Unicode C
Unicode C
Create ITIDA Signed JSON and Send to ETA (Egypt Tax Authority) Portal
See more Egypt ITIDA Examples
Demonstrates how to create a .p7s signature that fits Egypt's ITIDA requirements where Chilkat automatically does the ITIDA JSON canonicalization. Also shows the code to send to the ETA Portal.Chilkat Unicode C Downloads
#include <C_CkCrypt2W.h>
#include <C_CkCertW.h>
#include <C_CkJsonObjectW.h>
#include <C_CkStringBuilderW.h>
#include <C_CkHttpW.h>
#include <C_CkHttpRequestW.h>
#include <C_CkHttpResponseW.h>
void ChilkatSample(void)
{
BOOL success;
HCkCrypt2W crypt;
HCkCertW cert;
HCkJsonObjectW cmsOptions;
HCkJsonObjectW jsonSigningAttrs;
HCkJsonObjectW json;
const wchar_t *jsonToSign;
const wchar_t *sigBase64;
HCkStringBuilderW sbToSend;
const wchar_t *clientId;
const wchar_t *clientSecretKey;
HCkHttpW http;
HCkHttpRequestW req;
HCkHttpResponseW resp;
HCkJsonObjectW jsonToken;
const wchar_t *accessToken;
const wchar_t *jsonStr;
const wchar_t *url;
success = FALSE;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
crypt = CkCrypt2W_Create();
CkCrypt2W_putVerboseLogging(crypt,TRUE);
cert = CkCertW_Create();
CkCertW_putVerboseLogging(cert,TRUE);
// Set the smart card PIN, which will be needed for signing.
CkCertW_putSmartCardPin(cert,L"12345678");
// There are many ways to load the certificate.
// This example was created for a customer using an ePass2003 USB token.
// Assuming the USB token is the only source of a hardware-based private key..
success = CkCertW_LoadFromSmartcard(cert,L"");
if (success == FALSE) {
wprintf(L"%s\n",CkCertW_lastErrorText(cert));
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
return;
}
// Tell the crypt class to use this cert.
success = CkCrypt2W_SetSigningCert(crypt,cert);
if (success == FALSE) {
wprintf(L"%s\n",CkCrypt2W_lastErrorText(crypt));
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
return;
}
cmsOptions = CkJsonObjectW_Create();
// Setting "DigestData" causes OID 1.2.840.113549.1.7.5 (digestData) to be used.
CkJsonObjectW_UpdateBool(cmsOptions,L"DigestData",TRUE);
CkJsonObjectW_UpdateBool(cmsOptions,L"OmitAlgorithmIdNull",TRUE);
// Indicate that we are passing normal JSON and we want Chilkat do automatically
// do the ITIDA JSON canonicalization:
CkJsonObjectW_UpdateBool(cmsOptions,L"CanonicalizeITIDA",TRUE);
CkCrypt2W_putCmsOptions(crypt,CkJsonObjectW_emit(cmsOptions));
// The CadesEnabled property applies to all methods that create CMS/PKCS7 signatures.
// To create a CAdES-BES signature, set this property equal to true.
CkCrypt2W_putCadesEnabled(crypt,TRUE);
CkCrypt2W_putHashAlgorithm(crypt,L"sha256");
jsonSigningAttrs = CkJsonObjectW_Create();
CkJsonObjectW_UpdateInt(jsonSigningAttrs,L"contentType",1);
CkJsonObjectW_UpdateInt(jsonSigningAttrs,L"signingTime",1);
CkJsonObjectW_UpdateInt(jsonSigningAttrs,L"messageDigest",1);
CkJsonObjectW_UpdateInt(jsonSigningAttrs,L"signingCertificateV2",1);
CkCrypt2W_putSigningAttributes(crypt,CkJsonObjectW_emit(jsonSigningAttrs));
// By default, all the certs in the chain of authentication are included in the signature.
// If desired, we can choose to only include the signing certificate:
CkCrypt2W_putIncludeCertChain(crypt,FALSE);
// Pass a JSON document such as the following. Chilkat will do the ITIDA canonicalization.
// (It is the canonicalized JSON that gets signed.)
