# for the case where an Aadhaar number ends in "9"
numTimesToHash = 9
for i in range(1,(numTimesToHash)-1):
tmpStr = crypt.HashBdENC(bdHash)
bdHash.Clear()
bdHash.AppendString(tmpStr,"utf-8")
print("Computed Mobile hash = " + bdHash.GetString("utf-8"))
# Let's get the mobile hash stored in the XML and compare it with our computed hash.
xml = chilkat2.Xml()
success = xml.LoadBd(bdXml,True)
m_hash = xml.ChilkatPath("UidData|Poi|(m)")
print("Stored Mobile hash = " + m_hash)
# Now do the same thing for the email hash:
strToHash = "abc@gm.comLock@487"
bdHash.Clear()
success = bdHash.AppendString(strToHash,"utf-8")
for i in range(1,(numTimesToHash)-1):
tmpStr = crypt.HashBdENC(bdHash)
bdHash.Clear()
bdHash.AppendString(tmpStr,"utf-8")
print("Computed Email hash = " + bdHash.GetString("utf-8"))
e_hash = xml.ChilkatPath("UidData|Poi|(e)")
print("Stored Email hash = " + e_hash)