Sample code for 30+ languages & platforms
Objective-C

Create JPK VAT metadata XML

See more RSA Examples

Demonstrates how to create the JPK VAT metadata XML (InitUpload) that will be signed using XADES.

Chilkat Objective-C Downloads

Objective-C
#import <CkoXml.h>
#import <CkoBinData.h>
#import <CkoCrypt2.h>
#import <CkoZip.h>
#import <CkoPrng.h>
#import <NSString.h>
#import <CkoCert.h>
#import <CkoPublicKey.h>
#import <CkoRsa.h>

BOOL success = NO;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First build an InitUpload XML template

// Use this online tool to generate the code from the sample XML below: 
// Generate Code to Create XML

// <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
//     <DocumentType>JPK</DocumentType>
//     <Version>01.02.01.20160617</Version>
//     <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">F9EhKFec...uWqAWUIg==</EncryptionKey>
//     <DocumentList>
//         <Document>
//             <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
//             <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName>
//             <ContentLength>8736</ContentLength>
//             <HashValue algorithm="SHA-256" encoding="Base64">JFDI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue>
//             <FileSignatureList filesNumber="1">
//                 <Packaging>
//                     <SplitZip mode="zip" type="split"/>
//                 </Packaging>
//                 <Encryption>
//                     <AES block="16" mode="CBC" padding="PKCS#7" size="256">
//                         <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV>
//                     </AES>
//                 </Encryption>
//                 <FileSignature>
//                     <OrdinalNumber>1</OrdinalNumber>
//                     <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName>
//                     <ContentLength>16</ContentLength>
//                     <HashValue algorithm="MD5" encoding="Base64">5NX0q1935fvMjLFV7E1yDw==</HashValue>
//                 </FileSignature>
//             </FileSignatureList>
//         </Document>
//     </DocumentList>
// </InitUpload>

CkoXml *xml = [[CkoXml alloc] init];
xml.Tag = @"InitUpload";
[xml AddAttribute: @"xmlns" value: @"http://e-dokumenty.mf.gov.pl"];
[xml UpdateChildContent: @"DocumentType" value: @"JPK"];
[xml UpdateChildContent: @"Version" value: @"01.02.01.20160617"];
[xml UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"algorithm" attrValue: @"RSA"];
[xml UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"];
[xml UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"mode" attrValue: @"ECB"];
[xml UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"padding" attrValue: @"PKCS#1"];
[xml UpdateChildContent: @"EncryptionKey" value: @"TO BE DETERMINED"];
[xml UpdateAttrAt: @"DocumentList|Document|FormCode" autoCreate: YES attrName: @"schemaVersion" attrValue: @"1-1"];
[xml UpdateAttrAt: @"DocumentList|Document|FormCode" autoCreate: YES attrName: @"systemCode" attrValue: @"JPK_VAT (3)"];
[xml UpdateChildContent: @"DocumentList|Document|FormCode" value: @"JPK_VAT"];
[xml UpdateChildContent: @"DocumentList|Document|FileName" value: @"JPK_VAT_3_v1-1_20181201.xml"];
[xml UpdateChildContent: @"DocumentList|Document|ContentLength" value: @"9999"];
[xml UpdateAttrAt: @"DocumentList|Document|HashValue" autoCreate: YES attrName: @"algorithm" attrValue: @"SHA-256"];
[xml UpdateAttrAt: @"DocumentList|Document|HashValue" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"];
[xml UpdateChildContent: @"DocumentList|Document|HashValue" value: @"TO BE DETERMINED"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList" autoCreate: YES attrName: @"filesNumber" attrValue: @"1"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Packaging|SplitZip" autoCreate: YES attrName: @"mode" attrValue: @"zip"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Packaging|SplitZip" autoCreate: YES attrName: @"type" attrValue: @"split"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"block" attrValue: @"16"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"mode" attrValue: @"CBC"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"padding" attrValue: @"PKCS#7"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"size" attrValue: @"256"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" autoCreate: YES attrName: @"bytes" attrValue: @"16"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"];
[xml UpdateChildContent: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" value: @"TO BE DETERMINED"];
[xml UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber" value: @"1"];
[xml UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|FileName" value: @"JPK_VAT_3_v1-1_20181201-000.xml.zip.aes"];
[xml UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|ContentLength" value: @"9999"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" autoCreate: YES attrName: @"algorithm" attrValue: @"MD5"];
[xml UpdateAttrAt: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"];
[xml UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" value: @"TO BE DETERMINED"];

