PureBasic
PureBasic
Create Egypt ITIDA CAdES-BES Signature with Automatic JSON Canonicalization
See more Egypt ITIDA Examples
Demonstrates how to create a .p7s signature that fits Egypt's ITIDA requirements where Chilkat automatically does the ITIDA JSON canonicalization.Note: This example requires Chilkat v9.5.0.75 or greater.
Chilkat PureBasic Downloads
IncludeFile "CkCert.pb"
IncludeFile "CkJsonObject.pb"
IncludeFile "CkCrypt2.pb"
Procedure ChilkatExample()
success.i = 0
; This example assumes the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.
crypt.i = CkCrypt2::ckCreate()
If crypt.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkCrypt2::setCkVerboseLogging(crypt, 1)
cert.i = CkCert::ckCreate()
If cert.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkCert::setCkVerboseLogging(cert, 1)
; Set the smart card PIN, which will be needed for signing.
CkCert::setCkSmartCardPin(cert, "12345678")
; There are many ways to load the certificate.
; This example was created for a customer using an ePass2003 USB token.
; Assuming the USB token is the only source of a hardware-based private key..
success = CkCert::ckLoadFromSmartcard(cert,"")
If success <> 1
Debug CkCert::ckLastErrorText(cert)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
; Tell the crypt class to use this cert.
success = CkCrypt2::ckSetSigningCert(crypt,cert)
If success <> 1
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
ProcedureReturn
EndIf
cmsOptions.i = CkJsonObject::ckCreate()
If cmsOptions.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
; Setting "DigestData" causes OID 1.2.840.113549.1.7.5 (digestData) to be used.
CkJsonObject::ckUpdateBool(cmsOptions,"DigestData",1)
CkJsonObject::ckUpdateBool(cmsOptions,"OmitAlgorithmIdNull",1)
; Indicate that we are passing normal JSON and we want Chilkat do automatically
; do the ITIDA JSON canonicalization:
CkJsonObject::ckUpdateBool(cmsOptions,"CanonicalizeITIDA",1)
CkCrypt2::setCkCmsOptions(crypt, CkJsonObject::ckEmit(cmsOptions))
; The CadesEnabled property applies to all methods that create CMS/PKCS7 signatures.
; To create a CAdES-BES signature, set this property equal to true.
CkCrypt2::setCkCadesEnabled(crypt, 1)
CkCrypt2::setCkHashAlgorithm(crypt, "sha256")
jsonSigningAttrs.i = CkJsonObject::ckCreate()
If jsonSigningAttrs.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
CkJsonObject::ckUpdateInt(jsonSigningAttrs,"contentType",1)
CkJsonObject::ckUpdateInt(jsonSigningAttrs,"signingTime",1)
CkJsonObject::ckUpdateInt(jsonSigningAttrs,"messageDigest",1)
CkJsonObject::ckUpdateInt(jsonSigningAttrs,"signingCertificateV2",1)
CkCrypt2::setCkSigningAttributes(crypt, CkJsonObject::ckEmit(jsonSigningAttrs))
; By default, all the certs in the chain of authentication are included in the signature.
; If desired, we can choose to only include the signing certificate:
CkCrypt2::setCkIncludeCertChain(crypt, 0)
; Pass a JSON document such as the following. Chilkat will do the ITIDA canonicalization.
; (It is the canonicalized JSON that gets signed.)
