Sample code for 30+ languages & platforms
PowerShell

Create JPK_VAT XaDES-BES Signed XML

See more XAdES Examples

Demonstrates how to sign XML for JPK_VAT.

Chilkat PowerShell Downloads

PowerShell
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"

$success = $false

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# This example will sign the following XML document:

# <?xml version="1.0" encoding="utf-8"?>
# <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
#     <DocumentType>JPK</DocumentType>
#     <Version>01.02.01.20160617</Version>
#     <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">...</EncryptionKey>
#     <DocumentList>
#         <Document>
#             <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
#             <FileName>JPK_VAT_3_v1-1_20181208.xml</FileName>
#             <ContentLength>8736</ContentLength>
#             <HashValue algorithm="SHA-256" encoding="Base64">JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=</HashValue>
#             <FileSignatureList filesNumber="1">
#                 <Packaging>
#                     <SplitZip mode="zip" type="split"/>
#                 </Packaging>
#                 <Encryption>
#                     <AES block="16" mode="CBC" padding="PKCS#7" size="256">
#                         <IV bytes="16" encoding="Base64">FFsCRAPYJD3J6cRvd44UDA==</IV>
#                     </AES>
#                 </Encryption>
#                 <FileSignature>
#                     <OrdinalNumber>1</OrdinalNumber>
#                     <FileName>JPK_VAT_3_v1-1_20181208-000.xml.zip.aes</FileName>
#                     <ContentLength>16</ContentLength>
#                     <HashValue algorithm="MD5" encoding="Base64">BX2DTD3ASC/zF6aq/012Cg==</HashValue>
#                 </FileSignature>
#             </FileSignatureList>
#         </Document>
#     </DocumentList>
# </InitUpload>

# First we build the XML to be signed.
# 
# Use this online tool to generate the code from sample XML: 
# Generate Code to Create XML

$success = $true
$xmlToSign = New-Object Chilkat.Xml
$xmlToSign.Tag = "InitUpload"
$xmlToSign.AddAttribute("xmlns","http://e-dokumenty.mf.gov.pl")
$xmlToSign.UpdateChildContent("DocumentType","JPK")
$xmlToSign.UpdateChildContent("Version","01.02.01.20160617")
$xmlToSign.UpdateAttrAt("EncryptionKey",$true,"algorithm","RSA")
$xmlToSign.UpdateAttrAt("EncryptionKey",$true,"encoding","Base64")
$xmlToSign.UpdateAttrAt("EncryptionKey",$true,"mode","ECB")
$xmlToSign.UpdateAttrAt("EncryptionKey",$true,"padding","PKCS#1")
$xmlToSign.UpdateChildContent("EncryptionKey","...")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",$true,"schemaVersion","1-1")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",$true,"systemCode","JPK_VAT (3)")
$xmlToSign.UpdateChildContent("DocumentList|Document|FormCode","JPK_VAT")
$xmlToSign.UpdateChildContent("DocumentList|Document|FileName","JPK_VAT_3_v1-1_20181208.xml")
$xmlToSign.UpdateChildContent("DocumentList|Document|ContentLength","8736")
$xmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",$true,"algorithm","SHA-256")
$xmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",$true,"encoding","Base64")
$xmlToSign.UpdateChildContent("DocumentList|Document|HashValue","JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList",$true,"filesNumber","1")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",$true,"mode","zip")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",$true,"type","split")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",$true,"block","16")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",$true,"mode","CBC")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",$true,"padding","PKCS#7")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",$true,"size","256")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",$true,"bytes","16")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",$true,"encoding","Base64")
$xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|Encryption|AES|IV","FFsCRAPYJD3J6cRvd44UDA==")
$xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber","1")
$xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|FileName","JPK_VAT_3_v1-1_20181208-000.xml.zip.aes")
$xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|ContentLength","16")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",$true,"algorithm","MD5")
$xmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",$true,"encoding","Base64")
$xmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|HashValue","BX2DTD3ASC/zF6aq/012Cg==")

# Also see the online tool to generate the code from sample already-signed XML: 
# Generate XML Signature Creation Code from an Already-Signed XML Sample

$gen = New-Object Chilkat.XmlDSigGen

$gen.SigLocation = "InitUpload"
$gen.SigId = "id-1234"
$gen.SigNamespacePrefix = "ds"
$gen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
$gen.SignedInfoCanonAlg = "EXCL_C14N"
$gen.SignedInfoDigestMethod = "sha256"

# Create an Object to be added to the Signature.
$object1 = New-Object Chilkat.Xml
$object1.Tag = "xades:QualifyingProperties"
$object1.AddAttribute("Target","#id-1234")
$object1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#")
$object1.UpdateAttrAt("xades:SignedProperties",$true,"Id","xades-id-1234")
$object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT")
$object1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",$true,"Algorithm","http://www.w3.org/2001/04/xmlenc#sha256")
$object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT")
$object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT")
$object1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",$true,"ObjectReference","#r-id-1")
$object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","text/xml")

$gen.AddObject("",$object1.GetXml(),"","")

# -------- Reference 1 --------
$xml1 = New-Object Chilkat.Xml
$xml1.Tag = "ds:Transforms"
$xml1.UpdateAttrAt("ds:Transform",$true,"Algorithm","http://www.w3.org/TR/1999/REC-xpath-19991116")
$xml1.UpdateChildContent("ds:Transform|ds:XPath","not(ancestor-or-self::ds:Signature)")
$xml1.UpdateAttrAt("ds:Transform[1]",$true,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#")

$gen.AddSameDocRef2("","sha256",$xml1,"")
$gen.SetRefIdAttr("","r-id-1")

# -------- Reference 2 --------
$xml2 = New-Object Chilkat.Xml
$xml2.Tag = "ds:Transforms"
$xml2.UpdateAttrAt("ds:Transform",$true,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#")

$gen.AddObjectRef2("xades-id-1234","sha256",$xml2,"http://uri.etsi.org/01903#SignedProperties")

# Provide a certificate + private key. (PFX password is test123)
# See Load Certificate on Smartcard for an example showing how to load the cert from a smartcard..
$cert = New-Object Chilkat.Cert
$success = $cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
if ($success -ne $true) {
    $($cert.LastErrorText)
    exit
}

$gen.SetX509Cert($cert,$true)

$gen.KeyInfoType = "X509Data"
$gen.X509Type = "Certificate"

# Load XML to be signed...
$sbXml = New-Object Chilkat.StringBuilder
$xmlToSign.GetXmlSb($sbXml)

$gen.Behaviors = "IndentedSignature,TransformSignatureXPath,IssuerSerialHex"

# Sign the XML...
$success = $gen.CreateXmlDSigSb($sbXml)
if ($success -ne $true) {
    $($gen.LastErrorText)
    exit
}

# Save the signed XMl to a file.
$success = $sbXml.WriteFile("qa_output/signedXml.xml","utf-8",$false)

$($sbXml.GetAsString())

# ----------------------------------------
# Verify the signature we just produced...
$verifier = New-Object Chilkat.XmlDSig
$success = $verifier.LoadSignatureSb($sbXml)
if ($success -ne $true) {
    $($verifier.LastErrorText)
    exit
}

$verified = $verifier.VerifySignature($true)
if ($verified -ne $true) {
    $($verifier.LastErrorText)
    exit
}

$("This signature was successfully verified.")