Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Lianja) Signed Zip as Base64 with XAdES-BESThis example is to help companies implement a solution for sending XAdES-BES to the Polish government for reporting purposes. Specifically: Przed podpisaniem deklaracja zbiorcza (PIT-11Z, PIT-8CZ, PIT-40Z, PIT-RZ) musi zostać The example demonstrates the following:
This example will also show the reverse:
// This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Zip the PIT-11Z.xml to create PIT-11Z.zip (not as a .zip file, but in-memory). loSbXmlToZip = createobject("CkStringBuilder") llSuccess = loSbXmlToZip.LoadFile("qa_data/xml/PIT-11Z.xml","utf-8") if (llSuccess <> .T.) then ? "Failed to load the XML to be zipped." release loSbXmlToZip return endif loZip = createobject("CkZip") // Initialize the zip object. No file is created in this call. // It should always return .T.. llSuccess = loZip.NewZip("PIT-11Z.zip") // Add the XML to be zipped. loEntry = loZip.AppendString("PIT-11Z.xml",loSbXmlToZip.GetAsString()) release loEntry // Write the zip to a BinData object. loBdZip = createobject("CkBinData") loZip.WriteBd(loBdZip) // The contents of the bdZip will be retrieved in base64 format when needed below.. loGen = createobject("CkXmlDSigGen") loGen.SigLocation = "" loGen.SigLocationMod = 0 loGen.SigId = "Signature_2a8df7f8-b958-40cc-83f6-edb53b837347_19" loGen.SigNamespacePrefix = "ds" loGen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#" loGen.SigValueId = "SignatureValue_2a8df7f8-b958-40cc-83f6-edb53b837347_52" loGen.SignedInfoId = "SignedInfo_2a8df7f8-b958-40cc-83f6-edb53b837347_41" loGen.SignedInfoCanonAlg = "C14N" loGen.SignedInfoDigestMethod = "sha1" // Set the KeyInfoId before adding references.. loGen.KeyInfoId = "KeyInfo_2a8df7f8-b958-40cc-83f6-edb53b837347_24" // Create an Object to be added to the Signature. loObject1 = createobject("CkXml") loObject1.Tag = "xades:QualifyingProperties" loObject1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#") loObject1.AddAttribute("Id","QualifyingProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_43") loObject1.AddAttribute("Target","#Signature_2a8df7f8-b958-40cc-83f6-edb53b837347_19") loObject1.UpdateAttrAt("xades:SignedProperties",.T.,"Id","SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e") loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties",.T.,"Id","SignedSignatureProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_0a") // Chilkat will replace the strings "TO BE GENERATED BY CHILKAT" with actual values when the signature is created. loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT") // Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1 loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",.T.,"Algorithm","http://www.w3.org/2000/09/xmldsig#sha1") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT") loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties",.T.,"Id","SignedDataObjectProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4b") loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",.T.,"ObjectReference","#Reference1_2a8df7f8-b958-40cc-83f6-edb53b837347_27") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Description","MIME-Version: 1.0" + Chr(13) + Chr(10) + "Content-Type: application/zip" + Chr(13) + Chr(10) + "Content-Transfer-Encoding: binary" + Chr(13) + Chr(10) + "Content-Disposition: filename="PIT-11Z.zip"") loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier",.T.,"Qualifier","OIDAsURI") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier","http://www.certum.pl/OIDAsURI/signedFile/1.2.616.1.113527.3.1.1.3.1") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Description","Opis formatu dokumentu oraz jego pelna nazwa") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:DocumentationReferences|xades:DocumentationReference","http://www.certum.pl/OIDAsURI/signedFile.pdf") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","application/zip") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:CommitmentTypeIndication|xades:CommitmentTypeId|xades:Identifier","http://uri.etsi.org/01903/v1.2.2#ProofOfApproval") loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:CommitmentTypeIndication|xades:AllSignedDataObjects","") loObject1.UpdateAttrAt("xades:UnsignedProperties",.T.,"Id","UnsignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_55") // Emit XML in compact (single-line) format to avoid whitespace problems. loObject1.EmitCompact = .T. loGen.AddObject("",loObject1.GetXml(),"","") // Create an Object to be added to the Signature. // This is where we add the base64 representation of the