|
Chilkat • HOME • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi DLL • Go • Java • Node.js • Objective-C • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Unicode C) Sign XML for Zakat, Tax and Customs Authority (ZATCA)See more ZATCA ExamplesDemonstrates how to sign XML for Zakat, Tax and Customs Authority (ZATCA).
#include <C_CkStringBuilderW.h> #include <C_CkXmlDSigGenW.h> #include <C_CkXmlW.h> #include <C_CkCertW.h> #include <C_CkPrivateKeyW.h> #include <C_CkXmlDSigW.h> void ChilkatSample(void) { BOOL success; HCkStringBuilderW sbXml; HCkXmlDSigGenW gen; HCkXmlW object1; HCkXmlW xml1; HCkCertW certFromPfx; HCkCertW cert; HCkPrivateKeyW privKey; HCkXmlDSigW verifier; int numSigs; int verifyIdx; BOOL verified; // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. success = TRUE; // Load XML to be signed... sbXml = CkStringBuilderW_Create(); success = CkStringBuilderW_LoadFile(sbXml,L"qa_data/xml_dsig_valid_samples/UBL_Saudi_ZATCA_Zakat_Tax_and_Customs_Authority_toBeSigned.xml",L"utf-8"); if (success == FALSE) { wprintf(L"Failed to load XML file to be signed.\n"); CkStringBuilderW_Dispose(sbXml); return; } // Loads XML containing the following (with data modified from the original sample). // <?xml version="1.0" encoding="UTF-8"?> // <Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:ext="urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2"><ext:UBLExtensions> // <ext:UBLExtension> // <ext:ExtensionURI>urn:oasis:names:specification:ubl:dsig:enveloped:xades</ext:ExtensionURI> // <ext:ExtensionContent> // <sig:UBLDocumentSignatures xmlns:sig="urn:oasis:names:specification:ubl:schema:xsd:CommonSignatureComponents-2" xmlns:sac="urn:oasis:names:specification:ubl:schema:xsd:SignatureAggregateComponents-2" xmlns:sbc="urn:oasis:names:specification:ubl:schema:xsd:SignatureBasicComponents-2"> // <sac:SignatureInformation> // <cbc:ID>urn:oasis:names:specification:ubl:signature:1</cbc:ID> // <sbc:ReferencedSignatureID>urn:oasis:names:specification:ubl:signature:Invoice</sbc:ReferencedSignatureID> // // </sac:SignatureInformation> // </sig:UBLDocumentSignatures> // </ext:ExtensionContent> // </ext:UBLExtension> // </ext:UBLExtensions> // // <cbc:ProfileID>reporting:1.0</cbc:ProfileID> // <cbc:ID>100</cbc:ID> // <cbc:UUID>3cf5ee18-ee25-44ea-a444-2c37ba7f28be</cbc:UUID> // <cbc:IssueDate>2021-04-25</cbc:IssueDate> // <cbc:IssueTime>15:30:00</cbc:IssueTime> // <cbc:InvoiceTypeCode name="0100000">388</cbc:InvoiceTypeCode> // <cbc:DocumentCurrencyCode>SAR</cbc:DocumentCurrencyCode> // <cbc:TaxCurrencyCode>SAR</cbc:TaxCurrencyCode> // <cbc:LineCountNumeric>2</cbc:LineCountNumeric> // <cac:AdditionalDocumentReference> // <cbc:ID>ICV</cbc:ID> // <cbc:UUID>46531</cbc:UUID> // </cac:AdditionalDocumentReference> // <cac:AdditionalDocumentReference> // <cbc:ID>PIH</cbc:ID> // <cac:Attachment> // <cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">NWZl......NTdlOQ==</cbc:EmbeddedDocumentBinaryObject> // </cac:Attachment> // </cac:AdditionalDocumentReference> // // // <cac:AdditionalDocumentReference> // <cbc:ID>QR</cbc:ID> // <cac:Attachment> // <cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">ARlBbC........FAau5g</cbc:EmbeddedDocumentBinaryObject> // </cac:Attachment> // </cac:AdditionalDocumentReference><cac:Signature> // <cbc:ID>urn:oasis:names:specification:ubl:signature:Invoice</cbc:ID> // <cbc:SignatureMethod>urn:oasis:names:specification:ubl:dsig:enveloped:xades</cbc:SignatureMethod> // </cac:Signature><cac:AccountingSupplierParty> // <cac:Party> // <cac:PartyIdentification> // <cbc:ID schemeID="MLS">123457890</cbc:ID> // </cac:PartyIdentification> // <cac:PostalAddress> // <cbc:StreetName>King Abdulaziz Road</cbc:StreetName> // <cbc:BuildingNumber>9999</cbc:BuildingNumber> // <cbc:PlotIdentification>9999</cbc:PlotIdentification> // <cbc:CitySubdivisionName>Al Amal</cbc:CitySubdivisionName> // <cbc:CityName>Riyadh</cbc:CityName> // <cbc:PostalZone>12643</cbc:PostalZone> // <cbc:CountrySubentity>Riyadh Region</cbc:CountrySubentity> // <cac:Country> // <cbc:IdentificationCode>SA</cbc:IdentificationCode> // </cac:Country> // </cac:PostalAddress> // <cac:PartyTaxScheme> // <cbc:CompanyID>300099999900003</cbc:CompanyID> // <cac:TaxScheme> // <cbc:ID>VAT</cbc:ID> // </cac:TaxScheme> // </cac:PartyTaxScheme> // <cac:PartyLegalEntity> // <cbc:RegistrationName>Example Co. LTD</cbc:RegistrationName> // </cac:PartyLegalEntity> // </cac:Party> // </cac:AccountingSupplierParty> // <cac:AccountingCustomerParty> // <cac:Party> // <cac:PartyIdentification> // <cbc:ID schemeID="SAG">123C12345678</cbc:ID> // </cac:PartyIdentification> // <cac:PostalAddress> // <cbc:StreetName>King Abdullah Road</cbc:StreetName> // <cbc:BuildingNumber>9999</cbc:BuildingNumber> // <cbc:PlotIdentification>9999</cbc:PlotIdentification> // <cbc:CitySubdivisionName>Al Mursalat</cbc:CitySubdivisionName> // <cbc:CityName>Riyadh</cbc:CityName> // <cbc:PostalZone>11564</cbc:PostalZone> // <cbc:CountrySubentity>Riyadh Region</cbc:CountrySubentity> // <cac:Country> // <cbc:IdentificationCode>SA</cbc:IdentificationCode> // </cac:Country> // </cac:PostalAddress> // <cac:PartyTaxScheme> // <cac:TaxScheme> // <cbc:ID>VAT</cbc:ID> // </cac:TaxScheme> // </cac:PartyTaxScheme> // <cac:PartyLegalEntity> // <cbc:RegistrationName>EXAMPLE MARKETS</cbc:RegistrationName> // </cac:PartyLegalEntity> // </cac:Party> // </cac:AccountingCustomerParty> // <cac:Delivery> // <cbc:ActualDeliveryDate>2022-04-25</cbc:ActualDeliveryDate> // </cac:Delivery> // <cac:PaymentMeans> // <cbc:PaymentMeansCode>42</cbc:PaymentMeansCode> // </cac:PaymentMeans> // <cac:TaxTotal> // <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount> // <cac:TaxSubtotal> // <cbc:TaxableAmount currencyID="SAR">900.00</cbc:TaxableAmount> // <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount> // <cac:TaxCategory> // <cbc:ID>S</cbc:ID> // <cbc:Percent>15</cbc:Percent> // <cac:TaxScheme> // <cbc:ID>VAT</cbc:ID> // </cac:TaxScheme> // </cac:TaxCategory> // </cac:TaxSubtotal> // </cac:TaxTotal> // <cac:TaxTotal> // <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount> // </cac:TaxTotal> // <cac:LegalMonetaryTotal> // <cbc:LineExtensionAmount