Sample code for 30+ languages & platforms
PHP ActiveX

Aadhaar Paperless Offline e-kyc

See more XML Digital Signatures Examples

Opens an encrypted .zip containing Aadhaar Paperless Offline e-KYC XML. Gets the XML and validates the digital signature. Then computes the hash for the mobile number and Email ID.

Chilkat PHP ActiveX Downloads

PHP ActiveX
<?php

$success = 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Open the .zip containing the Aadhaar Paperless Offline e-KYC XML.
// The .zip is encrypted using the "Share Phrase".
$zip = new COM("Chilkat.Zip");
$success = $zip->OpenZip('qa_data/xml_dsig/offline_paperless_kyc.zip');
if ($success == 0) {
    print $zip->LastErrorText . "\n";
    exit;
}

// The .zip should contain 1 XML file.
$entry = new COM("Chilkat.ZipEntry");
$success = $zip->EntryAt(0,$entry);
if ($success == 0) {
    print $zip->LastErrorText . "\n";
    exit;
}

// To get the contents, we need to specify the Share Phrase.
$sharePhrase = 'Lock@487';
$zip->DecryptPassword = $sharePhrase;

$bdXml = new COM("Chilkat.BinData");
// The XML file will be unzipped into the bdXml object.
$success = $entry->UnzipToBd($bdXml);
if ($success == 0) {
    print $entry->LastErrorText . "\n";
    exit;
}

// First verify the XML digital signature.
$dsig = new COM("Chilkat.XmlDSig");
$success = $dsig->LoadSignatureBd($bdXml);
if ($success == 0) {
    print $dsig->LastErrorText . "\n";
    exit;
}

// The UIDAI XML signature does not contain the KeyInfo, so we must load the uidai certificate
// and indicate that its public key is to be used for verifying the signature.
$cert = new COM("Chilkat.Cert");
$success = $cert->LoadFromFile('qa_data/xml_dsig/uidai_auth_sign_prod_2023.cer');
if ($success == 0) {
    print $cert->LastErrorText . "\n";
    exit;
}

// Get the certificate's public key.
$pubKey = new COM("Chilkat.PublicKey");
$cert->GetPublicKey($pubKey);

$dsig->SetPublicKey($pubKey);

// The XML in this example contains only 1 signature.
$bVerifyReferenceDigests = 1;
$bVerified = $dsig->VerifySignature($bVerifyReferenceDigests);
if ($bVerified == 0) {
    print $dsig->LastErrorText . "\n";
    print 'The signature was not valid.' . "\n";
    exit;
}

print 'The XML digital signature is valid.' . "\n";

// Let's compute the hash for the Mobile Number.

// 	Hashing logic for Mobile Number :
// 	Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number
// 	(Ref ID field contains last 4 digits).
// 
// 	Example :
// 	Mobile: 1234567890
// 	Aadhaar Number:XXXX XXXX 3632
// 	Passcode : Lock@487
// 	Hash: Sha256(Sha256(1234567890Lock@487))*2
// 	In case of Aadhaar number ends with Zero we will hashed one time.

$crypt = new COM("Chilkat.Crypt2");
$crypt->HashAlgorithm = 'sha256';
$crypt->EncodingMode = 'hexlower';

$strToHash = '1234567890Lock@487';
$bdHash = new COM("Chilkat.BinData");
$success = $bdHash->AppendString($strToHash,'utf-8');

// Hash a number of times equal to the last digit of your Aadhaar number.
// If the Aadhaar number ends with 0, then hash one time.
// For this example, we'll just set the number of times to hash
// for the case where an Aadhaar number ends in "9"
$numTimesToHash = 9;

for ($i = 1; $i <= $numTimesToHash; $i++) {
    $tmpStr = $crypt->hashBdENC($bdHash);
    $bdHash->Clear();
    $bdHash->AppendString($tmpStr,'utf-8');
}

print 'Computed Mobile hash = ' . $bdHash->getString('utf-8') . "\n";

// Let's get the mobile hash stored in the XML and compare it with our computed hash.
$xml = new COM("Chilkat.Xml");
$success = $xml->LoadBd($bdXml,1);
$m_hash = $xml->chilkatPath('UidData|Poi|(m)');

print 'Stored Mobile hash   = ' . $m_hash . "\n";

// Now do the same thing for the email hash:

$strToHash = 'abc@gm.comLock@487';
$bdHash->Clear();
$success = $bdHash->AppendString($strToHash,'utf-8');

for ($i = 1; $i <= $numTimesToHash; $i++) {
    $tmpStr = $crypt->hashBdENC($bdHash);
    $bdHash->Clear();
    $bdHash->AppendString($tmpStr,'utf-8');
}

print 'Computed Email hash = ' . $bdHash->getString('utf-8') . "\n";

$e_hash = $xml->chilkatPath('UidData|Poi|(e)');
print 'Stored Email hash   = ' . $e_hash . "\n";

?>