PIT-11Z.zip loGen.AddObject("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347",loBdZip.GetEncoded("base64"),"","http://www.w3.org/2000/09/xmldsig#base64") // -------- Reference 1 -------- loGen.AddObjectRef("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347","sha1","C14N_WithComments","","") loGen.SetRefIdAttr("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347","Reference1_2a8df7f8-b958-40cc-83f6-edb53b837347_27") // -------- Reference 2 -------- loGen.AddObjectRef("SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e","sha1","","","http://uri.etsi.org/01903#SignedProperties") loGen.SetRefIdAttr("SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e","SignedProperties-Reference_2a8df7f8-b958-40cc-83f6-edb53b837347_28") // Provide a certificate + private key. (PFX password is test123) loCert = createobject("CkCert") llSuccess = loCert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123") if (llSuccess <> .T.) then ? loCert.LastErrorText release loSbXmlToZip release loZip release loBdZip release loGen release loObject1 release loCert return endif loGen.SetX509Cert(loCert,.T.) loGen.KeyInfoType = "X509Data" loGen.X509Type = "Certificate" // This will be an enveloping signature where the Signature element // is the XML document root, the signed data is contained within Object // tag(s) within the Signature. // Therefore, pass an empty sbXml to CreateXmlDsigSb. loSbXml = createobject("CkStringBuilder") // The Polish government's XmlDSig implementation requires that we reproduce an attribute-sorting error. // (This is an error in the XML canonicalization that is not noticed when both the signature-creation code and signature-verification code use // the same XML canonicalization implementation w/ the bug.) loGen.Behaviors = "AttributeSortingBug,CompactSignedXml" // Sign the XML... llSuccess = loGen.CreateXmlDSigSb(loSbXml) if (llSuccess <> .T.) then ? loGen.LastErrorText release loSbXmlToZip release loZip release loBdZip release loGen release loObject1 release loCert release loSbXml return endif // ----------------------------------------------- // Save the signed XML to a file. llSuccess = loSbXml.WriteFile("qa_output/signedXml.xml","utf-8",.F.) ? loSbXml.GetAsString() // ---------------------------------------- // Verify the signature we just produced... loVerifier = createobject("CkXmlDSig") llSuccess = loVerifier.LoadSignatureSb(loSbXml) if (llSuccess <> .T.) then ? loVerifier.LastErrorText release loSbXmlToZip release loZip release loBdZip release loGen release loObject1 release loCert release loSbXml release loVerifier return endif llVerified = loVerifier.VerifySignature(.T.) if (llVerified <> .T.) then ? loVerifier.LastErrorText release loSbXmlToZip release loZip release loBdZip release loGen release loObject1 release loCert release loSbXml release loVerifier return endif ? "This signature was successfully verified." // ------------------------------------ // Finally, let's extract the .zip from the signed XML, and then unzip the original PIT-11Z.xml from the in-memory zip. loXml = createobject("CkXml") loXml.LoadSb(loSbXml,.T.) // The base64 image of the PIT-11Z.zip is in the 2nd ds:Object child of the ds:Signature (the ds:Signature is the root element of the signed XML). // (ds:Object[0] would be the 1st ds:Object child. Index 1 is the 2nd ds:Object child.) lcStrZipBase64 = loXml.GetChildContent("ds:Object[1]") loBdZip.Clear() loBdZip.AppendEncoded(lcStrZipBase64,"base64") if (loBdZip.NumBytes = 0) then ? "Something went wrong.. we dont' have any data.." release loSbXmlToZip release loZip release loBdZip release loGen release loObject1 release loCert release loSbXml release loVerifier release loXml return endif llSuccess = loZip.OpenBd(loBdZip) if (llSuccess <> .T.) then ? loZip.LastErrorText release loSbXmlToZip release loZip release loBdZip release loGen release loObject1 release loCert release loSbXml release loVerifier release loXml return endif // Get the 1st file in the zip, which should be the PIT-11Z.xml loEntry = loZip.GetEntryByIndex(0) if (loZip.LastMethodSuccess <> .T.) then ? "Zip contains no files..." release loSbXmlToZip release loZip release loBdZip release loGen release loObject1 release loCert release loSbXml release loVerifier release loXml return endif // Get the XML: lcOrigXml = loEntry.UnzipToString(0,"utf-8") ? "Original XML extracted from base64 zip:" ? lcOrigXml release loEntry release loSbXmlToZip release loZip release loBdZip release loGen release loObject1 release loCert release loSbXml release loVerifier release loXml |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.