currencyID="SAR">900.00</cbc:LineExtensionAmount> // <cbc:TaxExclusiveAmount currencyID="SAR">900.00</cbc:TaxExclusiveAmount> // <cbc:TaxInclusiveAmount currencyID="SAR">1035.00</cbc:TaxInclusiveAmount> // <cbc:AllowanceTotalAmount currencyID="SAR">0.00</cbc:AllowanceTotalAmount> // <cbc:PayableAmount currencyID="SAR">1035.00</cbc:PayableAmount> // </cac:LegalMonetaryTotal> // <cac:InvoiceLine> // <cbc:ID>1</cbc:ID> // <cbc:InvoicedQuantity unitCode="PCE">1</cbc:InvoicedQuantity> // <cbc:LineExtensionAmount currencyID="SAR">200.00</cbc:LineExtensionAmount> // <cac:TaxTotal> // <cbc:TaxAmount currencyID="SAR">30.00</cbc:TaxAmount> // <cbc:RoundingAmount currencyID="SAR">230.00</cbc:RoundingAmount> // </cac:TaxTotal> // <cac:Item> // <cbc:Name>Item A</cbc:Name> // <cac:ClassifiedTaxCategory> // <cbc:ID>S</cbc:ID> // <cbc:Percent>15</cbc:Percent> // <cac:TaxScheme> // <cbc:ID>VAT</cbc:ID> // </cac:TaxScheme> // </cac:ClassifiedTaxCategory> // </cac:Item> // <cac:Price> // <cbc:PriceAmount currencyID="SAR">200.00</cbc:PriceAmount> // </cac:Price> // </cac:InvoiceLine> // <cac:InvoiceLine> // <cbc:ID>2</cbc:ID> // <cbc:InvoicedQuantity unitCode="PCE">2</cbc:InvoicedQuantity> // <cbc:LineExtensionAmount currencyID="SAR">700.00</cbc:LineExtensionAmount> // <cac:TaxTotal> // <cbc:TaxAmount currencyID="SAR">105.00</cbc:TaxAmount> // <cbc:RoundingAmount currencyID="SAR">805.00</cbc:RoundingAmount> // </cac:TaxTotal> // <cac:Item> // <cbc:Name>Item B</cbc:Name> // <cac:ClassifiedTaxCategory> // <cbc:ID>S</cbc:ID> // <cbc:Percent>15</cbc:Percent> // <cac:TaxScheme> // <cbc:ID>VAT</cbc:ID> // </cac:TaxScheme> // </cac:ClassifiedTaxCategory> // </cac:Item> // <cac:Price> // <cbc:PriceAmount currencyID="SAR">350.00</cbc:PriceAmount> // </cac:Price> // </cac:InvoiceLine> // </Invoice> gen = CkXmlDSigGenW_Create(); CkXmlDSigGenW_putSigLocation(gen,L"Invoice|ext:UBLExtensions|ext:UBLExtension|ext:ExtensionContent|sig:UBLDocumentSignatures|sac:SignatureInformation"); CkXmlDSigGenW_putSigLocationMod(gen,0); CkXmlDSigGenW_putSigId(gen,L"signature"); CkXmlDSigGenW_putSigNamespacePrefix(gen,L"ds"); CkXmlDSigGenW_putSigNamespaceUri(gen,L"http://www.w3.org/2000/09/xmldsig#"); CkXmlDSigGenW_putSignedInfoCanonAlg(gen,L"C14N_11"); CkXmlDSigGenW_putSignedInfoDigestMethod(gen,L"sha256"); // Create an Object to be added to the Signature. object1 = CkXmlW_Create(); CkXmlW_putTag(object1,L"xades:QualifyingProperties"); CkXmlW_AddAttribute(object1,L"xmlns:xades",L"http://uri.etsi.org/01903/v1.3.2#"); CkXmlW_AddAttribute(object1,L"Target",L"signature"); CkXmlW_UpdateAttrAt(object1,L"xades:SignedProperties",TRUE,L"Id",L"xadesSignedProperties"); CkXmlW_UpdateChildContent(object1,L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime",L"TO BE GENERATED BY