(Go) Sign Mexico Pedimento

Add a signature to a Mexico pedimento file.

Chilkat Go Downloads Go Package for Windows, MacOS, Linux, Alpine Linux, Solaris

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    var success bool

    // This is the contents before signing:

    // 500|1|3621|4199800|400||
    // 601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||
    // 507|4199800|IM|2006-7888">
    // 507|4199800|MS|2">
    // 800|4199800|1">
    // 801|M3621037.222|1|5|011|

    // This is the contents after signing

    // 500|1|3621|4199800|400||
    // 601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||
    // 507|4199800|IM|2006-7888">
    // 507|4199800|MS|2">
    // 800|4199800|1|fhP2Ker54D2+3+UZch23F0E72 .... 9qNSPIuAqpj524qLZbbA==|30001000000500003416|
    // 801|M3621037.222|1|5|011|

    // First create the text to be signed.
    bCRLF := true
    sb := chilkat.NewStringBuilder()
    // Use CRLF line endings.
    sb.AppendLine("500|1|3621|4199800|400||",bCRLF)
    sb.AppendLine("601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||",bCRLF)
    sb.AppendLine("507|4199800|IM|2006-7888">",bCRLF)
    sb.AppendLine("507|4199800|MS|2">",bCRLF)

    // Generate the MD5 hash of what we have so far..
    md5_base64 := sb.GetHash("md5","base64","utf-8")
    fmt.Println("MD5 hash = ", *md5_base64)

    // Complete the original file.
    // After signing, we'll update the BASE64_SIGNATURE and CERT_SERIAL
    sb.AppendLine("800|4199800|1|BASE64_SIGNATURE|CERT_SERIAL|",bCRLF)
    sb.AppendLine("801|M3621037.222|1|5|011|",bCRLF)

    // We're going to sign the MD5 hash using the private key.
    privKey := chilkat.NewPrivateKey()
    success = privKey.LoadAnyFormatFile("qa_data/certs/mexico_test/Certificados_de_Prueba/Certificados_Pruebas/Personas Morales/EKU9003173C9_20230517223532/CSD_EKU9003173C9_20230517223903/CSD_Sucursal_1_EKU9003173C9_20230517_223850.key","12345678a")
    if success == false {
        fmt.Println(privKey.LastErrorText())
        sb.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        return
    }

    // Generate the ASN.1 to be signed.

    // <sequence>
    //     <sequence>
    //         <oid>1.2.840.113549.2.5</oid>
    //         <null/>
    //     </sequence>
    //     <octets>SwxHfaJhG+N3pPqay6UzVA==</octets>
    // </sequence>

    xml := chilkat.NewXml()
    xml.SetTag("sequence")
    xml.UpdateChildContent("sequence|oid","1.2.840.113549.2.5")
    xml.UpdateChildContent("sequence|null","")
    xml.UpdateChildContent("octets",*md5_base64)

    asn := chilkat.NewAsn()
    asn.LoadAsnXml(*xml.GetXml())
    fmt.Println("ASN.1 = ", *asn.GetEncodedDer("base64"))

    // Sign with the private key.
    rsa := chilkat.NewRsa()
    success = rsa.ImportPrivateKeyObj(privKey)
    if success == false {
        fmt.Println(rsa.LastErrorText())
        sb.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        xml.DisposeXml()
        asn.DisposeAsn()
        rsa.DisposeRsa()
        return
    }

    // Create the opaque signature.
    bdSig := chilkat.NewBinData()
    bdSig.AppendEncoded(*asn.GetEncodedDer("base64"),"base64")
    success = rsa.OpenSslSignBd(bdSig)
    if success == false {
        fmt.Println(rsa.LastErrorText())
        sb.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        xml.DisposeXml()
        asn.DisposeAsn()
        rsa.DisposeRsa()
        bdSig.DisposeBinData()
        return
    }

    // bd now contains the opaque signature, which embeds the ASN.1, which contains the MD5 hash.
    // We're going to add this line:
    // 800|4199800|1|BASE64_SIGNATURE|CERT_SERIAL_NUM|

    cert := chilkat.NewCert()
    success = cert.LoadFromFile("qa_data/certs/mexico_test/Certificados_de_Prueba/Certificados_Pruebas/Personas Morales/EKU9003173C9_20230517223532/CSD_EKU9003173C9_20230517223903/CSD_Sucursal_1_EKU9003173C9_20230517_223850.cer")
    if success == false {
        fmt.Println(cert.LastErrorText())
        sb.DisposeStringBuilder()
        privKey.DisposePrivateKey()
        xml.DisposeXml()
        asn.DisposeAsn()
        rsa.DisposeRsa()
        bdSig.DisposeBinData()
        cert.DisposeCert()
        return
    }

    serialHex := cert.SerialNumber()
    // The serial in hex form looks like this:   3330303031303030303030353030303033343136
    // Decode to us-ascii.
    sbSerial := chilkat.NewStringBuilder()
    sbSerial.DecodeAndAppend(serialHex,"hex","us-ascii")
    fmt.Println("serial number in us-ascii: ", *sbSerial.GetAsString())

    numReplaced := sb.Replace("CERT_SERIAL",*sbSerial.GetAsString())
    numReplaced = sb.Replace("BASE64_SIGNATURE",*bdSig.GetEncoded("base64"))

    fmt.Println("------------------------------------")
    fmt.Println("Result:")
    fmt.Println(*sb.GetAsString())

    sb.DisposeStringBuilder()
    privKey.DisposePrivateKey()
    xml.DisposeXml()
    asn.DisposeAsn()
    rsa.DisposeRsa()
    bdSig.DisposeBinData()
    cert.DisposeCert()
    sbSerial.DisposeStringBuilder()