PowerBuilder
PowerBuilder
Signed Zip as Base64 with XAdES-BES
See more XAdES Examples
This example is to help companies implement a solution for sending XAdES-BES to the Polish government for reporting purposes. Specifically:Przed podpisaniem deklaracja zbiorcza (PIT-11Z, PIT-8CZ, PIT-40Z, PIT-RZ) musi zostać
umieszczona w archiwum ZIP. W tym przypadku, podpisywany jest plik archiwum ZIP,
przyjmujący w podpisie XAdES-BES formę zakodowaną base64.
The example demonstrates the following:
- Zip an XML file (PIT-11Z.xml is zipped to PIT-11Z.zip)
- Create XML to be signed, where the XML contains the base64 encoded content of the PIT-11Z.zip archive.
- XAdES-BES sign the XML containing the base64 zip.
This example will also show the reverse:
- Verify the signed XML.
- Extract the PIT-11z.zip from the signed XML.
- Unzip the PIT-11Z.zip to get the original PIT-11Z.xml
Chilkat PowerBuilder Downloads
integer li_rc
integer li_Success
oleobject loo_SbXmlToZip
oleobject loo_Zip
oleobject loo_BdZip
oleobject loo_Gen
oleobject loo_Object1
oleobject loo_Cert
oleobject loo_SbXml
oleobject loo_Verifier
integer li_Verified
oleobject loo_Xml
string ls_StrZipBase64
oleobject loo_Entry
string ls_OrigXml
li_Success = 0
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Zip the PIT-11Z.xml to create PIT-11Z.zip (not as a .zip file, but in-memory).
loo_SbXmlToZip = create oleobject
li_rc = loo_SbXmlToZip.ConnectToNewObject("Chilkat.StringBuilder")
if li_rc < 0 then
destroy loo_SbXmlToZip
MessageBox("Error","Connecting to COM object failed")
return
end if
li_Success = loo_SbXmlToZip.LoadFile("qa_data/xml/PIT-11Z.xml","utf-8")
if li_Success <> 1 then
Write-Debug "Failed to load the XML to be zipped."
destroy loo_SbXmlToZip
return
end if
loo_Zip = create oleobject
li_rc = loo_Zip.ConnectToNewObject("Chilkat.Zip")
// Initialize the zip object. No file is created in this call.
// It should always return 1.
li_Success = loo_Zip.NewZip("PIT-11Z.zip")
// Add the XML to be zipped.
loo_Zip.AddSb("PIT-11Z.xml",loo_SbXmlToZip,"utf-8")
// Write the zip to a BinData object.
loo_BdZip = create oleobject
li_rc = loo_BdZip.ConnectToNewObject("Chilkat.BinData")
loo_Zip.WriteBd(loo_BdZip)
// The contents of the bdZip will be retrieved in base64 format when needed below..
loo_Gen = create oleobject
li_rc = loo_Gen.ConnectToNewObject("Chilkat.XmlDSigGen")
loo_Gen.SigLocation = ""
loo_Gen.SigLocationMod = 0
loo_Gen.SigId = "Signature_2a8df7f8-b958-40cc-83f6-edb53b837347_19"
loo_Gen.SigNamespacePrefix = "ds"
loo_Gen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
loo_Gen.SigValueId = "SignatureValue_2a8df7f8-b958-40cc-83f6-edb53b837347_52"
loo_Gen.SignedInfoId = "SignedInfo_2a8df7f8-b958-40cc-83f6-edb53b837347_41"
loo_Gen.SignedInfoCanonAlg = "C14N"
loo_Gen.SignedInfoDigestMethod = "sha1"
// Set the KeyInfoId before adding references..
loo_Gen.KeyInfoId = "KeyInfo_2a8df7f8-b958-40cc-83f6-edb53b837347_24"
// Create an Object to be added to the Signature.
loo_Object1 = create oleobject
li_rc = loo_Object1.ConnectToNewObject("Chilkat.Xml")
loo_Object1.Tag = "xades:QualifyingProperties"
loo_Object1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#")
loo_Object1.AddAttribute("Id","QualifyingProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_43")
loo_Object1.AddAttribute("Target","#Signature_2a8df7f8-b958-40cc-83f6-edb53b837347_19")
loo_Object1.UpdateAttrAt("xades:SignedProperties",1,"Id","SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e")
loo_Object1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties",1,"Id","SignedSignatureProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_0a")
// Chilkat will replace the strings "TO BE GENERATED BY CHILKAT" with actual values when the signature is created.