// {
// "issuer":{
// "address":{
// "branchID":"0",
// "country":"EG",
// "regionCity":"Cairo",
// "postalCode":"",
// "buildingNumber":"0",
// "street":"123rd Street",
// "governate":"GOVERNATE"
// },
// "type":"B",
// "id":"209999899",
// "name":"Xyz SAE"
// },
// "receiver":{
// "address":{
// "country":"EG",
// "regionCity":"CAIRO",
// "postalCode":"11435",
// "buildingNumber":"0",
// "street":"Autostrad Road Abc",
// "governate":"GOVERNATE"
// },
// "type":"B",
// "id":"999999999",
// "name":"XYZ EGYPT FOR TRADE"
// },
// "documentType":"I",
// "documentTypeVersion":"1.0",
// "dateTimeIssued":"2020-11-15T11:04:53Z",
// "taxpayerActivityCode":"1073",
// "internalID":"ZZZZ999",
// "purchaseOrderReference":"2009199918",
// "salesOrderReference":"",
// "payment":{
// "bankName":"",
// "bankAddress":"",
// "bankAccountNo":"",
// "bankAccountIBAN":"",
// "swiftCode":"",
// "terms":""
// },
// "delivery":{
// "approach":"",
// "packaging":"",
// "dateValidity":"",
// "exportPort":"",
// "countryOfOrigin":"EG",
// "grossWeight":0,
// "netWeight":0,
// "terms":""
// },
// "invoiceLines":[
// {
// "description":"CDM Widget 48GX99X12BA",
// "itemType":"GS1",
// "itemCode":"7622213335056",
// "unitType":"CS",
// "quantity":1.00,
// "unitValue":{
// "currencySold":"EGP",
// "amountEGP":588.67,
// "amountSold":0,
// "currencyExchangeRate":0
// },
// "salesTotal":588.67,
// "total":603.97,
// "valueDifference":0,
// "totalTaxableFees":0,
// "netTotal":529.8,
// "itemsDiscount":0,
// "discount":{
// "rate":10.00,
// "amount":58.87
// },
// "taxableItems":[
// {
// "taxType":"T1",
// "amount":74.17,
// "subType":"No sub",
// "rate":14.00
// }
// ],
// "internalCode":"9099994"
// }
// ],
// "totalSales":588.67,
// "totalSalesAmount":588.67,
// "totalDiscountAmount":58.87,
// "netAmount":529.80,
// "taxTotals":[
// {
// "taxType":"T1",
// "amount":74.17
// }
// ],
// "extraDiscountAmount":0,
// "totalItemsDiscountAmount":0,
// "totalAmount":603.97,
// }
// Build the above JSON..
// Use this online tool to generate code from sample JSON:
// Generate Code to Create JSON
json = CkJsonObjectW_Create();
CkJsonObjectW_UpdateString(json,L"issuer.address.branchID",L"0");
CkJsonObjectW_UpdateString(json,L"issuer.address.country",L"EG");
CkJsonObjectW_UpdateString(json,L"issuer.address.regionCity",L"Cairo");
CkJsonObjectW_UpdateString(json,L"issuer.address.postalCode",L"");
CkJsonObjectW_UpdateString(json,L"issuer.address.buildingNumber",L"0");
CkJsonObjectW_UpdateString(json,L"issuer.address.street",L"123rd Street");
CkJsonObjectW_UpdateString(json,L"issuer.address.governate",L"GOVERNATE");
CkJsonObjectW_UpdateString(json,L"issuer.type",L"B");
CkJsonObjectW_UpdateString(json,L"issuer.id",L"209999899");
CkJsonObjectW_UpdateString(json,L"issuer.name",L"Xyz SAE");
CkJsonObjectW_UpdateString(json,L"receiver.address.country",L"EG");
CkJsonObjectW_UpdateString(json,L"receiver.address.regionCity",L"CAIRO");
CkJsonObjectW_UpdateString(json,L"receiver.address.postalCode",L"11435");
CkJsonObjectW_UpdateString(json,L"receiver.address.buildingNumber",L"0");
CkJsonObjectW_UpdateString(json,L"receiver.address.street",L"Autostrad Road Abc");
CkJsonObjectW_UpdateString(json,L"receiver.address.governate",L"GOVERNATE");
CkJsonObjectW_UpdateString(json,L"receiver.type",L"B");
CkJsonObjectW_UpdateString(json,L"receiver.id",L"999999999");
CkJsonObjectW_UpdateString(json,L"receiver.name",L"XYZ EGYPT FOR TRADE");
CkJsonObjectW_UpdateString(json,L"documentType",L"I");
CkJsonObjectW_UpdateString(json,L"documentTypeVersion",L"1.0");