// ------------------------------------------------------------
// Step 1: Load our JPK_VAT XML and update the DocumentList|Document|HashValue
// and DocumentList|Document|ContentLength
CkoBinData *bdXml = [[CkoBinData alloc] init];
success = [bdXml LoadFile: @"qa_data/xml_dsig/jpk_vat/JPK_VAT_3_v1-1_20181201-000.xml"];
if (success != YES) {
    NSLog(@"%@",@"Failed to load XML file.");
    return;
}

[xml UpdateChildContentInt: @"DocumentList|Document|ContentLength" value: bdXml.NumBytes];

CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init];
crypt.HashAlgorithm = @"sha256";
crypt.EncodingMode = @"base64";
[xml UpdateChildContent: @"DocumentList|Document|HashValue" value: [crypt HashBdENC: bdXml]];

// ------------------------------------------------------------
// Step 2: Create a Zip archive containing the XML.
CkoZip *zip = [[CkoZip alloc] init];
// The filename we pass here doesn't matter because we won't actually be creating a .zip file.
[zip NewZip: @"anything.zip"];
[zip AddBd: @"JPK_VAT_3_v1-1_20181201-000.xml" bd: bdXml];
// Write the .zip file to a BinData object.
CkoBinData *bdZip = [[CkoBinData alloc] init];
[zip WriteBd: bdZip];

// ------------------------------------------------------------
// Step 3: Generate a random 256-bit AES key (32-bytes)
CkoPrng *prng = [[CkoPrng alloc] init];
CkoBinData *bdAesKey = [[CkoBinData alloc] init];
[prng GenRandomBd: [NSNumber numberWithInt: 32] bd: bdAesKey];
NSString *ivBytes = [prng GenRandom: [NSNumber numberWithInt: 16] encoding: @"base64"];

// Store the IV (base64 string) in the XML.
[xml UpdateChildContent: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" value: ivBytes];

// ------------------------------------------------------------
// Step 4: AES encrypt our zip archive (the contents of bdZip)
crypt.CipherMode = @"cbc";
crypt.KeyLength = [NSNumber numberWithInt:256];
crypt.CryptAlgorithm = @"aes";
crypt.PaddingScheme = [NSNumber numberWithInt:0];
[crypt SetEncodedIV: ivBytes encoding: @"base64"];
[crypt SetEncodedKey: [bdAesKey GetEncoded: @"base64"] encoding: @"base64"];
// AES by definition has a block size of 16.
[crypt EncryptBd: bdZip];

// bdZip now contains the AES encrypted data. 
// Note: This is NOT the same as a zip where the contents are AES encrypted.
// In that case, we have an unencrypted zip structure with AES encrypted files within.
// In our case, the entire zip file image is encrypted.

// Save the bdZip to a file.  This is what will get sent to e-dokumenty.mf.gov.pl
success = [bdZip WriteFile: @"qa_output/JPK_VAT_3_v1-1_20181201-000.xml.zip.aes"];
[xml UpdateChildContentInt: @"DocumentList|Document|FileSignatureList|FileSignature|ContentLength" value: bdZip.NumBytes];

// ------------------------------------------------------------
// Step 4: RSA Encrypt the AES key using the public key certificate provided by the Ministry of Finance
CkoCert *cert = [[CkoCert alloc] init];
success = [cert LoadFromFile: @"qa_data/pem/mf_public_rsa.pem"];
if (success == NO) {
    NSLog(@"%@",cert.LastErrorText);
    return;
}

CkoPublicKey *pubKey = [[CkoPublicKey alloc] init];
[cert GetPublicKey: pubKey];

CkoRsa *rsa = [[CkoRsa alloc] init];
[rsa UsePublicKey: pubKey];

rsa.EncodingMode = @"base64";
rsa.LittleEndian = NO;
// in-place RSA encrypt the contents of bdAesKey.
[rsa EncryptBd: bdAesKey usePrivateKey: NO];
[xml UpdateChildContent: @"EncryptionKey" value: [bdAesKey GetEncoded: @"base64"]];

// Step 5: We forgot to get the MD5 hash of the AES encrypted zip.
// (I'm assuming we need the MD5 of the encrypted zip as opposed to the MD5 of the pre-encrypted zip..)
crypt.HashAlgorithm = @"md5";
[xml UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" value: [crypt HashBdENC: bdZip]];

// At this point, the XML is prepared and the AES encrypted image of the zip file is written
// to a file (and also in bdZip).
NSString *finalXml = [xml GetXml];
NSLog(@"%@",finalXml);

[xml SaveXml: @"qa_output/jpk_vat.xml"];

NSLog(@"%@",@"Finished.");