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT")
// Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1
loo_Object1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",1,"Algorithm","http://www.w3.org/2000/09/xmldsig#sha1")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT")
loo_Object1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties",1,"Id","SignedDataObjectProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4b")
loo_Object1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",1,"ObjectReference","#Reference1_2a8df7f8-b958-40cc-83f6-edb53b837347_27")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Description","MIME-Version: 1.0~r~nContent-Type: application/zip~r~nContent-Transfer-Encoding: binary~r~nContent-Disposition: filename="PIT-11Z.zip"")
loo_Object1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier",1,"Qualifier","OIDAsURI")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier","http://www.certum.pl/OIDAsURI/signedFile/1.2.616.1.113527.3.1.1.3.1")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Description","Opis formatu dokumentu oraz jego pelna nazwa")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:DocumentationReferences|xades:DocumentationReference","http://www.certum.pl/OIDAsURI/signedFile.pdf")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","application/zip")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:CommitmentTypeIndication|xades:CommitmentTypeId|xades:Identifier","http://uri.etsi.org/01903/v1.2.2#ProofOfApproval")
loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:CommitmentTypeIndication|xades:AllSignedDataObjects","")
loo_Object1.UpdateAttrAt("xades:UnsignedProperties",1,"Id","UnsignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_55")
// Emit XML in compact (single-line) format to avoid whitespace problems.
loo_Object1.EmitCompact = 1
loo_Gen.AddObject("",loo_Object1.GetXml(),"","")
// Create an Object to be added to the Signature.
// This is where we add the base64 representation of the PIT-11Z.zip
loo_Gen.AddObject("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347",loo_BdZip.GetEncoded("base64"),"","http://www.w3.org/2000/09/xmldsig#base64")
// -------- Reference 1 --------
loo_Gen.AddObjectRef("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347","sha1","C14N_WithComments","","")
loo_Gen.SetRefIdAttr("Object1_2a8df7f8-b958-40cc-83f6-edb53b837347","Reference1_2a8df7f8-b958-40cc-83f6-edb53b837347_27")
// -------- Reference 2 --------
loo_Gen.AddObjectRef("SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e","sha1","","","http://uri.etsi.org/01903#SignedProperties")
loo_Gen.SetRefIdAttr("SignedProperties_2a8df7f8-b958-40cc-83f6-edb53b837347_4e","SignedProperties-Reference_2a8df7f8-b958-40cc-83f6-edb53b837347_28")
// Provide a certificate + private key. (PFX password is test123)
loo_Cert = create oleobject
li_rc = loo_Cert.ConnectToNewObject("Chilkat.Cert")
li_Success = loo_Cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
if li_Success = 0 then
Write-Debug loo_Cert.LastErrorText
destroy loo_SbXmlToZip
destroy loo_Zip
destroy loo_BdZip
destroy loo_Gen
destroy loo_Object1
destroy loo_Cert
return
end if
loo_Gen.SetX509Cert(loo_Cert,1)
loo_Gen.KeyInfoType = "X509Data"
loo_Gen.X509Type = "Certificate"
// This will be an enveloping signature where the Signature element
// is the XML document root, the signed data is contained within Object
// tag(s) within the Signature.
// Therefore, pass an empty sbXml to CreateXmlDsigSb.
loo_SbXml = create oleobject
li_rc = loo_SbXml.ConnectToNewObject("Chilkat.StringBuilder")
// The Polish government's XmlDSig implementation requires that we reproduce an attribute-sorting error.
