(C++) Sign Mexico Pedimento

Add a signature to a Mexico pedimento file.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <CkStringBuilder.h>
#include <CkPrivateKey.h>
#include <CkXml.h>
#include <CkAsn.h>
#include <CkRsa.h>
#include <CkBinData.h>
#include <CkCert.h>

void ChilkatSample(void)
    {
    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    bool success;

    // This is the contents before signing:

    // 500|1|3621|4199800|400||
    // 601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||
    // 507|4199800|IM|2006-7888">
    // 507|4199800|MS|2">
    // 800|4199800|1">
    // 801|M3621037.222|1|5|011|

    // This is the contents after signing

    // 500|1|3621|4199800|400||
    // 601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||
    // 507|4199800|IM|2006-7888">
    // 507|4199800|MS|2">
    // 800|4199800|1|fhP2Ker54D2+3+UZch23F0E72 .... 9qNSPIuAqpj524qLZbbA==|30001000000500003416|
    // 801|M3621037.222|1|5|011|

    // First create the text to be signed.
    bool bCRLF = true;
    CkStringBuilder sb;
    // Use CRLF line endings.
    sb.AppendLine("500|1|3621|4199800|400||",bCRLF);
    sb.AppendLine("601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||",bCRLF);
    sb.AppendLine("507|4199800|IM|2006-7888">",bCRLF);
    sb.AppendLine("507|4199800|MS|2">",bCRLF);

    // Generate the MD5 hash of what we have so far..
    const char *md5_base64 = sb.getHash("md5","base64","utf-8");
    std::cout << "MD5 hash = " << md5_base64 << "\r\n";

    // Complete the original file.
    // After signing, we'll update the BASE64_SIGNATURE and CERT_SERIAL
    sb.AppendLine("800|4199800|1|BASE64_SIGNATURE|CERT_SERIAL|",bCRLF);
    sb.AppendLine("801|M3621037.222|1|5|011|",bCRLF);

    // We're going to sign the MD5 hash using the private key.
    CkPrivateKey privKey;
    success = privKey.LoadAnyFormatFile("qa_data/certs/mexico_test/Certificados_de_Prueba/Certificados_Pruebas/Personas Morales/EKU9003173C9_20230517223532/CSD_EKU9003173C9_20230517223903/CSD_Sucursal_1_EKU9003173C9_20230517_223850.key","12345678a");
    if (success == false) {
        std::cout << privKey.lastErrorText() << "\r\n";
        return;
    }

    // Generate the ASN.1 to be signed.

    // <sequence>
    //     <sequence>
    //         <oid>1.2.840.113549.2.5</oid>
    //         <null/>
    //     </sequence>
    //     <octets>SwxHfaJhG+N3pPqay6UzVA==</octets>
    // </sequence>

    CkXml xml;
    xml.put_Tag("sequence");
    xml.UpdateChildContent("sequence|oid","1.2.840.113549.2.5");
    xml.UpdateChildContent("sequence|null","");
    xml.UpdateChildContent("octets",md5_base64);

    CkAsn asn;
    asn.LoadAsnXml(xml.getXml());
    std::cout << "ASN.1 = " << asn.getEncodedDer("base64") << "\r\n";

    // Sign with the private key.
    CkRsa rsa;
    success = rsa.ImportPrivateKeyObj(privKey);
    if (success == false) {
        std::cout << rsa.lastErrorText() << "\r\n";
        return;
    }

    // Create the opaque signature.
    CkBinData bdSig;
    bdSig.AppendEncoded(asn.getEncodedDer("base64"),"base64");
    success = rsa.OpenSslSignBd(bdSig);
    if (success == false) {
        std::cout << rsa.lastErrorText() << "\r\n";
        return;
    }

    // bd now contains the opaque signature, which embeds the ASN.1, which contains the MD5 hash.
    // We're going to add this line:
    // 800|4199800|1|BASE64_SIGNATURE|CERT_SERIAL_NUM|

    CkCert cert;
    success = cert.LoadFromFile("qa_data/certs/mexico_test/Certificados_de_Prueba/Certificados_Pruebas/Personas Morales/EKU9003173C9_20230517223532/CSD_EKU9003173C9_20230517223903/CSD_Sucursal_1_EKU9003173C9_20230517_223850.cer");
    if (success == false) {
        std::cout << cert.lastErrorText() << "\r\n";
        return;
    }

    const char *serialHex = cert.serialNumber();
    // The serial in hex form looks like this:   3330303031303030303030353030303033343136
    // Decode to us-ascii.
    CkStringBuilder sbSerial;
    sbSerial.DecodeAndAppend(serialHex,"hex","us-ascii");
    std::cout << "serial number in us-ascii: " << sbSerial.getAsString() << "\r\n";

    int numReplaced = sb.Replace("CERT_SERIAL",sbSerial.getAsString());
    numReplaced = sb.Replace("BASE64_SIGNATURE",bdSig.getEncoded("base64"));

    std::cout << "------------------------------------" << "\r\n";
    std::cout << "Result:" << "\r\n";
    std::cout << sb.getAsString() << "\r\n";
    }