CkJsonObjectW_UpdateString(json,L"dateTimeIssued",L"2020-11-15T11:04:53Z");
CkJsonObjectW_UpdateString(json,L"taxpayerActivityCode",L"1073");
CkJsonObjectW_UpdateString(json,L"internalID",L"ZZZZ999");
CkJsonObjectW_UpdateString(json,L"purchaseOrderReference",L"2009199918");
CkJsonObjectW_UpdateString(json,L"salesOrderReference",L"");
CkJsonObjectW_UpdateString(json,L"payment.bankName",L"");
CkJsonObjectW_UpdateString(json,L"payment.bankAddress",L"");
CkJsonObjectW_UpdateString(json,L"payment.bankAccountNo",L"");
CkJsonObjectW_UpdateString(json,L"payment.bankAccountIBAN",L"");
CkJsonObjectW_UpdateString(json,L"payment.swiftCode",L"");
CkJsonObjectW_UpdateString(json,L"payment.terms",L"");
CkJsonObjectW_UpdateString(json,L"delivery.approach",L"");
CkJsonObjectW_UpdateString(json,L"delivery.packaging",L"");
CkJsonObjectW_UpdateString(json,L"delivery.dateValidity",L"");
CkJsonObjectW_UpdateString(json,L"delivery.exportPort",L"");
CkJsonObjectW_UpdateString(json,L"delivery.countryOfOrigin",L"EG");
CkJsonObjectW_UpdateInt(json,L"delivery.grossWeight",0);
CkJsonObjectW_UpdateInt(json,L"delivery.netWeight",0);
CkJsonObjectW_UpdateString(json,L"delivery.terms",L"");
CkJsonObjectW_UpdateString(json,L"invoiceLines[0].description",L"CDM Widget 48GX99X12BA");
CkJsonObjectW_UpdateString(json,L"invoiceLines[0].itemType",L"GS1");
CkJsonObjectW_UpdateString(json,L"invoiceLines[0].itemCode",L"7622213335056");
CkJsonObjectW_UpdateString(json,L"invoiceLines[0].unitType",L"CS");
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].quantity",L"1.00");
CkJsonObjectW_UpdateString(json,L"invoiceLines[0].unitValue.currencySold",L"EGP");
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].unitValue.amountEGP",L"588.67");
CkJsonObjectW_UpdateInt(json,L"invoiceLines[0].unitValue.amountSold",0);
CkJsonObjectW_UpdateInt(json,L"invoiceLines[0].unitValue.currencyExchangeRate",0);
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].salesTotal",L"588.67");
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].total",L"603.97");
CkJsonObjectW_UpdateInt(json,L"invoiceLines[0].valueDifference",0);
CkJsonObjectW_UpdateInt(json,L"invoiceLines[0].totalTaxableFees",0);
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].netTotal",L"529.8");
CkJsonObjectW_UpdateInt(json,L"invoiceLines[0].itemsDiscount",0);
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].discount.rate",L"10.00");
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].discount.amount",L"58.87");
CkJsonObjectW_UpdateString(json,L"invoiceLines[0].taxableItems[0].taxType",L"T1");
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].taxableItems[0].amount",L"74.17");
CkJsonObjectW_UpdateString(json,L"invoiceLines[0].taxableItems[0].subType",L"No sub");
CkJsonObjectW_UpdateNumber(json,L"invoiceLines[0].taxableItems[0].rate",L"14.00");
CkJsonObjectW_UpdateString(json,L"invoiceLines[0].internalCode",L"9099994");
CkJsonObjectW_UpdateNumber(json,L"totalSales",L"588.67");
CkJsonObjectW_UpdateNumber(json,L"totalSalesAmount",L"588.67");
CkJsonObjectW_UpdateNumber(json,L"totalDiscountAmount",L"58.87");
CkJsonObjectW_UpdateNumber(json,L"netAmount",L"529.80");
CkJsonObjectW_UpdateString(json,L"taxTotals[0].taxType",L"T1");
CkJsonObjectW_UpdateNumber(json,L"taxTotals[0].amount",L"74.17");
CkJsonObjectW_UpdateInt(json,L"extraDiscountAmount",0);
CkJsonObjectW_UpdateInt(json,L"totalItemsDiscountAmount",0);
CkJsonObjectW_UpdateNumber(json,L"totalAmount",L"603.97");
CkJsonObjectW_putEmitCompact(json,TRUE);
jsonToSign = CkJsonObjectW_emit(json);
// Create the CAdES-BES signature.
