Tcl
Tcl
SII XML Digital Signature
See more uncategorized Examples
Example for SII XML Digital Signature.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
set success 1
# Load the XML to be signed.
set xmlToSign [new_CkXml]
set success [CkXml_LoadXmlFile $xmlToSign "c:/aaworkarea/eduardo/sii_unsigned.xml"]
if {$success == 0} then {
puts [CkXml_lastErrorText $xmlToSign]
delete_CkXml $xmlToSign
exit
}
# The sample XML to be signed looks like this:
# <?xml version="1.0" encoding="ISO-8859-1"?>
# <EnvioDTE xmlns="http://www.sii.cl/SiiDte" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sii.cl/SiiDte EnvioDTE_v10.xsd" version="1.0">
# <SetDTE ID="SetDocF0T33_20240425_170512">
# <Caratula version="1.0">
# <RutEmisor>99999999-4</RutEmisor>
# <RutEnvia>12345678-6</RutEnvia>
# <RutReceptor>888888000-K</RutReceptor>
# <FchResol>2014-08-22</FchResol>
# <NroResol>80</NroResol>
# <TmstFirmaEnv>2024-04-25T17:05:13</TmstFirmaEnv>
# <SubTotDTE>
# <TpoDTE>33</TpoDTE>
# <NroDTE>1</NroDTE>
# </SubTotDTE>
# </Caratula>
# <DTE version="1.0">
# <Documento ID="F555T55">
# ...
# </Documento>
# </EnvioDTE>
set gen [new_CkXmlDSigGen]
CkXmlDSigGen_put_SigLocation $gen "EnvioDTE|SetDTE|DTE"
CkXmlDSigGen_put_SigLocationMod $gen 0
CkXmlDSigGen_put_SigNamespacePrefix $gen ""
CkXmlDSigGen_put_SigNamespaceUri $gen "http://www.w3.org/2000/09/xmldsig#"
CkXmlDSigGen_put_SignedInfoCanonAlg $gen "C14N"
CkXmlDSigGen_put_SignedInfoDigestMethod $gen "sha1"
# -------- Reference 1 --------
set xml1 [new_CkXml]
CkXml_put_Tag $xml1 "Transforms"
CkXml_UpdateAttrAt $xml1 "Transform" 1 "Algorithm" "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
CkXmlDSigGen_AddSameDocRef2 $gen "F511T33" "sha1" $xml1 ""
# Provide a certificate + private key. (PFX password is test123)
set cert [new_CkCert]
set success [CkCert_LoadPfxFile $cert "qa_data/pfx/cert_test123.pfx" "test123"]
if {$success != 1} then {
puts [CkCert_lastErrorText $cert]
delete_CkXml $xmlToSign
delete_CkXmlDSigGen $gen
delete_CkXml $xml1
delete_CkCert $cert
exit
}
CkXmlDSigGen_SetX509Cert $gen $cert 1
CkXmlDSigGen_put_KeyInfoType $gen "X509Data+KeyValue"
CkXmlDSigGen_put_X509Type $gen "Certificate"
# Load XML to be signed...
set sbXml [new_CkStringBuilder]
CkXml_GetXmlSb $xmlToSign $sbXml
CkXmlDSigGen_put_Behaviors $gen "IndentedSignature"
# Sign the XML...
set success [CkXmlDSigGen_CreateXmlDSigSb $gen $sbXml]
if {$success != 1} then {
puts [CkXmlDSigGen_lastErrorText $gen]
delete_CkXml $xmlToSign
delete_CkXmlDSigGen $gen
delete_CkXml $xml1
delete_CkCert $cert
delete_CkStringBuilder $sbXml
exit
}
# -----------------------------------------------
# Save the signed XML to a file.
set success [CkStringBuilder_WriteFile $sbXml "c:/temp/qa_output/signedXml.xml" "utf-8" 0]
puts [CkStringBuilder_getAsString $sbXml]
# ----------------------------------------
# Verify the signatures we just produced...
set verifier [new_CkXmlDSig]
set success [CkXmlDSig_LoadSignatureSb $verifier $sbXml]
if {$success != 1} then {
puts [CkXmlDSig_lastErrorText $verifier]
delete_CkXml $xmlToSign
delete_CkXmlDSigGen $gen
delete_CkXml $xml1
delete_CkCert $cert
delete_CkStringBuilder $sbXml
delete_CkXmlDSig $verifier
exit
}
set numSigs [CkXmlDSig_get_NumSignatures $verifier]
set verifyIdx 0
while {$verifyIdx < $numSigs} {
CkXmlDSig_put_Selector $verifier $verifyIdx
set verified [CkXmlDSig_VerifySignature $verifier 1]
if {$verified != 1} then {
puts [CkXmlDSig_lastErrorText $verifier]
delete_CkXml $xmlToSign
delete_CkXmlDSigGen $gen
delete_CkXml $xml1
delete_CkCert $cert
delete_CkStringBuilder $sbXml
delete_CkXmlDSig $verifier
exit
}
set verifyIdx [expr $verifyIdx + 1]
}
puts "All signatures were successfully verified."
delete_CkXml $xmlToSign
delete_CkXmlDSigGen $gen
delete_CkXml $xml1
delete_CkCert $cert
delete_CkStringBuilder $sbXml
delete_CkXmlDSig $verifier