|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Aadhaar Paperless Offline e-kycOpens an encrypted .zip containing Aadhaar Paperless Offline e-KYC XML. Gets the XML and validates the digital signature. Then computes the hash for the mobile number and Email ID. For more information, see https://uidai.gov.in/ecosystem/authentication-devices-documents/about-aadhaar-paperless-offline-e-kyc.html
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # Open the .zip containing the Aadhaar Paperless Offline e-KYC XML. # The .zip is encrypted using the "Share Phrase". set zip [new_CkZip] set success [CkZip_OpenZip $zip "qa_data/xml_dsig/offline_paperless_kyc.zip"] if {$success == 0} then { puts [CkZip_lastErrorText $zip] delete_CkZip $zip exit } # The .zip should contain 1 XML file. # entry is a CkZipEntry set entry [CkZip_GetEntryByIndex $zip 0] if {[CkZip_get_LastMethodSuccess $zip] == 0} then { puts [CkZip_lastErrorText $zip] delete_CkZip $zip exit } # To get the contents, we need to specify the Share Phrase. set sharePhrase "Lock@487" CkZip_put_DecryptPassword $zip $sharePhrase set bdXml [new_CkBinData] # The XML file will be unzipped into the bdXml object. set success [CkZipEntry_UnzipToBd $entry $bdXml] if {$success == 0} then { puts [CkZipEntry_lastErrorText $entry] delete_CkZipEntry $entry delete_CkZip $zip delete_CkBinData $bdXml exit } delete_CkZipEntry $entry # First verify the XML digital signature. set dsig [new_CkXmlDSig] set success [CkXmlDSig_LoadSignatureBd $dsig $bdXml] if {$success != 1} then { puts [CkXmlDSig_lastErrorText $dsig] delete_CkZip $zip delete_CkBinData $bdXml delete_CkXmlDSig $dsig exit } # The UIDAI XML signature does not contain the KeyInfo, so we must load the uidai certificate # and indicate that its public key is to be used for verifying the signature. set cert [new_CkCert] set success [CkCert_LoadFromFile $cert "qa_data/xml_dsig/uidai_auth_sign_prod_2023.cer"] if {$success != 1} then { puts [CkCert_lastErrorText $cert] delete_CkZip $zip delete_CkBinData $bdXml delete_CkXmlDSig $dsig delete_CkCert $cert exit } # Get the certificate's public key. # pubKey is a CkPublicKey set pubKey [CkCert_ExportPublicKey $cert] set success [CkXmlDSig_SetPublicKey $dsig $pubKey] delete_CkPublicKey $pubKey # The XML in this example contains only 1 signature. set bVerifyReferenceDigests 1 set bVerified [CkXmlDSig_VerifySignature $dsig $bVerifyReferenceDigests] if {$bVerified == 0} then { puts [CkXmlDSig_lastErrorText $dsig] puts "The signature was not valid." delete_CkZip $zip delete_CkBinData $bdXml delete_CkXmlDSig $dsig delete_CkCert $cert exit } puts "The XML digital signature is valid." # Let's compute the hash for the Mobile Number. # Hashing logic for Mobile Number : # Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number # (Ref ID field contains last 4 digits). # # Example : # Mobile: 1234567890 # Aadhaar Number:XXXX XXXX 3632 # Passcode : Lock@487 # Hash: Sha256(Sha256(1234567890Lock@487))*2 # In case of Aadhaar number ends with Zero we will hashed one time. set crypt [new_CkCrypt2] CkCrypt2_put_HashAlgorithm $crypt "sha256" CkCrypt2_put_EncodingMode $crypt "hexlower" set strToHash "1234567890Lock@487" set bdHash [new_CkBinData] set success [CkBinData_AppendString $bdHash $strToHash "utf-8"] # Hash a number of times equal to the last digit of your Aadhaar number. # If the Aadhaar number ends with 0, then hash one time. # For this example, we'll just set the number of times to hash # for the case where an Aadhaar number ends in "9" set numTimesToHash 9 for {set i 1} {$i <= $numTimesToHash} {incr i} { set tmpStr [CkCrypt2_hashBdENC $crypt $bdHash] CkBinData_Clear $bdHash CkBinData_AppendString $bdHash $tmpStr "utf-8" } puts "Computed Mobile hash = [CkBinData_getString $bdHash utf-8]" # Let's get the mobile hash stored in the XML and compare it with our computed hash. set xml [new_CkXml] set success [CkXml_LoadBd $xml $bdXml 1] set m_hash [CkXml_chilkatPath $xml "UidData|Poi|(m)"] puts "Stored Mobile hash = $m_hash" # Now do the same thing for the email hash: set strToHash "abc@gm.comLock@487" CkBinData_Clear $bdHash set success [CkBinData_AppendString $bdHash $strToHash "utf-8"] for {set i 1} {$i <= $numTimesToHash} {incr i} { set tmpStr [CkCrypt2_hashBdENC $crypt $bdHash] CkBinData_Clear $bdHash CkBinData_AppendString $bdHash $tmpStr "utf-8" } puts "Computed Email hash = [CkBinData_getString $bdHash utf-8]" set e_hash [CkXml_chilkatPath $xml "UidData|Poi|(e)"] puts "Stored Email hash = $e_hash" delete_CkZip $zip delete_CkBinData $bdXml delete_CkXmlDSig $dsig delete_CkCert $cert delete_CkCrypt2 $crypt delete_CkBinData $bdHash delete_CkXml $xml |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.