CHILKAT"); CkXmlW_UpdateAttrAt(object1,L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod",TRUE,L"Algorithm",L"http://www.w3.org/2001/04/xmlenc#sha256"); CkXmlW_UpdateChildContent(object1,L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue",L"TO BE GENERATED BY CHILKAT"); CkXmlW_UpdateChildContent(object1,L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName",L"TO BE GENERATED BY CHILKAT"); CkXmlW_UpdateChildContent(object1,L"xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber",L"TO BE GENERATED BY CHILKAT"); CkXmlDSigGenW_AddObject(gen,L"",CkXmlW_getXml(object1),L"",L""); // -------- Reference 1 -------- xml1 = CkXmlW_Create(); CkXmlW_putTag(xml1,L"ds:Transforms"); CkXmlW_UpdateAttrAt(xml1,L"ds:Transform",TRUE,L"Algorithm",L"http://www.w3.org/TR/1999/REC-xpath-19991116"); CkXmlW_UpdateChildContent(xml1,L"ds:Transform|ds:XPath",L"not(//ancestor-or-self::ext:UBLExtensions)"); CkXmlW_UpdateAttrAt(xml1,L"ds:Transform[1]",TRUE,L"Algorithm",L"http://www.w3.org/TR/1999/REC-xpath-19991116"); CkXmlW_UpdateChildContent(xml1,L"ds:Transform[1]|ds:XPath",L"not(//ancestor-or-self::cac:Signature)"); CkXmlW_UpdateAttrAt(xml1,L"ds:Transform[2]",TRUE,L"Algorithm",L"http://www.w3.org/TR/1999/REC-xpath-19991116"); CkXmlW_UpdateChildContent(xml1,L"ds:Transform[2]|ds:XPath",L"not(//ancestor-or-self::cac:AdditionalDocumentReference[cbc:ID='QR'])"); CkXmlW_UpdateAttrAt(xml1,L"ds:Transform[3]",TRUE,L"Algorithm",L"http://www.w3.org/2006/12/xml-c14n11"); CkXmlDSigGenW_AddSameDocRef2(gen,L"",L"sha256",xml1,L""); CkXmlDSigGenW_SetRefIdAttr(gen,L"",L"invoiceSignedData"); // -------- Reference 2 -------- CkXmlDSigGenW_AddObjectRef(gen,L"xadesSignedProperties",L"sha256",L"",L"",L"http://www.w3.org/2000/09/xmldsig#SignatureProperties"); // Provide a certificate + private key. (PFX password is test123) certFromPfx = CkCertW_Create(); success = CkCertW_LoadPfxFile(certFromPfx,L"qa_data/pfx/cert_test123.pfx",L"test123"); if (success != TRUE) { wprintf(L"%s\n",CkCertW_lastErrorText(certFromPfx)); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); return; } // Alternatively, if your certificate and private key are in separate PEM files, do this: cert = CkCertW_Create(); success = CkCertW_LoadFromFile(cert,L"qa_data/zatca/cert.pem"); if (success != TRUE) { wprintf(L"%s\n",CkCertW_lastErrorText(cert)); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); CkCertW_Dispose(cert); return; } wprintf(L"%s\n",CkCertW_subjectCN(cert)); // Load the private key. privKey = CkPrivateKeyW_Create(); success = CkPrivateKeyW_LoadPemFile(privKey,L"qa_data/zatca/ec-secp256k1-priv-key.pem"); if (success != TRUE) { wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey)); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); CkCertW_Dispose(cert); CkPrivateKeyW_Dispose(privKey); return; } wprintf(L"Key Type: %s\n",CkPrivateKeyW_keyType(privKey)); // Associate the private key with the certificate. success = CkCertW_SetPrivateKey(cert,privKey); if (success != TRUE) { wprintf(L"%s\n",CkCertW_lastErrorText(cert)); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); CkCertW_Dispose(cert); CkPrivateKeyW_Dispose(privKey); return; } // The