// (This is an error in the XML canonicalization that is not noticed when both the signature-creation code and signature-verification code use
// the same XML canonicalization implementation w/ the bug.)
loo_Gen.Behaviors = "AttributeSortingBug,CompactSignedXml"
// Sign the XML...
li_Success = loo_Gen.CreateXmlDSigSb(loo_SbXml)
if li_Success = 0 then
Write-Debug loo_Gen.LastErrorText
destroy loo_SbXmlToZip
destroy loo_Zip
destroy loo_BdZip
destroy loo_Gen
destroy loo_Object1
destroy loo_Cert
destroy loo_SbXml
return
end if
// -----------------------------------------------
// Save the signed XML to a file.
li_Success = loo_SbXml.WriteFile("qa_output/signedXml.xml","utf-8",0)
Write-Debug loo_SbXml.GetAsString()
// ----------------------------------------
// Verify the signature we just produced...
loo_Verifier = create oleobject
li_rc = loo_Verifier.ConnectToNewObject("Chilkat.XmlDSig")
li_Success = loo_Verifier.LoadSignatureSb(loo_SbXml)
if li_Success = 0 then
Write-Debug loo_Verifier.LastErrorText
destroy loo_SbXmlToZip
destroy loo_Zip
destroy loo_BdZip
destroy loo_Gen
destroy loo_Object1
destroy loo_Cert
destroy loo_SbXml
destroy loo_Verifier
return
end if
li_Verified = loo_Verifier.VerifySignature(1)
if li_Verified <> 1 then
Write-Debug loo_Verifier.LastErrorText
destroy loo_SbXmlToZip
destroy loo_Zip
destroy loo_BdZip
destroy loo_Gen
destroy loo_Object1
destroy loo_Cert
destroy loo_SbXml
destroy loo_Verifier
return
end if
Write-Debug "This signature was successfully verified."
// ------------------------------------
// Finally, let's extract the .zip from the signed XML, and then unzip the original PIT-11Z.xml from the in-memory zip.
loo_Xml = create oleobject
li_rc = loo_Xml.ConnectToNewObject("Chilkat.Xml")
loo_Xml.LoadSb(loo_SbXml,1)
// The base64 image of the PIT-11Z.zip is in the 2nd ds:Object child of the ds:Signature (the ds:Signature is the root element of the signed XML).
// (ds:Object[0] would be the 1st ds:Object child. Index 1 is the 2nd ds:Object child.)
ls_StrZipBase64 = loo_Xml.GetChildContent("ds:Object[1]")
loo_BdZip.Clear()
loo_BdZip.AppendEncoded(ls_StrZipBase64,"base64")
if loo_BdZip.NumBytes = 0 then
Write-Debug "Something went wrong.. we dont' have any data.."
destroy loo_SbXmlToZip
destroy loo_Zip
destroy loo_BdZip
destroy loo_Gen
destroy loo_Object1
destroy loo_Cert
destroy loo_SbXml
destroy loo_Verifier
destroy loo_Xml
return
end if
li_Success = loo_Zip.OpenBd(loo_BdZip)
if li_Success = 0 then
Write-Debug loo_Zip.LastErrorText
destroy loo_SbXmlToZip
destroy loo_Zip
destroy loo_BdZip
destroy loo_Gen
destroy loo_Object1
destroy loo_Cert
destroy loo_SbXml
destroy loo_Verifier
destroy loo_Xml
return
end if
// Get the 1st file in the zip, which should be the PIT-11Z.xml
loo_Entry = create oleobject
li_rc = loo_Entry.ConnectToNewObject("Chilkat.ZipEntry")
li_Success = loo_Zip.EntryAt(0,loo_Entry)
if li_Success = 0 then
Write-Debug "Zip contains no files..."
destroy loo_SbXmlToZip
destroy loo_Zip
destroy loo_BdZip
destroy loo_Gen
destroy loo_Object1
destroy loo_Cert
destroy loo_SbXml
destroy loo_Verifier
destroy loo_Xml
destroy loo_Entry
return
end if
// Get the XML:
ls_OrigXml = loo_Entry.UnzipToString(0,"utf-8")
Write-Debug "Original XML extracted from base64 zip:"
Write-Debug ls_OrigXml
destroy loo_SbXmlToZip
destroy loo_Zip
destroy loo_BdZip
destroy loo_Gen
destroy loo_Object1
destroy loo_Cert
destroy loo_SbXml
destroy loo_Verifier
destroy loo_Xml
destroy loo_Entry