Sample code for 30+ languages & platforms
Swift

Create JPK_VAT XaDES-BES Signed XML

See more XAdES Examples

Demonstrates how to sign XML for JPK_VAT.

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // This example will sign the following XML document:

    // <?xml version="1.0" encoding="utf-8"?>
    // <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
    //     <DocumentType>JPK</DocumentType>
    //     <Version>01.02.01.20160617</Version>
    //     <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">...</EncryptionKey>
    //     <DocumentList>
    //         <Document>
    //             <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
    //             <FileName>JPK_VAT_3_v1-1_20181208.xml</FileName>
    //             <ContentLength>8736</ContentLength>
    //             <HashValue algorithm="SHA-256" encoding="Base64">JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=</HashValue>
    //             <FileSignatureList filesNumber="1">
    //                 <Packaging>
    //                     <SplitZip mode="zip" type="split"/>
    //                 </Packaging>
    //                 <Encryption>
    //                     <AES block="16" mode="CBC" padding="PKCS#7" size="256">
    //                         <IV bytes="16" encoding="Base64">FFsCRAPYJD3J6cRvd44UDA==</IV>
    //                     </AES>
    //                 </Encryption>
    //                 <FileSignature>
    //                     <OrdinalNumber>1</OrdinalNumber>
    //                     <FileName>JPK_VAT_3_v1-1_20181208-000.xml.zip.aes</FileName>
    //                     <ContentLength>16</ContentLength>
    //                     <HashValue algorithm="MD5" encoding="Base64">BX2DTD3ASC/zF6aq/012Cg==</HashValue>
    //                 </FileSignature>
    //             </FileSignatureList>
    //         </Document>
    //     </DocumentList>
    // </InitUpload>

    // First we build the XML to be signed.
    // 
    // Use this online tool to generate the code from sample XML: 
    // Generate Code to Create XML

    success = true
    let xmlToSign = CkoXml()!
    xmlToSign.tag = "InitUpload"
    xmlToSign.addAttribute(name: "xmlns", value: "http://e-dokumenty.mf.gov.pl")
    xmlToSign.updateChildContent(tagPath: "DocumentType", value: "JPK")
    xmlToSign.updateChildContent(tagPath: "Version", value: "01.02.01.20160617")
    xmlToSign.updateAttrAt(tagPath: "EncryptionKey", autoCreate: true, attrName: "algorithm", attrValue: "RSA")
    xmlToSign.updateAttrAt(tagPath: "EncryptionKey", autoCreate: true, attrName: "encoding", attrValue: "Base64")
    xmlToSign.updateAttrAt(tagPath: "EncryptionKey", autoCreate: true, attrName: "mode", attrValue: "ECB")
    xmlToSign.updateAttrAt(tagPath: "EncryptionKey", autoCreate: true, attrName: "padding", attrValue: "PKCS#1")
    xmlToSign.updateChildContent(tagPath: "EncryptionKey", value: "...")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FormCode", autoCreate: true, attrName: "schemaVersion", attrValue: "1-1")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FormCode", autoCreate: true, attrName: "systemCode", attrValue: "JPK_VAT (3)")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|FormCode", value: "JPK_VAT")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|FileName", value: "JPK_VAT_3_v1-1_20181208.xml")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|ContentLength", value: "8736")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|HashValue", autoCreate: true, attrName: "algorithm", attrValue: "SHA-256")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|HashValue", autoCreate: true, attrName: "encoding", attrValue: "Base64")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|HashValue", value: "JEEI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkRMhmf1oQQ=")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList", autoCreate: true, attrName: "filesNumber", attrValue: "1")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|Packaging|SplitZip", autoCreate: true, attrName: "mode", attrValue: "zip")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|Packaging|SplitZip", autoCreate: true, attrName: "type", attrValue: "split")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|Encryption|AES", autoCreate: true, attrName: "block", attrValue: "16")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|Encryption|AES", autoCreate: true, attrName: "mode", attrValue: "CBC")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|Encryption|AES", autoCreate: true, attrName: "padding", attrValue: "PKCS#7")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|Encryption|AES", autoCreate: true, attrName: "size", attrValue: "256")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|Encryption|AES|IV", autoCreate: true, attrName: "bytes", attrValue: "16")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|Encryption|AES|IV", autoCreate: true, attrName: "encoding", attrValue: "Base64")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|FileSignatureList|Encryption|AES|IV", value: "FFsCRAPYJD3J6cRvd44UDA==")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber", value: "1")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|FileSignatureList|FileSignature|FileName", value: "JPK_VAT_3_v1-1_20181208-000.xml.zip.aes")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|FileSignatureList|FileSignature|ContentLength", value: "16")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|FileSignature|HashValue", autoCreate: true, attrName: "algorithm", attrValue: "MD5")
    xmlToSign.updateAttrAt(tagPath: "DocumentList|Document|FileSignatureList|FileSignature|HashValue", autoCreate: true, attrName: "encoding", attrValue: "Base64")
    xmlToSign.updateChildContent(tagPath: "DocumentList|Document|FileSignatureList|FileSignature|HashValue", value: "BX2DTD3ASC/zF6aq/012Cg==")

