Sample code for 30+ languages & platforms
Objective-C

Create JPK_VAT XaDES-BES Signed XML

See more XAdES Examples

Demonstrates how to sign XML for JPK_VAT.

Chilkat Objective-C Downloads

Objective-C
#import <CkoXml.h>
#import <CkoXmlDSigGen.h>
#import <CkoCert.h>
#import <CkoStringBuilder.h>
#import <CkoXmlDSig.h>

BOOL success = NO;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// This example will sign the following XML document:

// <?xml version="1.0" encoding="utf-8"?>
// <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
//     <DocumentType>JPK</DocumentType>
//     <Version>01.02.01.20160617</Version>
//     <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">...</EncryptionKey>
//     <DocumentList>
//         <Document>
//             <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
//             <FileName>JPK_VAT_3_v1-1_20181208.xml</FileName>
//             <ContentLength>8736</ContentLength>
//             <HashValue algorithm="SHA-256" encoding="Base64">JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=</HashValue>
//             <FileSignatureList filesNumber="1">
//                 <Packaging>
//                     <SplitZip mode="zip" type="split"/>
//                 </Packaging>
//                 <Encryption>
//                     <AES block="16" mode="CBC" padding="PKCS#7" size="256">
//                         <IV bytes="16" encoding="Base64">FFsCRAPYJD3J6cRvd44UDA==</IV>
//                     </AES>
//                 </Encryption>
//                 <FileSignature>
//                     <OrdinalNumber>1</OrdinalNumber>
//                     <FileName>JPK_VAT_3_v1-1_20181208-000.xml.zip.aes</FileName>
//                     <ContentLength>16</ContentLength>
//                     <HashValue algorithm="MD5" encoding="Base64">BX2DTD3ASC/zF6aq/012Cg==</HashValue>
//                 </FileSignature>
//             </FileSignatureList>
//         </Document>
//     </DocumentList>
// </InitUpload>

// First we build the XML to be signed.
// 
// Use this online tool to generate the code from sample XML: 
// Generate Code to Create XML

success = YES;
CkoXml *xmlToSign = [[CkoXml alloc] init];
xmlToSign.Tag = @"InitUpload";
[xmlToSign AddAttribute: @"xmlns" value: @"http://e-dokumenty.mf.gov.pl"];
[xmlToSign UpdateChildContent: @"DocumentType" value: @"JPK"];
[xmlToSign UpdateChildContent: @"Version" value: @"01.02.01.20160617"];
[xmlToSign UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"algorithm" attrValue: @"RSA"];
[xmlToSign UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"];
[xmlToSign UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"mode" attrValue: @"ECB"];
[xmlToSign UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"padding" attrValue: @"PKCS#1"];
[xmlToSign UpdateChildContent: @"EncryptionKey" value: @"..."];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FormCode" autoCreate: YES attrName: @"schemaVersion" attrValue: @"1-1"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FormCode" autoCreate: YES attrName: @"systemCode" attrValue: @"JPK_VAT (3)"];
[xmlToSign UpdateChildContent: @"DocumentList|Document|FormCode" value: @"JPK_VAT"];
[xmlToSign UpdateChildContent: @"DocumentList|Document|FileName" value: @"JPK_VAT_3_v1-1_20181208.xml"];
[xmlToSign UpdateChildContent: @"DocumentList|Document|ContentLength" value: @"8736"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|HashValue" autoCreate: YES attrName: @"algorithm" attrValue: @"SHA-256"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|HashValue" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"];
[xmlToSign UpdateChildContent: @"DocumentList|Document|HashValue" value: @"JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ="];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList" autoCreate: YES attrName: @"filesNumber" attrValue: @"1"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Packaging|SplitZip" autoCreate: YES attrName: @"mode" attrValue: @"zip"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Packaging|SplitZip" autoCreate: YES attrName: @"type" attrValue: @"split"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"block" attrValue: @"16"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"mode" attrValue: @"CBC"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"padding" attrValue: @"PKCS#7"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"size" attrValue: @"256"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" autoCreate: YES attrName: @"bytes" attrValue: @"16"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"];
[xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" value: @"FFsCRAPYJD3J6cRvd44UDA=="];
[xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber" value: @"1"];
[xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|FileName" value: @"JPK_VAT_3_v1-1_20181208-000.xml.zip.aes"];
[xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|ContentLength" value: @"16"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" autoCreate: YES attrName: @"algorithm" attrValue: @"MD5"];
[xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"];
[xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" value: @"BX2DTD3ASC/zF6aq/012Cg=="];

// Also see the online tool to generate the code from sample already-signed XML: 
// Generate XML Signature Creation Code from an Already-Signed XML Sample

