Sample code for 30+ languages & platforms
Objective-C

Aadhaar Paperless Offline e-kyc

See more XML Digital Signatures Examples

Opens an encrypted .zip containing Aadhaar Paperless Offline e-KYC XML. Gets the XML and validates the digital signature. Then computes the hash for the mobile number and Email ID.

Chilkat Objective-C Downloads

Objective-C
#import <CkoZip.h>
#import <CkoZipEntry.h>
#import <NSString.h>
#import <CkoBinData.h>
#import <CkoXmlDSig.h>
#import <CkoCert.h>
#import <CkoPublicKey.h>
#import <CkoCrypt2.h>
#import <CkoXml.h>

BOOL success = NO;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Open the .zip containing the Aadhaar Paperless Offline e-KYC XML.
// The .zip is encrypted using the "Share Phrase".
CkoZip *zip = [[CkoZip alloc] init];
success = [zip OpenZip: @"qa_data/xml_dsig/offline_paperless_kyc.zip"];
if (success == NO) {
    NSLog(@"%@",zip.LastErrorText);
    return;
}

// The .zip should contain 1 XML file.
CkoZipEntry *entry = [[CkoZipEntry alloc] init];
success = [zip EntryAt: [NSNumber numberWithInt: 0] entry: entry];
if (success == NO) {
    NSLog(@"%@",zip.LastErrorText);
    return;
}

// To get the contents, we need to specify the Share Phrase.
NSString *sharePhrase = @"Lock@487";
zip.DecryptPassword = sharePhrase;

CkoBinData *bdXml = [[CkoBinData alloc] init];
// The XML file will be unzipped into the bdXml object.
success = [entry UnzipToBd: bdXml];
if (success == NO) {
    NSLog(@"%@",entry.LastErrorText);
    return;
}

// First verify the XML digital signature.
CkoXmlDSig *dsig = [[CkoXmlDSig alloc] init];
success = [dsig LoadSignatureBd: bdXml];
if (success == NO) {
    NSLog(@"%@",dsig.LastErrorText);
    return;
}

// The UIDAI XML signature does not contain the KeyInfo, so we must load the uidai certificate
// and indicate that its public key is to be used for verifying the signature.
CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadFromFile: @"qa_data/xml_dsig/uidai_auth_sign_prod_2023.cer"];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

// Get the certificate's public key.
CkoPublicKey *pubKey = [[CkoPublicKey alloc] init];
[cert GetPublicKey: pubKey];

[dsig SetPublicKey: pubKey];

// The XML in this example contains only 1 signature.
BOOL bVerifyReferenceDigests = YES;
BOOL bVerified = [dsig VerifySignature: bVerifyReferenceDigests];
if (bVerified == NO) {
    NSLog(@"%@",dsig.LastErrorText);
    NSLog(@"%@",@"The signature was not valid.");
    return;
}

NSLog(@"%@",@"The XML digital signature is valid.");

// Let's compute the hash for the Mobile Number.

// 	Hashing logic for Mobile Number :
// 	Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number
// 	(Ref ID field contains last 4 digits).
// 
// 	Example :
// 	Mobile: 1234567890
// 	Aadhaar Number:XXXX XXXX 3632
// 	Passcode : Lock@487
// 	Hash: Sha256(Sha256(1234567890Lock@487))*2
// 	In case of Aadhaar number ends with Zero we will hashed one time.

CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];
crypt.HashAlgorithm = @"sha256";
crypt.EncodingMode = @"hexlower";

NSString *strToHash = @"1234567890Lock@487";
CkoBinData *bdHash = [[CkoBinData alloc] init];
success = [bdHash AppendString: strToHash charset: @"utf-8"];

// Hash a number of times equal to the last digit of your Aadhaar number.
// If the Aadhaar number ends with 0, then hash one time.
// For this example, we'll just set the number of times to hash
// for the case where an Aadhaar number ends in "9"
int numTimesToHash = 9;
int i;
for (i = 1; i <= numTimesToHash; i++) {
    NSString *tmpStr = [crypt HashBdENC: bdHash];
    [bdHash Clear];
    [bdHash AppendString: tmpStr charset: @"utf-8"];
}

NSLog(@"%@%@",@"Computed Mobile hash = ",[bdHash GetString: @"utf-8"]);

// Let's get the mobile hash stored in the XML and compare it with our computed hash.
CkoXml *xml = [[CkoXml alloc] init];
success = [xml LoadBd: bdXml autoTrim: YES];
NSString *m_hash = [xml ChilkatPath: @"UidData|Poi|(m)"];

NSLog(@"%@%@",@"Stored Mobile hash   = ",m_hash);

// Now do the same thing for the email hash:

strToHash = @"abc@gm.comLock@487";
[bdHash Clear];
success = [bdHash AppendString: strToHash charset: @"utf-8"];

for (i = 1; i <= numTimesToHash; i++) {
    NSString *tmpStr = [crypt HashBdENC: bdHash];
    [bdHash Clear];
    [bdHash AppendString: tmpStr charset: @"utf-8"];
}

NSLog(@"%@%@",@"Computed Email hash = ",[bdHash GetString: @"utf-8"]);

NSString *e_hash = [xml ChilkatPath: @"UidData|Poi|(e)"];
NSLog(@"%@%@",@"Stored Email hash   = ",e_hash);