    // Also see the online tool to generate the code from sample already-signed XML: 
    // Generate XML Signature Creation Code from an Already-Signed XML Sample

    let gen = CkoXmlDSigGen()!

    gen.sigLocation = "InitUpload"
    gen.sigId = "id-1234"
    gen.sigNamespacePrefix = "ds"
    gen.sigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
    gen.signedInfoCanonAlg = "EXCL_C14N"
    gen.signedInfoDigestMethod = "sha256"

    // Create an Object to be added to the Signature.
    let object1 = CkoXml()!
    object1.tag = "xades:QualifyingProperties"
    object1.addAttribute(name: "Target", value: "#id-1234")
    object1.addAttribute(name: "xmlns:xades", value: "http://uri.etsi.org/01903/v1.3.2#")
    object1.updateAttrAt(tagPath: "xades:SignedProperties", autoCreate: true, attrName: "Id", attrValue: "xades-id-1234")
    object1.updateChildContent(tagPath: "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime", value: "TO BE GENERATED BY CHILKAT")
    object1.updateAttrAt(tagPath: "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod", autoCreate: true, attrName: "Algorithm", attrValue: "http://www.w3.org/2001/04/xmlenc#sha256")
    object1.updateChildContent(tagPath: "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue", value: "TO BE GENERATED BY CHILKAT")
    object1.updateChildContent(tagPath: "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2", value: "TO BE GENERATED BY CHILKAT")
    object1.updateAttrAt(tagPath: "xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat", autoCreate: true, attrName: "ObjectReference", attrValue: "#r-id-1")
    object1.updateChildContent(tagPath: "xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType", value: "text/xml")

    gen.add(id: "", content: object1.getXml(), mimeType: "", encoding: "")

    // -------- Reference 1 --------
    let xml1 = CkoXml()!
    xml1.tag = "ds:Transforms"
    xml1.updateAttrAt(tagPath: "ds:Transform", autoCreate: true, attrName: "Algorithm", attrValue: "http://www.w3.org/TR/1999/REC-xpath-19991116")
    xml1.updateChildContent(tagPath: "ds:Transform|ds:XPath", value: "not(ancestor-or-self::ds:Signature)")
    xml1.updateAttrAt(tagPath: "ds:Transform[1]", autoCreate: true, attrName: "Algorithm", attrValue: "http://www.w3.org/2001/10/xml-exc-c14n#")

    gen.addSameDocRef2(id: "", digestMethod: "sha256", transforms: xml1, refType: "")
    gen.setRefIdAttr(uri_or_id: "", value: "r-id-1")

    // -------- Reference 2 --------
    let xml2 = CkoXml()!
    xml2.tag = "ds:Transforms"
    xml2.updateAttrAt(tagPath: "ds:Transform", autoCreate: true, attrName: "Algorithm", attrValue: "http://www.w3.org/2001/10/xml-exc-c14n#")

    gen.addObjectRef2(id: "xades-id-1234", digestMethod: "sha256", transforms: xml2, refType: "http://uri.etsi.org/01903#SignedProperties")

    // Provide a certificate + private key. (PFX password is test123)
    // See Load Certificate on Smartcard for an example showing how to load the cert from a smartcard..
    let cert = CkoCert()!
    success = cert.loadPfxFile(path: "qa_data/pfx/cert_test123.pfx", password: "test123")
    if success != true {
        print("\(cert.lastErrorText!)")
        return
    }

    gen.setX509Cert(cert: cert, usePrivateKey: true)

    gen.keyInfoType = "X509Data"
    gen.x509Type = "Certificate"

    // Load XML to be signed...
    let sbXml = CkoStringBuilder()!
    xmlToSign.getSb(sb: sbXml)

    gen.behaviors = "IndentedSignature,TransformSignatureXPath,IssuerSerialHex"

    // Sign the XML...
    success = gen.createXmlDSigSb(sbXml: sbXml)
    if success != true {
        print("\(gen.lastErrorText!)")
        return
    }

    // Save the signed XMl to a file.
    success = sbXml.writeFile(path: "qa_output/signedXml.xml", charset: "utf-8", emitBom: false)

    print("\(sbXml.getAsString()!)")

    // ----------------------------------------
    // Verify the signature we just produced...
    let verifier = CkoXmlDSig()!
    success = verifier.loadSignatureSb(sbXmlSig: sbXml)
    if success != true {
        print("\(verifier.lastErrorText!)")
        return
    }

    var verified: Bool = verifier.verifySignature(verifyReferenceDigests: true)
    if verified != true {
        print("\(verifier.lastErrorText!)")
        return
    }

    print("This signature was successfully verified.")

}