|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Swift 3,4,5...) XML-DSig Add Object Reference with Transforms Specified ExplicitlyDemonstrates how to use the new AddObjectRef2 method to explicitly specify the XML Transforms fragment.
func chilkatTest() { // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. var success: Bool = true // Build the following XML to be signed: // <?xml version="1.0" encoding="utf-8"?> // <InitUpload xmlns="http://e-dokumenty.mf.gov.pl"> // <DocumentType>JPK</DocumentType> // <Version>01.02.01.20160617</Version> // <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">xxxx</EncryptionKey> // <DocumentList> // <Document> // <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode> // <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName> // <ContentLength>8736</ContentLength> // <HashValue algorithm="SHA-256" encoding="Base64">JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue> // <FileSignatureList filesNumber="1"> // <Packaging> // <SplitZip mode="zip" type="split"/> // </Packaging> // <Encryption> // <AES block="16" mode="CBC" padding="PKCS#7" size="256"> // <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV> // </AES> // </Encryption> // <FileSignature> // <OrdinalNumber>1</OrdinalNumber> // <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName> // <ContentLength>16</ContentLength> // <HashValue algorithm="MD5" encoding="Base64">5MX0q1935fvMjLFV7E1yDw==</HashValue> // </FileSignature> // </FileSignatureList> // </Document> // </DocumentList> // </InitUpload> // Use this online tool to generate code from sample XML: // Generate Code to Create XML let xmlToSign = CkoXml()! xmlToSign.tag = "InitUpload" xmlToSign.addAttribute("xmlns", value: "http://e-dokumenty.mf.gov.pl") xmlToSign.updateChildContent("DocumentType", value: "JPK") xmlToSign.updateChildContent("Version", value: "01.02.01.20160617") xmlToSign.updateAttr(at: "EncryptionKey", autoCreate: true, attrName: "algorithm", attrValue: "RSA") xmlToSign.updateAttr(at: "EncryptionKey", autoCreate: true, attrName: "encoding", attrValue: "Base64") xmlToSign.updateAttr(at: "EncryptionKey", autoCreate: true, attrName: "mode", attrValue: "ECB") xmlToSign.updateAttr(at: "EncryptionKey", autoCreate: true, attrName: "padding", attrValue: "PKCS#1") xmlToSign.updateChildContent("EncryptionKey", value: "xxxx") xmlToSign.updateAttr(at: "DocumentList|Document|FormCode", autoCreate: true, attrName: "schemaVersion", attrValue: "1-1") xmlToSign.updateAttr(at: "DocumentList|Document|FormCode", autoCreate: true, attrName: "systemCode", attrValue: "JPK_VAT (3)") xmlToSign.updateChildContent("DocumentList|Document|FormCode", value: "JPK_VAT") xmlToSign.updateChildContent("DocumentList|Document|FileName", value: "JPK_VAT_3_v1-1_20181201.xml") xmlToSign.updateChildContent("DocumentList|Document|ContentLength", value: "8736") xmlToSign.updateAttr(at: "DocumentList|Document|HashValue", autoCreate: true, attrName: "algorithm", attrValue: "SHA-256") xmlToSign.updateAttr(at: "DocumentList|Document|HashValue", autoCreate: true, attrName: "encoding", attrValue: "Base64") xmlToSign.updateChildContent("DocumentList|Document|HashValue", value: "JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList", autoCreate: true, attrName: "filesNumber", attrValue: "1") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|Packaging|SplitZip", autoCreate: true, attrName: "mode", attrValue: "zip") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|Packaging|SplitZip", autoCreate: true, attrName: "type", attrValue: "split") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|Encryption|AES", autoCreate: true, attrName: "block", attrValue: "16") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|Encryption|AES", autoCreate: true, attrName: "mode", attrValue: "CBC") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|Encryption|AES", autoCreate: true, attrName: "padding", attrValue: "PKCS#7") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|Encryption|AES", autoCreate: true, attrName: "size", attrValue: "256") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|Encryption|AES|IV", autoCreate: true, attrName: "bytes", attrValue: "16") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|Encryption|AES|IV", autoCreate: true, attrName: "encoding", attrValue: "Base64") xmlToSign.updateChildContent("DocumentList|Document|FileSignatureList|Encryption|AES|IV", value: "z64oN9zXHt1+S3XACRSCYw==") xmlToSign.updateChildContent("DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber", value: "1") xmlToSign.updateChildContent("DocumentList|Document|FileSignatureList|FileSignature|FileName", value: "JPK_VAT_3_v1-1_20181201-000.xml.zip.aes") xmlToSign.updateChildContent("DocumentList|Document|FileSignatureList|FileSignature|ContentLength", value: "16") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|FileSignature|HashValue", autoCreate: true, attrName: "algorithm", attrValue: "MD5") xmlToSign.updateAttr(at: "DocumentList|Document|FileSignatureList|FileSignature|HashValue", autoCreate: true, attrName: "encoding", attrValue: "Base64") xmlToSign.updateChildContent("DocumentList|Document|FileSignatureList|FileSignature|HashValue", value: "5MX0q1935fvMjLFV7E1yDw==") let gen = CkoXmlDSigGen()! gen.sigLocation = "InitUpload" gen.sigLocationMod = 0 gen.sigId = "id-1234" gen.sigNamespacePrefix = "ds" gen.sigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#" gen.signedInfoCanonAlg = "EXCL_C14N" gen.signedInfoDigestMethod = "sha256" // Create an Object to be added to the Signature. // <xades:QualifyingProperties Target="#id-1234" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#"> // <xades:SignedProperties Id="xades-id-1234"> // <xades:SignedSignatureProperties> // <xades:SigningTime>TO BE GENERATED BY CHILKAT</xades:SigningTime> // <xades:SigningCertificate> // <xades:Cert> // <xades:CertDigest> // <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> // <ds:DigestValue>TO BE GENERATED BY CHILKAT</ds:DigestValue> // </xades:CertDigest> // <xades:IssuerSerial> // <ds:X509IssuerName>TO BE GENERATED BY CHILKAT</ds:X509IssuerName> // <ds:X509SerialNumber>TO BE GENERATED BY CHILKAT</ds:X509SerialNumber> // </xades:IssuerSerial> // </xades:Cert> // </xades:SigningCertificate> // </xades:SignedSignatureProperties> // <xades:SignedDataObjectProperties> // <xades:DataObjectFormat ObjectReference="#r-id-1"> // <xades:MimeType>text/xml</xades:MimeType> // </xades:DataObjectFormat> // </xades:SignedDataObjectProperties> // </xades:SignedProperties> // </xades:QualifyingProperties> let object1 = CkoXml()! object1.tag = "xades:QualifyingProperties" object1.addAttribute("Target", value: "#id-1234") object1.addAttribute("xmlns:xades", value: "http://uri.etsi.org/01903/v1.3.2#") object1.updateAttr(at: "xades:SignedProperties", autoCreate: true, attrName: "Id", attrValue: "xades-id-1234") // Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1 object1.updateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime", value: "TO BE GENERATED BY CHILKAT") object1.updateAttr(at: "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod", autoCreate: true, attrName: "Algorithm", attrValue: "http://www.w3.org/2000/09/xmldsig#sha1") object1.updateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue", value: "TO BE GENERATED BY CHILKAT") object1.updateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName", value: "TO BE GENERATED BY CHILKAT") object1.updateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber", value: "TO BE GENERATED BY CHILKAT") object1.updateAttr(at: "xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat", autoCreate: true, attrName: "ObjectReference", attrValue: "#r-id-1") object1.updateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType", value: "text/xml") gen.addObject("", content: object1.getXml(), mimeType: "", encoding: "") // -------- Reference 1 -------- // Build the following Transforms fragment: // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> // <ds:XPath>not(ancestor-or-self::ds:Signature)</ds:XPath> // </ds:Transform> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> let xml1 = CkoXml()! xml1.tag = "ds:Transforms" xml1.updateAttr(at: "ds:Transform", autoCreate: true, attrName: "Algorithm", attrValue: "http://www.w3.org/TR/1999/REC-xpath-19991116") xml1.updateChildContent("ds:Transform|ds:XPath", value: "not(ancestor-or-self::ds:Signature)") xml1.updateAttr(at: "ds:Transform[1]", autoCreate: true, attrName: "Algorithm", attrValue: "http://www.w3.org/2001/10/xml-exc-c14n#") gen.addSameDocRef2("", digestMethod: "sha256", transforms: xml1, refType: "") gen.setRefIdAttr("", value: "r-id-1") // -------- Reference 2 -------- // Build the following Transforms fragment: // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> // </ds:Transforms> let xml2 = CkoXml()! xml2.tag = "ds:Transforms" xml2.updateAttr(at: "ds:Transform", autoCreate: true, attrName: "Algorithm", attrValue: "http://www.w3.org/2001/10/xml-exc-c14n#") gen.addObjectRef2("xades-id-1234", digestMethod: "sha256", transforms: xml2, refType: "http://uri.etsi.org/01903#SignedProperties") // Provide a certificate + private key. (PFX password is test123) let cert = CkoCert()! success = cert.loadPfxFile("qa_data/pfx/cert_test123.pfx", password: "test123") if success != true { print("\(cert.lastErrorText!)") return } gen.setX509Cert(cert, usePrivateKey: true) gen.keyInfoType = "X509Data" gen.x509Type = "Certificate" // Load XML to be signed... let sbXml = CkoStringBuilder()! xmlToSign.getSb(sbXml) gen.behaviors = "IndentedSignature" // Sign the XML... success = gen.createXmlDSigSb(sbXml) if success != true { print("\(gen.lastErrorText!)") return } // ----------------------------------------------- // Save the signed XML to a file. success = sbXml.writeFile("qa_output/signedXml.xml", charset: "utf-8", emitBom: false) print("\(sbXml.getAsString()!)") // ---------------------------------------- // Verify the signatures we just produced... let verifier = CkoXmlDSig()! success = verifier.loadSignatureSb(sbXml) if success != true { print("\(verifier.lastErrorText!)") return } var numSigs: Int = verifier.numSignatures.intValue var verifyIdx: Int = 0 while verifyIdx < numSigs { verifier.selector = verifyIdx var verified: Bool = verifier.verifySignature(true) if verified != true { print("\(verifier.lastErrorText!)") return } verifyIdx = verifyIdx + 1 } print("All signatures were successfully verified.") } |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.