(Perl) SII XML Digital Signature

Example for SII XML Digital Signature.

Chilkat Perl Downloads Perl Module for Windows, MacOS, Linux, Alpine Linux, Solaris

use chilkat();

$success = 1;

# Load the XML to be signed.
$xmlToSign = chilkat::CkXml->new();
$success = $xmlToSign->LoadXmlFile("c:/aaworkarea/eduardo/sii_unsigned.xml");
if ($success == 0) {
    print $xmlToSign->lastErrorText() . "\r\n";
    exit;
}

# The sample XML to be signed looks like this:

# <?xml version="1.0" encoding="ISO-8859-1"?>
# <EnvioDTE xmlns="http://www.sii.cl/SiiDte" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sii.cl/SiiDte EnvioDTE_v10.xsd" version="1.0">
# <SetDTE ID="SetDocF0T33_20240425_170512">
#  <Caratula version="1.0">
#   <RutEmisor>99999999-4</RutEmisor>
#   <RutEnvia>12345678-6</RutEnvia>
#   <RutReceptor>888888000-K</RutReceptor>
#   <FchResol>2014-08-22</FchResol>
#   <NroResol>80</NroResol>
#   <TmstFirmaEnv>2024-04-25T17:05:13</TmstFirmaEnv>
#   <SubTotDTE>
#    <TpoDTE>33</TpoDTE>
#    <NroDTE>1</NroDTE>
#   </SubTotDTE>
#  </Caratula>
# <DTE version="1.0">
# <Documento ID="F555T55">
# ...
# </Documento>
# </EnvioDTE>

$gen = chilkat::CkXmlDSigGen->new();

$gen->put_SigLocation("EnvioDTE|SetDTE|DTE");
$gen->put_SigLocationMod(0);
$gen->put_SigNamespacePrefix("");
$gen->put_SigNamespaceUri("http://www.w3.org/2000/09/xmldsig#");
$gen->put_SignedInfoCanonAlg("C14N");
$gen->put_SignedInfoDigestMethod("sha1");

# -------- Reference 1 --------
$xml1 = chilkat::CkXml->new();
$xml1->put_Tag("Transforms");
$xml1->UpdateAttrAt("Transform",1,"Algorithm","http://www.w3.org/TR/2001/REC-xml-c14n-20010315");

$gen->AddSameDocRef2("F511T33","sha1",$xml1,"");

# Provide a certificate + private key. (PFX password is test123)
$cert = chilkat::CkCert->new();
$success = $cert->LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123");
if ($success != 1) {
    print $cert->lastErrorText() . "\r\n";
    exit;
}

$gen->SetX509Cert($cert,1);

$gen->put_KeyInfoType("X509Data+KeyValue");
$gen->put_X509Type("Certificate");

# Load XML to be signed...
$sbXml = chilkat::CkStringBuilder->new();
$xmlToSign->GetXmlSb($sbXml);

$gen->put_Behaviors("IndentedSignature");

# Sign the XML...
$success = $gen->CreateXmlDSigSb($sbXml);
if ($success != 1) {
    print $gen->lastErrorText() . "\r\n";
    exit;
}

# -----------------------------------------------

# Save the signed XML to a file.
$success = $sbXml->WriteFile("c:/temp/qa_output/signedXml.xml","utf-8",0);

print $sbXml->getAsString() . "\r\n";

# ----------------------------------------
# Verify the signatures we just produced...
$verifier = chilkat::CkXmlDSig->new();
$success = $verifier->LoadSignatureSb($sbXml);
if ($success != 1) {
    print $verifier->lastErrorText() . "\r\n";
    exit;
}

$numSigs = $verifier->get_NumSignatures();
$verifyIdx = 0;
while ($verifyIdx < $numSigs) {
    $verifier->put_Selector($verifyIdx);
    $verified = $verifier->VerifySignature(1);
    if ($verified != 1) {
        print $verifier->lastErrorText() . "\r\n";
        exit;
    }

    $verifyIdx = $verifyIdx + 1;
}

print "All signatures were successfully verified." . "\r\n";