(Delphi DLL) Decrypt a govtalk.gov.uk SOAP GovTalkMessage

Demonstrates how to decrypt the content contained in the XML of a GovTalkMessage SOAP response.

Chilkat for Delphi Downloads Chilkat non-ActiveX DLL for Delphi Chilkat ActiveX DLL for Delphi * The examples here use the non-ActiveX DLL.

uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, BinData, Xml, Crypt2, Cert;

...

procedure TForm1.Button1Click(Sender: TObject);
var
xml: HCkXml;
success: Boolean;
Body: PWideChar;
cert: HCkCert;
crypt: HCkCrypt2;
bd: HCkBinData;

begin
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// The GovTalkMessage response looks something like this:

// <?xml version="1.0" encoding="utf-8"?>
// <GovTalkMessage xmlns="http://www.govtalk.gov.uk/CM/envelope">
//   <EnvelopeVersion>3.1</EnvelopeVersion>
//   <Header>
//     <MessageDetails>
//       <Class>CSSZ_DZDPN</Class>
//       <Qualifier>request</Qualifier>
//       <Function>submit</Function>
//       <TransactionID />
//       <AuditID />
//       <CorrelationID>aaaaa</CorrelationID>
//       <ResponseEndPoint PollInterval="0" />
//       <Transformation>XML</Transformation>
//       <GatewayTest />
//       <GatewayTimestamp />
//     </MessageDetails>
//     <SenderDetails>
//       <IDAuthentication>
//         <SenderID />
//         <Authentication>
//           <Method>clear</Method>
//           <Role />
//           <Value />
//         </Authentication>
//       </IDAuthentication>
//       <X509Certificate />
//       <EmailAddress>somebody@example.com</EmailAddress>
//     </SenderDetails>
//   </Header>
//   <GovTalkDetails>
//     <Keys>
//       <Key Type="vars">9999999999</Key>
//     </Keys>
//     <GatewayAdditions>
//       <Source>VREP</Source>
//     </GatewayAdditions>
//   </GovTalkDetails>
//   <Body>
//     <Message xmlns="http://www.cssz.cz/XMLSchema/envelope" version="1.2" eType="DZDPN20">
//       <Header>
//         <Signature xmlns:dt="urn:schemas-microsoft-com:datatypes" dt:dt="bin.base64">MIIJ0A ... UMw=
// </Signature>
//         <Vendor productName="some product name" version="2019" />
//       </Header>
//       <Body xmlns:dt="urn:schemas-microsoft-com:datatypes" encrypted="yes" contentEncoding="gzip" dt:dt="bin.base64">MIIF2w ... N2vW</Body>
//     </Message>
//   </Body>
// </GovTalkMessage>

// We want to get the content of the Body and decrypt it.

// First, let's get the content of the Body XML element, which is a base64 string starting with MIIF2w...

xml := CkXml_Create();
success := CkXml_LoadXmlFile(xml,'qa_data/xml/govTalkMessageResponse.xml');
if (success = False) then
  begin
    Memo1.Lines.Add(CkXml__lastErrorText(xml));
    Exit;
  end;

Body := CkXml__getChildContent(xml,'Body|Message|Body');
Memo1.Lines.Add(Body);

cert := CkCert_Create();
success := CkCert_LoadPfxFile(cert,'qa_data/pfx/govTalkMessage_aaa.pfx','aaa');
if (success = False) then
  begin
    Memo1.Lines.Add(CkCert__lastErrorText(cert));
    Exit;
  end;

crypt := CkCrypt2_Create();
CkCrypt2_putCryptAlgorithm(crypt,'pki');
success := CkCrypt2_SetDecryptCert(crypt,cert);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCrypt2__lastErrorText(crypt));
    Exit;
  end;

bd := CkBinData_Create();
// Append the bytes to bd.
success := CkBinData_AppendEncoded(bd,Body,'base64');

// Decrypt in-place.
success := CkCrypt2_DecryptBd(crypt,bd);
if (success = False) then
  begin
    Memo1.Lines.Add(CkCrypt2__lastErrorText(crypt));
    Exit;
  end;

// Save the decrypted data to a file.
success := CkBinData_WriteFile(bd,'qa_output/out.dat');

// If the decrypted data is non-text (binary) then we can examine it in an encoding, such as hex:
Memo1.Lines.Add('Decrypted bytes as hex: ' + CkBinData__getEncoded(bd,'hex'));

CkXml_Dispose(xml);
CkCert_Dispose(cert);
CkCrypt2_Dispose(crypt);
CkBinData_Dispose(bd);

end;