DataFlex
DataFlex
FatturaPA XML Invoice Sign+Encrypt to P7M
See more Digital Signatures Examples
Demonstrates how to create a CAdES BES signed + encrypted invoice.xml.p7m for the Italian FatturaPA exchange system.Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Handle hoCrypt
String sPfxPath
String sPfxPassword
Variant vCert
Handle hoCert
Handle hoJsonSignedAttrs
String sInFile
String sSigFile
Variant vEncryptCert
Handle hoEncryptCert
String sTemp1
Move False To iSuccess
// This requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
If (Not(IsComObjectCreated(hoCrypt))) Begin
Send CreateComObject of hoCrypt
End
// Use a digital certificate and private key from a PFX file (.pfx or .p12).
Move "qa_data/pfx/cert_test123.pfx" To sPfxPath
Move "test123" To sPfxPassword
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadPfxFile Of hoCert sPfxPath sPfxPassword To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// Provide the signing cert (with associated private key).
Get pvComObject of hoCert to vCert
Get ComSetSigningCert Of hoCrypt vCert To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCrypt To sTemp1
Showln sTemp1
Procedure_Return
End
// Indicate that SHA-256 should be used.
Set ComHashAlgorithm Of hoCrypt To "sha256"
// Specify the signed attributes to be included.
// (This is what makes it CAdES-BES compliant.)
Get Create (RefClass(cComChilkatJsonObject)) To hoJsonSignedAttrs
If (Not(IsComObjectCreated(hoJsonSignedAttrs))) Begin
Send CreateComObject of hoJsonSignedAttrs
End
Get ComUpdateInt Of hoJsonSignedAttrs "contentType" 1 To iSuccess
Get ComUpdateInt Of hoJsonSignedAttrs "signingTime" 1 To iSuccess
Get ComUpdateInt Of hoJsonSignedAttrs "messageDigest" 1 To iSuccess
Get ComUpdateInt Of hoJsonSignedAttrs "signingCertificateV2" 1 To iSuccess
Get ComEmit Of hoJsonSignedAttrs To sTemp1
Set ComSigningAttributes Of hoCrypt To sTemp1
Move "qa_data/xml/IT01234567890_11002.xml" To sInFile
Move "qa_data/fatturapa/signed.p7m" To sSigFile
// Create the CAdES-BES signature, which contains the original data.
Get ComCreateP7M Of hoCrypt sInFile sSigFile To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCrypt To sTemp1
Showln sTemp1
Procedure_Return
End
// Now we'll encrypt what was signed using FatturaPA's certificate (from a PEM file)
Get Create (RefClass(cComChilkatCert)) To hoEncryptCert
If (Not(IsComObjectCreated(hoEncryptCert))) Begin
Send CreateComObject of hoEncryptCert
End
Get ComLoadFromFile Of hoEncryptCert "qa_data/certs/fatturapa_cert.pem" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoEncryptCert To sTemp1
Showln sTemp1
Procedure_Return
End
Set ComCryptAlgorithm Of hoCrypt To "pki"
Get pvComObject of hoEncryptCert to vEncryptCert
Get ComSetEncryptCert Of hoCrypt vEncryptCert To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCrypt To sTemp1
Showln sTemp1
Procedure_Return
End
// Indicate the underlying bulk encryption algorithm to be used:
Set ComPkcs7CryptAlg Of hoCrypt To "aes"
Set ComKeyLength Of hoCrypt To 128
// There's one last option that could be set. If is the RSA encryption encryption/padding scheme.
// By default, RSAES_PKCS1-V1_5 is used. If desired, the OaepPadding property could be set to True to
// use RSAES_OAEP. (We'll leave it set at the default value of False)
Set ComOaepPadding Of hoCrypt To False
// Everything is specified. Encrypt the .p7m to create a new .p7m (which adds a layer of encryption around the opaque signature).
// The output is PKCS7 in binary DER format.
Get ComCkEncryptFile Of hoCrypt sSigFile "qa_output/signed_and_encrypted.p7m" To iSuccess
If (iSuccess = False) Begin
Get ComLastErrorText Of hoCrypt To sTemp1
Showln sTemp1
Procedure_Return
End
Showln "Success."
End_Procedure