CkCrypt2W_putEncodingMode(crypt,L"base64");
// Make sure we sign the utf-8 byte representation of the JSON string
CkCrypt2W_putCharset(crypt,L"utf-8");
sigBase64 = CkCrypt2W_signStringENC(crypt,jsonToSign);
if (CkCrypt2W_getLastMethodSuccess(crypt) == FALSE) {
wprintf(L"%s\n",CkCrypt2W_lastErrorText(crypt));
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
CkJsonObjectW_Dispose(cmsOptions);
CkJsonObjectW_Dispose(jsonSigningAttrs);
CkJsonObjectW_Dispose(json);
return;
}
wprintf(L"Base64 signature:\n");
wprintf(L"%s\n",sigBase64);
// Insert the base64 signature into the JSON to be sent
CkJsonObjectW_UpdateString(json,L"signatures[0].signatureType",L"I");
CkJsonObjectW_UpdateString(json,L"signatures[0].value",sigBase64);
// Wrap the JSON in {"documents":[ ... ]}
sbToSend = CkStringBuilderW_Create();
CkStringBuilderW_Append(sbToSend,L"{\"documents\":[");
CkStringBuilderW_Append(sbToSend,CkJsonObjectW_emit(json));
CkStringBuilderW_Append(sbToSend,L"]}");
// ------------------------------------------------------------------------
// Get an access token using our client ID and client secret key
clientId = L"abc999ff-1234";
clientSecretKey = L"123fff22-1234-abcd";
http = CkHttpW_Create();
// Causes the Authorization: Basic header to be added..
CkHttpW_putLogin(http,clientId);
CkHttpW_putPassword(http,clientSecretKey);
CkHttpW_putBasicAuth(http,TRUE);
req = CkHttpRequestW_Create();
CkHttpRequestW_putHttpVerb(req,L"POST");
CkHttpRequestW_putPath(req,L"/connect/token");
CkHttpRequestW_putContentType(req,L"application/x-www-form-urlencoded");
CkHttpRequestW_AddParam(req,L"grant_type",L"client_credentials");
CkHttpRequestW_AddHeader(req,L"Connection",L"close");
CkHttpW_putAccept(http,L"application/json");
resp = CkHttpResponseW_Create();
success = CkHttpW_HttpReq(http,L"https://id.preprod.eta.gov.eg/connect/token",req,resp);
if (success == FALSE) {
wprintf(L"%s\n",CkHttpW_lastErrorText(http));
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
CkJsonObjectW_Dispose(cmsOptions);
CkJsonObjectW_Dispose(jsonSigningAttrs);
CkJsonObjectW_Dispose(json);
CkStringBuilderW_Dispose(sbToSend);
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
return;
}
CkHttpW_CloseAllConnections(http);
wprintf(L"Response status code: %d\n",CkHttpResponseW_getStatusCode(resp));
wprintf(L"Response body:\n");
wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));
if (CkHttpResponseW_getStatusCode(resp) != 200) {
wprintf(L"Failed.\n");
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
CkJsonObjectW_Dispose(cmsOptions);
CkJsonObjectW_Dispose(jsonSigningAttrs);
CkJsonObjectW_Dispose(json);
CkStringBuilderW_Dispose(sbToSend);
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
return;
}
jsonToken = CkJsonObjectW_Create();
success = CkJsonObjectW_Load(jsonToken,CkHttpResponseW_bodyStr(resp));
accessToken = CkJsonObjectW_stringOf(jsonToken,L"access_token");
wprintf(L"access_token = %s\n",accessToken);
// ------------------------------------------------------------------------
// Submit the signed JSON to the ETA (Egypt Tax Authority) Portal
// No longer sending basic authentication...
CkHttpW_putLogin(http,L"");
CkHttpW_putPassword(http,L"");
CkHttpW_putBasicAuth(http,FALSE);
// Setting the AuthToken property causes the "Authorization: Bearer <token>" header to be added to each request.
CkHttpW_putAuthToken(http,accessToken);
jsonStr = CkStringBuilderW_getAsString(sbToSend);
url = L"https://api.preprod.invoicing.eta.gov.eg/api/v1/documentsubmissions";
success = CkHttpW_HttpStr(http,L"POST",url,jsonStr,L"utf-8",L"application/json; charset=utf-8",resp);
if (success == FALSE) {
wprintf(L"%s\n",CkHttpW_lastErrorText(http));
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
CkJsonObjectW_Dispose(cmsOptions);
CkJsonObjectW_Dispose(jsonSigningAttrs);
CkJsonObjectW_Dispose(json);
CkStringBuilderW_Dispose(sbToSend);
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkJsonObjectW_Dispose(jsonToken);
return;
}
wprintf(L"Response status code: %d\n",CkHttpResponseW_getStatusCode(resp));
wprintf(L"Response body:\n");
wprintf(L"%s\n",CkHttpResponseW_bodyStr(resp));
CkCrypt2W_Dispose(crypt);
CkCertW_Dispose(cert);
CkJsonObjectW_Dispose(cmsOptions);
CkJsonObjectW_Dispose(jsonSigningAttrs);
CkJsonObjectW_Dispose(json);
CkStringBuilderW_Dispose(sbToSend);
CkHttpW_Dispose(http);
CkHttpRequestW_Dispose(req);
CkHttpResponseW_Dispose(resp);
CkJsonObjectW_Dispose(jsonToken);
}