|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Objective-C) XML-DSig Add Object Reference with Transforms Specified ExplicitlyDemonstrates how to use the new AddObjectRef2 method to explicitly specify the XML Transforms fragment.
#import <CkoXml.h> #import <CkoXmlDSigGen.h> #import <CkoCert.h> #import <CkoStringBuilder.h> #import <CkoXmlDSig.h> // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. BOOL success = YES; // Build the following XML to be signed: // <?xml version="1.0" encoding="utf-8"?> // <InitUpload xmlns="http://e-dokumenty.mf.gov.pl"> // <DocumentType>JPK</DocumentType> // <Version>01.02.01.20160617</Version> // <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">xxxx</EncryptionKey> // <DocumentList> // <Document> // <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode> // <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName> // <ContentLength>8736</ContentLength> // <HashValue algorithm="SHA-256" encoding="Base64">JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue> // <FileSignatureList filesNumber="1"> // <Packaging> // <SplitZip mode="zip" type="split"/> // </Packaging> // <Encryption> // <AES block="16" mode="CBC" padding="PKCS#7" size="256"> // <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV> // </AES> // </Encryption> // <FileSignature> // <OrdinalNumber>1</OrdinalNumber> // <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName> // <ContentLength>16</ContentLength> // <HashValue algorithm="MD5" encoding="Base64">5MX0q1935fvMjLFV7E1yDw==</HashValue> // </FileSignature> // </FileSignatureList> // </Document> // </DocumentList> // </InitUpload> // Use this online tool to generate code from sample XML: // Generate Code to Create XML CkoXml *xmlToSign = [[CkoXml alloc] init]; xmlToSign.Tag = @"InitUpload"; [xmlToSign AddAttribute: @"xmlns" value: @"http://e-dokumenty.mf.gov.pl"]; [xmlToSign UpdateChildContent: @"DocumentType" value: @"JPK"]; [xmlToSign UpdateChildContent: @"Version" value: @"01.02.01.20160617"]; [xmlToSign UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"algorithm" attrValue: @"RSA"]; [xmlToSign UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"]; [xmlToSign UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"mode" attrValue: @"ECB"]; [xmlToSign UpdateAttrAt: @"EncryptionKey" autoCreate: YES attrName: @"padding" attrValue: @"PKCS#1"]; [xmlToSign UpdateChildContent: @"EncryptionKey" value: @"xxxx"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FormCode" autoCreate: YES attrName: @"schemaVersion" attrValue: @"1-1"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FormCode" autoCreate: YES attrName: @"systemCode" attrValue: @"JPK_VAT (3)"]; [xmlToSign UpdateChildContent: @"DocumentList|Document|FormCode" value: @"JPK_VAT"]; [xmlToSign UpdateChildContent: @"DocumentList|Document|FileName" value: @"JPK_VAT_3_v1-1_20181201.xml"]; [xmlToSign UpdateChildContent: @"DocumentList|Document|ContentLength" value: @"8736"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|HashValue" autoCreate: YES attrName: @"algorithm" attrValue: @"SHA-256"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|HashValue" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"]; [xmlToSign UpdateChildContent: @"DocumentList|Document|HashValue" value: @"JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ="]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList" autoCreate: YES attrName: @"filesNumber" attrValue: @"1"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Packaging|SplitZip" autoCreate: YES attrName: @"mode" attrValue: @"zip"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Packaging|SplitZip" autoCreate: YES attrName: @"type" attrValue: @"split"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"block" attrValue: @"16"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"mode" attrValue: @"CBC"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"padding" attrValue: @"PKCS#7"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES" autoCreate: YES attrName: @"size" attrValue: @"256"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" autoCreate: YES attrName: @"bytes" attrValue: @"16"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"]; [xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|Encryption|AES|IV" value: @"z64oN9zXHt1+S3XACRSCYw=="]; [xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber" value: @"1"]; [xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|FileName" value: @"JPK_VAT_3_v1-1_20181201-000.xml.zip.aes"]; [xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|ContentLength" value: @"16"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" autoCreate: YES attrName: @"algorithm" attrValue: @"MD5"]; [xmlToSign UpdateAttrAt: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" autoCreate: YES attrName: @"encoding" attrValue: @"Base64"]; [xmlToSign UpdateChildContent: @"DocumentList|Document|FileSignatureList|FileSignature|HashValue" value: @"5MX0q1935fvMjLFV7E1yDw=="]; CkoXmlDSigGen *gen = [[CkoXmlDSigGen alloc] init]; gen.SigLocation = @"InitUpload"; gen.SigLocationMod = [NSNumber numberWithInt:0]; gen.SigId = @"id-1234"; gen.SigNamespacePrefix = @"ds"; gen.SigNamespaceUri = @"http://www.w3.org/2000/09/xmldsig#"; gen.SignedInfoCanonAlg = @"EXCL_C14N"; gen.SignedInfoDigestMethod = @"sha256"; // Create an Object to be added to the Signature. // <xades:QualifyingProperties Target="#id-1234" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#"> // <xades:SignedProperties Id="xades-id-1234"> // <xades:SignedSignatureProperties> // <xades:SigningTime>TO BE GENERATED BY CHILKAT</xades:SigningTime> // <xades:SigningCertificate> // <xades:Cert> // <xades:CertDigest> // <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> // <ds:DigestValue>TO BE GENERATED BY CHILKAT</ds:DigestValue> // </xades:CertDigest> // <xades:IssuerSerial> // <ds:X509IssuerName>TO BE GENERATED BY CHILKAT</ds:X509IssuerName> // <ds:X509SerialNumber>TO BE GENERATED BY CHILKAT</ds:X509SerialNumber> // </xades:IssuerSerial> // </xades:Cert> // </xades:SigningCertificate> // </xades:SignedSignatureProperties> // <xades:SignedDataObjectProperties> // <xades:DataObjectFormat ObjectReference="#r-id-1"> // <xades:MimeType>text/xml</xades:MimeType> // </xades:DataObjectFormat> // </xades:SignedDataObjectProperties> // </xades:SignedProperties> // </xades:QualifyingProperties> CkoXml *object1 = [[CkoXml alloc] init]; object1.Tag = @"xades:QualifyingProperties"; [object1 AddAttribute: @"Target" value: @"#id-1234"]; [object1 AddAttribute: @"xmlns:xades" value: @"http://uri.etsi.org/01903/v1.3.2#"]; [object1 UpdateAttrAt: @"xades:SignedProperties" autoCreate: YES attrName: @"Id" attrValue: @"xades-id-1234"]; // Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1 [object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime" value: @"TO BE GENERATED BY CHILKAT"]; [object1 UpdateAttrAt: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod" autoCreate: YES attrName: @"Algorithm" attrValue: @"http://www.w3.org/2000/09/xmldsig#sha1"]; [object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue" value: @"TO BE GENERATED BY CHILKAT"]; [object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName" value: @"TO BE GENERATED BY CHILKAT"]; [object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber" value: @"TO BE GENERATED BY CHILKAT"]; [object1 UpdateAttrAt: @"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat" autoCreate: YES attrName: @"ObjectReference" attrValue: @"#r-id-1"]; [object1 UpdateChildContent: @"xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType" value: @"text/xml"]; [gen AddObject: @"" content: [object1 GetXml] mimeType: @"" encoding: @""]; // -------- Reference 1 -------- // Build the following Transforms fragment: // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> // <ds:XPath>not(ancestor-or-self::ds:Signature)</ds:XPath> // </ds:Transform> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> CkoXml *xml1 = [[CkoXml alloc] init]; xml1.Tag = @"ds:Transforms"; [xml1 UpdateAttrAt: @"ds:Transform" autoCreate: YES attrName: @"Algorithm" attrValue: @"http://www.w3.org/TR/1999/REC-xpath-19991116"]; [xml1 UpdateChildContent: @"ds:Transform|ds:XPath" value: @"not(ancestor-or-self::ds:Signature)"]; [xml1 UpdateAttrAt: @"ds:Transform[1]" autoCreate: YES attrName: @"Algorithm" attrValue: @"http://www.w3.org/2001/10/xml-exc-c14n#"]; [gen AddSameDocRef2: @"" digestMethod: @"sha256" transforms: xml1 refType: @""]; [gen SetRefIdAttr: @"" value: @"r-id-1"]; // -------- Reference 2 -------- // Build the following Transforms fragment: // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> CkoXml *xml2 = [[CkoXml alloc] init]; xml2.Tag = @"ds:Transforms"; [xml2 UpdateAttrAt: @"ds:Transform" autoCreate: YES attrName: @"Algorithm" attrValue: @"http://www.w3.org/2001/10/xml-exc-c14n#"]; [gen AddObjectRef2: @"xades-id-1234" digestMethod: @"sha256" transforms: xml2 refType: @"http://uri.etsi.org/01903#SignedProperties"]; // Provide a certificate + private key. (PFX password is test123) CkoCert *cert = [[CkoCert alloc] init]; success = [cert LoadPfxFile: @"qa_data/pfx/cert_test123.pfx" password: @"test123"]; if (success != YES) { NSLog(@"%@",cert.LastErrorText); return; } [gen SetX509Cert: cert usePrivateKey: YES]; gen.KeyInfoType = @"X509Data"; gen.X509Type = @"Certificate"; // Load XML to be signed... CkoStringBuilder *sbXml = [[CkoStringBuilder alloc] init]; [xmlToSign GetXmlSb: sbXml]; gen.Behaviors = @"IndentedSignature"; // Sign the XML... success = [gen CreateXmlDSigSb: sbXml]; if (success != YES) { NSLog(@"%@",gen.LastErrorText); return; } // ----------------------------------------------- // Save the signed XML to a file. success = [sbXml WriteFile: @"qa_output/signedXml.xml" charset: @"utf-8" emitBom: NO]; NSLog(@"%@",[sbXml GetAsString]); // ---------------------------------------- // Verify the signatures we just produced... CkoXmlDSig *verifier = [[CkoXmlDSig alloc] init]; success = [verifier LoadSignatureSb: sbXml]; if (success != YES) { NSLog(@"%@",verifier.LastErrorText); return; } int numSigs = [verifier.NumSignatures intValue]; int verifyIdx = 0; while (verifyIdx < numSigs) { verifier.Selector = [NSNumber numberWithInt: verifyIdx]; BOOL verified = [verifier VerifySignature: YES]; if (verified != YES) { NSLog(@"%@",verifier.LastErrorText); return; } verifyIdx = verifyIdx + 1; } NSLog(@"%@",@"All signatures were successfully verified."); |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.