; {
; "issuer":{
; "address":{
; "branchID":"0",
; "country":"EG",
; "regionCity":"Cairo",
; "postalCode":"",
; "buildingNumber":"0",
; "street":"123rd Street",
; "governate":"GOVERNATE"
; },
; "type":"B",
; "id":"209999899",
; "name":"Xyz SAE"
; },
; "receiver":{
; "address":{
; "country":"EG",
; "regionCity":"CAIRO",
; "postalCode":"11435",
; "buildingNumber":"0",
; "street":"Autostrad Road Abc",
; "governate":"GOVERNATE"
; },
; "type":"B",
; "id":"999999999",
; "name":"XYZ EGYPT FOR TRADE"
; },
; "documentType":"I",
; "documentTypeVersion":"1.0",
; "dateTimeIssued":"2020-11-15T11:04:53Z",
; "taxpayerActivityCode":"1073",
; "internalID":"ZZZZ999",
; "purchaseOrderReference":"2009199918",
; "salesOrderReference":"",
; "payment":{
; "bankName":"",
; "bankAddress":"",
; "bankAccountNo":"",
; "bankAccountIBAN":"",
; "swiftCode":"",
; "terms":""
; },
; "delivery":{
; "approach":"",
; "packaging":"",
; "dateValidity":"",
; "exportPort":"",
; "countryOfOrigin":"EG",
; "grossWeight":0,
; "netWeight":0,
; "terms":""
; },
; "invoiceLines":[
; {
; "description":"CDM Widget 48GX99X12BA",
; "itemType":"GS1",
; "itemCode":"7622213335056",
; "unitType":"CS",
; "quantity":1.00,
; "unitValue":{
; "currencySold":"EGP",
; "amountEGP":588.67,
; "amountSold":0,
; "currencyExchangeRate":0
; },
; "salesTotal":588.67,
; "total":603.97,
; "valueDifference":0,
; "totalTaxableFees":0,
; "netTotal":529.8,
; "itemsDiscount":0,
; "discount":{
; "rate":10.00,
; "amount":58.87
; },
; "taxableItems":[
; {
; "taxType":"T1",
; "amount":74.17,
; "subType":"No sub",
; "rate":14.00
; }
; ],
; "internalCode":"9099994"
; }
; ],
; "totalSales":588.67,
; "totalSalesAmount":588.67,
; "totalDiscountAmount":58.87,
; "netAmount":529.80,
; "taxTotals":[
; {
; "taxType":"T1",
; "amount":74.17
; }
; ],
; "extraDiscountAmount":0,
; "totalItemsDiscountAmount":0,
; "totalAmount":603.97,
; }
;
json.i = CkJsonObject::ckCreate()
If json.i = 0
Debug "Failed to create object."
ProcedureReturn
EndIf
success = CkJsonObject::ckLoadFile(json,"qa_data/itida/sdk.invoicing.eta.gov.eg/files/one-doc.json")
If success = 0
Debug CkJsonObject::ckLastErrorText(json)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(cmsOptions)
CkJsonObject::ckDispose(jsonSigningAttrs)
CkJsonObject::ckDispose(json)
ProcedureReturn
EndIf
CkJsonObject::setCkEmitCompact(json, 0)
; Create the CAdES-BES signature.
CkCrypt2::setCkEncodingMode(crypt, "base64")
; Make sure we sign the utf-8 byte representation of the JSON string
CkCrypt2::setCkCharset(crypt, "utf-8")
sigBase64.s = CkCrypt2::ckSignStringENC(crypt,CkJsonObject::ckEmit(json))
If CkCrypt2::ckLastMethodSuccess(crypt) = 0
Debug CkCrypt2::ckLastErrorText(crypt)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(cmsOptions)
CkJsonObject::ckDispose(jsonSigningAttrs)
CkJsonObject::ckDispose(json)
ProcedureReturn
EndIf
Debug "Base64 signature:"
Debug sigBase64
; Add the signature to the JSON.
CkJsonObject::ckUpdateString(json,"signatures[0].signatureType","I")
CkJsonObject::ckUpdateString(json,"signatures[0].value",sigBase64)
Debug "JSON with signature added:"
Debug CkJsonObject::ckEmit(json)
CkCrypt2::ckDispose(crypt)
CkCert::ckDispose(cert)
CkJsonObject::ckDispose(cmsOptions)
CkJsonObject::ckDispose(jsonSigningAttrs)
CkJsonObject::ckDispose(json)
ProcedureReturn
EndProcedure