(C# UWP/WinRT) XML-DSig Add Object Reference with Transforms Specified Explicitly

Demonstrates how to use the new AddObjectRef2 method to explicitly specify the XML Transforms fragment.

Note: This example requires Chilkat v9.5.0.90 or greater.

Chilkat Universal Windows Platform (UWP) / WinRT Downloads Chilkat for the Universal Windows Platform (UWP)

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

bool success = true;

// Build the following XML to be signed:

// <?xml version="1.0" encoding="utf-8"?>
// <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
//     <DocumentType>JPK</DocumentType>
//     <Version>01.02.01.20160617</Version>
//     <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">xxxx</EncryptionKey>
//     <DocumentList>
//         <Document>
//             <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
//             <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName>
//             <ContentLength>8736</ContentLength>
//             <HashValue algorithm="SHA-256" encoding="Base64">JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue>
//             <FileSignatureList filesNumber="1">
//                 <Packaging>
//                     <SplitZip mode="zip" type="split"/>
//                 </Packaging>
//                 <Encryption>
//                     <AES block="16" mode="CBC" padding="PKCS#7" size="256">
//                         <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV>
//                     </AES>
//                 </Encryption>
//                 <FileSignature>
//                     <OrdinalNumber>1</OrdinalNumber>
//                     <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName>
//                     <ContentLength>16</ContentLength>
//                     <HashValue algorithm="MD5" encoding="Base64">5MX0q1935fvMjLFV7E1yDw==</HashValue>
//                 </FileSignature>
//             </FileSignatureList>
//         </Document>
//     </DocumentList>
// </InitUpload>

// Use this online tool to generate code from sample XML: 
// Generate Code to Create XML

Chilkat.Xml xmlToSign = new Chilkat.Xml();
xmlToSign.Tag = "InitUpload";
xmlToSign.AddAttribute("xmlns","http://e-dokumenty.mf.gov.pl");
xmlToSign.UpdateChildContent("DocumentType","JPK");
xmlToSign.UpdateChildContent("Version","01.02.01.20160617");
xmlToSign.UpdateAttrAt("EncryptionKey",true,"algorithm","RSA");
xmlToSign.UpdateAttrAt("EncryptionKey",true,"encoding","Base64");
xmlToSign.UpdateAttrAt("EncryptionKey",true,"mode","ECB");
xmlToSign.UpdateAttrAt("EncryptionKey",true,"padding","PKCS#1");
xmlToSign.UpdateChildContent("EncryptionKey","xxxx");
xmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",true,"schemaVersion","1-1");
xmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",true,"systemCode","JPK_VAT (3)");
xmlToSign.UpdateChildContent("DocumentList|Document|FormCode","JPK_VAT");
xmlToSign.UpdateChildContent("DocumentList|Document|FileName","JPK_VAT_3_v1-1_20181201.xml");
xmlToSign.UpdateChildContent("DocumentList|Document|ContentLength","8736");
xmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",true,"algorithm","SHA-256");
xmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",true,"encoding","Base64");
xmlToSign.UpdateChildContent("DocumentList|Document|HashValue","JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList",true,"filesNumber","1");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",true,"mode","zip");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",true,"type","split");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",true,"block","16");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",true,"mode","CBC");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",true,"padding","PKCS#7");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",true,"size","256");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",true,"bytes","16");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",true,"encoding","Base64");
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|Encryption|AES|IV","z64oN9zXHt1+S3XACRSCYw==");
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber","1");
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|FileName","JPK_VAT_3_v1-1_20181201-000.xml.zip.aes");
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|ContentLength","16");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",true,"algorithm","MD5");
xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",true,"encoding","Base64");
xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|HashValue","5MX0q1935fvMjLFV7E1yDw==");

Chilkat.XmlDSigGen gen = new Chilkat.XmlDSigGen();

gen.SigLocation = "InitUpload";
gen.SigLocationMod = 0;
gen.SigId = "id-1234";
gen.SigNamespacePrefix = "ds";
gen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#";
gen.SignedInfoCanonAlg = "EXCL_C14N";
gen.SignedInfoDigestMethod = "sha256";

// Create an Object to be added to the Signature.