certificate passed to SetX509Cert must have an associated private key. // If the cert was loaded from a PFX, then it should automatically has an associated private key. // If the cert was loaded from PEM, then the private key was explicitly associated as shown above. success = CkXmlDSigGenW_SetX509Cert(gen,cert,TRUE); if (success != TRUE) { wprintf(L"%s\n",CkXmlDSigGenW_lastErrorText(gen)); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); CkCertW_Dispose(cert); CkPrivateKeyW_Dispose(privKey); return; } CkXmlDSigGenW_putKeyInfoType(gen,L"X509Data"); CkXmlDSigGenW_putX509Type(gen,L"Certificate"); // ---------------- This is important ----------------------------------------- // Starting in Chilkat v9.5.0.92, add the "ZATCA" behavior to produce the format required by ZATCA. CkXmlDSigGenW_putBehaviors(gen,L"IndentedSignature,TransformSignatureXPath,ZATCA"); // ---------------------------------------------------------------------------- // Sign the XML... success = CkXmlDSigGenW_CreateXmlDSigSb(gen,sbXml); if (success != TRUE) { wprintf(L"%s\n",CkXmlDSigGenW_lastErrorText(gen)); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); CkCertW_Dispose(cert); CkPrivateKeyW_Dispose(privKey); return; } // ----------------------------------------------- // Save the signed XML to a file. success = CkStringBuilderW_WriteFile(sbXml,L"qa_output/signedXml.xml",L"utf-8",FALSE); wprintf(L"%s\n",CkStringBuilderW_getAsString(sbXml)); // ---------------------------------------- // Verify the signatures we just produced... verifier = CkXmlDSigW_Create(); success = CkXmlDSigW_LoadSignatureSb(verifier,sbXml); if (success != TRUE) { wprintf(L"%s\n",CkXmlDSigW_lastErrorText(verifier)); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); CkCertW_Dispose(cert); CkPrivateKeyW_Dispose(privKey); CkXmlDSigW_Dispose(verifier); return; } // ---------------- This is important ----------------------------------------- // Starting in Chilkat v9.5.0.92, specify "ZATCA" in uncommon options // to validate signed XML according to ZATCA needs. // ---------------------------------------------------------------------------- CkXmlDSigW_putUncommonOptions(verifier,L"ZATCA"); numSigs = CkXmlDSigW_getNumSignatures(verifier); verifyIdx = 0; while (verifyIdx < numSigs) { CkXmlDSigW_putSelector(verifier,verifyIdx); verified = CkXmlDSigW_VerifySignature(verifier,TRUE); if (verified != TRUE) { wprintf(L"%s\n",CkXmlDSigW_lastErrorText(verifier)); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); CkCertW_Dispose(cert); CkPrivateKeyW_Dispose(privKey); CkXmlDSigW_Dispose(verifier); return; } verifyIdx = verifyIdx + 1; } wprintf(L"All signatures were successfully verified.\n"); CkStringBuilderW_Dispose(sbXml); CkXmlDSigGenW_Dispose(gen); CkXmlW_Dispose(object1); CkXmlW_Dispose(xml1); CkCertW_Dispose(certFromPfx); CkCertW_Dispose(cert); CkPrivateKeyW_Dispose(privKey); CkXmlDSigW_Dispose(verifier); } |
||||||
© 2000-2025 Chilkat Software, Inc. All Rights Reserved.