Chilkat2-Python
Chilkat2-Python
Create JPK VAT metadata XML
See more RSA Examples
Demonstrates how to create the JPK VAT metadata XML (InitUpload) that will be signed using XADES.Chilkat Chilkat2-Python Downloads
import sys
import chilkat2
success = False
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# First build an InitUpload XML template
# Use this online tool to generate the code from the sample XML below:
# Generate Code to Create XML
# <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
# <DocumentType>JPK</DocumentType>
# <Version>01.02.01.20160617</Version>
# <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">F9EhKFec...uWqAWUIg==</EncryptionKey>
# <DocumentList>
# <Document>
# <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
# <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName>
# <ContentLength>8736</ContentLength>
# <HashValue algorithm="SHA-256" encoding="Base64">JFDI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue>
# <FileSignatureList filesNumber="1">
# <Packaging>
# <SplitZip mode="zip" type="split"/>
# </Packaging>
# <Encryption>
# <AES block="16" mode="CBC" padding="PKCS#7" size="256">
# <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV>
# </AES>
# </Encryption>
# <FileSignature>
# <OrdinalNumber>1</OrdinalNumber>
# <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName>
# <ContentLength>16</ContentLength>
# <HashValue algorithm="MD5" encoding="Base64">5NX0q1935fvMjLFV7E1yDw==</HashValue>
# </FileSignature>
# </FileSignatureList>
# </Document>
# </DocumentList>
# </InitUpload>
xml = chilkat2.Xml()
xml.Tag = "InitUpload"
xml.AddAttribute("xmlns","http://e-dokumenty.mf.gov.pl")
xml.UpdateChildContent("DocumentType","JPK")
xml.UpdateChildContent("Version","01.02.01.20160617")
xml.UpdateAttrAt("EncryptionKey",True,"algorithm","RSA")
xml.UpdateAttrAt("EncryptionKey",True,"encoding","Base64")
xml.UpdateAttrAt("EncryptionKey",True,"mode","ECB")
xml.UpdateAttrAt("EncryptionKey",True,"padding","PKCS#1")
xml.UpdateChildContent("EncryptionKey","TO BE DETERMINED")
xml.UpdateAttrAt("DocumentList|Document|FormCode",True,"schemaVersion","1-1")
xml.UpdateAttrAt("DocumentList|Document|FormCode",True,"systemCode","JPK_VAT (3)")
xml.UpdateChildContent("DocumentList|Document|FormCode","JPK_VAT")
xml.UpdateChildContent("DocumentList|Document|FileName","JPK_VAT_3_v1-1_20181201.xml")
xml.UpdateChildContent("DocumentList|Document|ContentLength","9999")
xml.UpdateAttrAt("DocumentList|Document|HashValue",True,"algorithm","SHA-256")
xml.UpdateAttrAt("DocumentList|Document|HashValue",True,"encoding","Base64")
xml.UpdateChildContent("DocumentList|Document|HashValue","TO BE DETERMINED")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList",True,"filesNumber","1")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",True,"mode","zip")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",True,"type","split")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",True,"block","16")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",True,"mode","CBC")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",True,"padding","PKCS#7")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",True,"size","256")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",True,"bytes","16")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",True,"encoding","Base64")
xml.UpdateChildContent("DocumentList|Document|FileSignatureList|Encryption|AES|IV","TO BE DETERMINED")
xml.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber","1")
xml.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|FileName","JPK_VAT_3_v1-1_20181201-000.xml.zip.aes")
xml.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|ContentLength","9999")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",True,"algorithm","MD5")
xml.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",True,"encoding","Base64")
xml.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|HashValue","TO BE DETERMINED")
# ------------------------------------------------------------
# Step 1: Load our JPK_VAT XML and update the DocumentList|Document|HashValue
# and DocumentList|Document|ContentLength
bdXml = chilkat2.BinData()
success = bdXml.LoadFile("qa_data/xml_dsig/jpk_vat/JPK_VAT_3_v1-1_20181201-000.xml")
if (success != True):
print("Failed to load XML file.")
sys.exit()
xml.UpdateChildContentInt("DocumentList|Document|ContentLength",bdXml.NumBytes)
crypt = chilkat2.Crypt2()
crypt.HashAlgorithm = "sha256"
crypt.EncodingMode = "base64"
xml.UpdateChildContent("DocumentList|Document|HashValue",crypt.HashBdENC(bdXml))
# ------------------------------------------------------------
# Step 2: Create a Zip archive containing the XML.
zip = chilkat2.Zip()
# The filename we pass here doesn't matter because we won't actually be creating a .zip file.
zip.NewZip("anything.zip")
zip.AddBd("JPK_VAT_3_v1-1_20181201-000.xml",bdXml)
# Write the .zip file to a BinData object.
bdZip = chilkat2.BinData()
zip.WriteBd(bdZip)
# ------------------------------------------------------------
# Step 3: Generate a random 256-bit AES key (32-bytes)
prng = chilkat2.Prng()
bdAesKey = chilkat2.BinData()
prng.GenRandomBd(32,bdAesKey)
ivBytes = prng.GenRandom(16,"base64")
# Store the IV (base64 string) in the XML.
xml.UpdateChildContent("DocumentList|Document|FileSignatureList|Encryption|AES|IV",ivBytes)
# ------------------------------------------------------------
# Step 4: AES encrypt our zip archive (the contents of bdZip)
crypt.CipherMode = "cbc"
crypt.KeyLength = 256
crypt.CryptAlgorithm = "aes"
crypt.PaddingScheme = 0
crypt.SetEncodedIV(ivBytes,"base64")
crypt.SetEncodedKey(bdAesKey.GetEncoded("base64"),"base64")
# AES by definition has a block size of 16.
crypt.EncryptBd(bdZip)
# bdZip now contains the AES encrypted data.
# Note: This is NOT the same as a zip where the contents are AES encrypted.
# In that case, we have an unencrypted zip structure with AES encrypted files within.
# In our case, the entire zip file image is encrypted.
# Save the bdZip to a file. This is what will get sent to e-dokumenty.mf.gov.pl
success = bdZip.WriteFile("qa_output/JPK_VAT_3_v1-1_20181201-000.xml.zip.aes")
xml.UpdateChildContentInt("DocumentList|Document|FileSignatureList|FileSignature|ContentLength",bdZip.NumBytes)
# ------------------------------------------------------------
# Step 4: RSA Encrypt the AES key using the public key certificate provided by the Ministry of Finance
cert = chilkat2.Cert()
success = cert.LoadFromFile("qa_data/pem/mf_public_rsa.pem")
if (success == False):
print(cert.LastErrorText)
sys.exit()
pubKey = chilkat2.PublicKey()
cert.GetPublicKey(pubKey)
rsa = chilkat2.Rsa()
rsa.UsePublicKey(pubKey)
rsa.EncodingMode = "base64"
rsa.LittleEndian = False
# in-place RSA encrypt the contents of bdAesKey.
rsa.EncryptBd(bdAesKey,False)
xml.UpdateChildContent("EncryptionKey",bdAesKey.GetEncoded("base64"))
# Step 5: We forgot to get the MD5 hash of the AES encrypted zip.
# (I'm assuming we need the MD5 of the encrypted zip as opposed to the MD5 of the pre-encrypted zip..)
crypt.HashAlgorithm = "md5"
xml.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|HashValue",crypt.HashBdENC(bdZip))
# At this point, the XML is prepared and the AES encrypted image of the zip file is written
# to a file (and also in bdZip).
finalXml = xml.GetXml()
print(finalXml)
xml.SaveXml("qa_output/jpk_vat.xml")
print("Finished.")