// <xades:QualifyingProperties Target="#id-1234" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#">
//     <xades:SignedProperties Id="xades-id-1234">
//         <xades:SignedSignatureProperties>
//             <xades:SigningTime>TO BE GENERATED BY CHILKAT</xades:SigningTime>
//             <xades:SigningCertificate>
//                 <xades:Cert>
//                     <xades:CertDigest>
//                         <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
//                         <ds:DigestValue>TO BE GENERATED BY CHILKAT</ds:DigestValue>
//                     </xades:CertDigest>
//                     <xades:IssuerSerial>
//                         <ds:X509IssuerName>TO BE GENERATED BY CHILKAT</ds:X509IssuerName>
//                         <ds:X509SerialNumber>TO BE GENERATED BY CHILKAT</ds:X509SerialNumber>
//                     </xades:IssuerSerial>
//                 </xades:Cert>
//             </xades:SigningCertificate>
//         </xades:SignedSignatureProperties>
//         <xades:SignedDataObjectProperties>
//             <xades:DataObjectFormat ObjectReference="#r-id-1">
//                 <xades:MimeType>text/xml</xades:MimeType>
//             </xades:DataObjectFormat>
//         </xades:SignedDataObjectProperties>
//     </xades:SignedProperties>
// </xades:QualifyingProperties>

Chilkat.Xml object1 = new Chilkat.Xml();
object1.Tag = "xades:QualifyingProperties";
object1.AddAttribute("Target","#id-1234");
object1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#");
object1.UpdateAttrAt("xades:SignedProperties",true,"Id","xades-id-1234");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT");
object1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod",true,"Algorithm","http://www.w3.org/2000/09/xmldsig#sha1");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName","TO BE GENERATED BY CHILKAT");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber","TO BE GENERATED BY CHILKAT");
object1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",true,"ObjectReference","#r-id-1");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","text/xml");

gen.AddObject("",object1.GetXml(),"","");

// -------- Reference 1 --------
// Build the following Transforms fragment:

// <ds:Transforms>
//     <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
//         <ds:XPath>not(ancestor-or-self::ds:Signature)</ds:XPath>
//     </ds:Transform>
//     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
// </ds:Transforms>

Chilkat.Xml xml1 = new Chilkat.Xml();
xml1.Tag = "ds:Transforms";
xml1.UpdateAttrAt("ds:Transform",true,"Algorithm","http://www.w3.org/TR/1999/REC-xpath-19991116");
xml1.UpdateChildContent("ds:Transform|ds:XPath","not(ancestor-or-self::ds:Signature)");
xml1.UpdateAttrAt("ds:Transform[1]",true,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#");

gen.AddSameDocRef2("","sha256",xml1,"");
gen.SetRefIdAttr("","r-id-1");

// -------- Reference 2 --------
// Build the following Transforms fragment:

// <ds:Transforms>
//     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
// </ds:Transforms>

Chilkat.Xml xml2 = new Chilkat.Xml();
xml2.Tag = "ds:Transforms";
xml2.UpdateAttrAt("ds:Transform",true,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#");

gen.AddObjectRef2("xades-id-1234","sha256",xml2,"http://uri.etsi.org/01903#SignedProperties");

// Provide a certificate + private key. (PFX password is test123)
Chilkat.Cert cert = new Chilkat.Cert();
success = cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123");
if (success != true) {
    Debug.WriteLine(cert.LastErrorText);
    return;
}

gen.SetX509Cert(cert,true);

gen.KeyInfoType = "X509Data";
gen.X509Type = "Certificate";

// Load XML to be signed...
Chilkat.StringBuilder sbXml = new Chilkat.StringBuilder();
xmlToSign.GetXmlSb(sbXml);

gen.Behaviors = "IndentedSignature";

// Sign the XML...
success = gen.CreateXmlDSigSb(sbXml);
if (success != true) {
    Debug.WriteLine(gen.LastErrorText);
    return;
}

// -----------------------------------------------

// Save the signed XML to a file.
success = sbXml.WriteFile("qa_output/signedXml.xml","utf-8",false);

Debug.WriteLine(sbXml.GetAsString());

// ----------------------------------------
// Verify the signatures we just produced...
Chilkat.XmlDSig verifier = new Chilkat.XmlDSig();
success = verifier.LoadSignatureSb(sbXml);
if (success != true) {
    Debug.WriteLine(verifier.LastErrorText);
    return;
}

int numSigs = verifier.NumSignatures;
int verifyIdx = 0;
while (verifyIdx < numSigs) {
    verifier.Selector = verifyIdx;
    bool verified = verifier.VerifySignature(true);
    if (verified != true) {
        Debug.WriteLine(verifier.LastErrorText);
        return;
    }

    verifyIdx = verifyIdx + 1;
}

Debug.WriteLine("All signatures were successfully verified.");