CkoXmlDSigGen *gen = [[CkoXmlDSigGen alloc] init];

gen.SigLocation = @"InitUpload";
gen.SigId = @"id-1234";
gen.SigNamespacePrefix = @"ds";
gen.SigNamespaceUri = @"http://www.w3.org/2000/09/xmldsig#";
gen.SignedInfoCanonAlg = @"EXCL_C14N";
gen.SignedInfoDigestMethod = @"sha256";

// Create an Object to be added to the Signature.
CkoXml *object1 = [[CkoXml alloc] init];
object1.Tag = @"xades:QualifyingProperties";
[object1 AddAttribute: @"Target" value: @"#id-1234"];
[object1 AddAttribute: @"xmlns:xades" value: @"http://uri.etsi.org/01903/v1.3.2#"];
[object1 UpdateAttrAt: @"xades:SignedProperties" autoCreate: YES attrName: @"Id" attrValue: @"xades-id-1234"];
[object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime" value: @"TO BE GENERATED BY CHILKAT"];
[object1 UpdateAttrAt: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod" autoCreate: YES attrName: @"Algorithm" attrValue: @"http://www.w3.org/2001/04/xmlenc#sha256"];
[object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue" value: @"TO BE GENERATED BY CHILKAT"];
[object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2" value: @"TO BE GENERATED BY CHILKAT"];
[object1 UpdateAttrAt: @"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat" autoCreate: YES attrName: @"ObjectReference" attrValue: @"#r-id-1"];
[object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType" value: @"text/xml"];

[gen AddObject: @"" content: [object1 GetXml] mimeType: @"" encoding: @""];

// -------- Reference 1 --------
CkoXml *xml1 = [[CkoXml alloc] init];
xml1.Tag = @"ds:Transforms";
[xml1 UpdateAttrAt: @"ds:Transform" autoCreate: YES attrName: @"Algorithm" attrValue: @"http://www.w3.org/TR/1999/REC-xpath-19991116"];
[xml1 UpdateChildContent: @"ds:Transform|ds:XPath" value: @"not(ancestor-or-self::ds:Signature)"];
[xml1 UpdateAttrAt: @"ds:Transform[1]" autoCreate: YES attrName: @"Algorithm" attrValue: @"http://www.w3.org/2001/10/xml-exc-c14n#"];

[gen AddSameDocRef2: @"" digestMethod: @"sha256" transforms: xml1 refType: @""];
[gen SetRefIdAttr: @"" value: @"r-id-1"];

// -------- Reference 2 --------
CkoXml *xml2 = [[CkoXml alloc] init];
xml2.Tag = @"ds:Transforms";
[xml2 UpdateAttrAt: @"ds:Transform" autoCreate: YES attrName: @"Algorithm" attrValue: @"http://www.w3.org/2001/10/xml-exc-c14n#"];

[gen AddObjectRef2: @"xades-id-1234" digestMethod: @"sha256" transforms: xml2 refType: @"http://uri.etsi.org/01903#SignedProperties"];

// Provide a certificate + private key. (PFX password is test123)
// See Load Certificate on Smartcard for an example showing how to load the cert from a smartcard..
CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadPfxFile: @"qa_data/pfx/cert_test123.pfx" password: @"test123"];
if (success != YES) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

[gen SetX509Cert: cert usePrivateKey: YES];

gen.KeyInfoType = @"X509Data";
gen.X509Type = @"Certificate";

// Load XML to be signed...
CkoStringBuilder *sbXml = [[CkoStringBuilder alloc] init];
[xmlToSign GetXmlSb: sbXml];

gen.Behaviors = @"IndentedSignature,TransformSignatureXPath,IssuerSerialHex";

// Sign the XML...
success = [gen CreateXmlDSigSb: sbXml];
if (success != YES) {
    NSLog(@"%@",gen.LastErrorText);
    return;
}

// Save the signed XMl to a file.
success = [sbXml WriteFile: @"qa_output/signedXml.xml" charset: @"utf-8" emitBom: NO];

NSLog(@"%@",[sbXml GetAsString]);

// ----------------------------------------
// Verify the signature we just produced...
CkoXmlDSig *verifier = [[CkoXmlDSig alloc] init];
success = [verifier LoadSignatureSb: sbXml];
if (success != YES) {
    NSLog(@"%@",verifier.LastErrorText);
    return;
}

BOOL verified = [verifier VerifySignature: YES];
if (verified != YES) {
    NSLog(@"%@",verifier.LastErrorText);
    return;
}

NSLog(@"%@",@"This signature was successfully verified.");