(Unicode C) Sign Mexico Pedimento

Add a signature to a Mexico pedimento file.

Chilkat C/C++ Library Downloads
MS Visual C/C++ Linux/CentOS C/C++ Alpine Linux C/C++ MAC OS X C/C++	armhf/aarch64 C/C++ C++ Builder iOS C/C++ Android C/C++	Solaris C/C++ MinGW C/C++

#include <C_CkStringBuilderW.h>
#include <C_CkPrivateKeyW.h>
#include <C_CkXmlW.h>
#include <C_CkAsnW.h>
#include <C_CkRsaW.h>
#include <C_CkBinDataW.h>
#include <C_CkCertW.h>

void ChilkatSample(void)
    {
    BOOL success;
    BOOL bCRLF;
    HCkStringBuilderW sb;
    const wchar_t *md5_base64;
    HCkPrivateKeyW privKey;
    HCkXmlW xml;
    HCkAsnW asn;
    HCkRsaW rsa;
    HCkBinDataW bdSig;
    HCkCertW cert;
    const wchar_t *serialHex;
    HCkStringBuilderW sbSerial;
    int numReplaced;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // This is the contents before signing:

    // 500|1|3621|4199800|400||
    // 601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||
    // 507|4199800|IM|2006-7888">
    // 507|4199800|MS|2">
    // 800|4199800|1">
    // 801|M3621037.222|1|5|011|

    // This is the contents after signing

    // 500|1|3621|4199800|400||
    // 601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||
    // 507|4199800|IM|2006-7888">
    // 507|4199800|MS|2">
    // 800|4199800|1|fhP2Ker54D2+3+UZch23F0E72 .... 9qNSPIuAqpj524qLZbbA==|30001000000500003416|
    // 801|M3621037.222|1|5|011|

    // First create the text to be signed.
    bCRLF = TRUE;
    sb = CkStringBuilderW_Create();
    // Use CRLF line endings.
    CkStringBuilderW_AppendLine(sb,L"500|1|3621|4199800|400||",bCRLF);
    CkStringBuilderW_AppendLine(sb,L"601|3621|4199800|400|IN|1||EKU9003173C9|EKU9003173C9FRNN09|1||",bCRLF);
    CkStringBuilderW_AppendLine(sb,L"507|4199800|IM|2006-7888">",bCRLF);
    CkStringBuilderW_AppendLine(sb,L"507|4199800|MS|2">",bCRLF);

    // Generate the MD5 hash of what we have so far..
    md5_base64 = CkStringBuilderW_getHash(sb,L"md5",L"base64",L"utf-8");
    wprintf(L"MD5 hash = %s\n",md5_base64);

    // Complete the original file.
    // After signing, we'll update the BASE64_SIGNATURE and CERT_SERIAL
    CkStringBuilderW_AppendLine(sb,L"800|4199800|1|BASE64_SIGNATURE|CERT_SERIAL|",bCRLF);
    CkStringBuilderW_AppendLine(sb,L"801|M3621037.222|1|5|011|",bCRLF);

    // We're going to sign the MD5 hash using the private key.
    privKey = CkPrivateKeyW_Create();
    success = CkPrivateKeyW_LoadAnyFormatFile(privKey,L"qa_data/certs/mexico_test/Certificados_de_Prueba/Certificados_Pruebas/Personas Morales/EKU9003173C9_20230517223532/CSD_EKU9003173C9_20230517223903/CSD_Sucursal_1_EKU9003173C9_20230517_223850.key",L"12345678a");
    if (success == FALSE) {
        wprintf(L"%s\n",CkPrivateKeyW_lastErrorText(privKey));
        CkStringBuilderW_Dispose(sb);
        CkPrivateKeyW_Dispose(privKey);
        return;
    }

    // Generate the ASN.1 to be signed.

    // <sequence>
    //     <sequence>
    //         <oid>1.2.840.113549.2.5</oid>
    //         <null/>
    //     </sequence>
    //     <octets>SwxHfaJhG+N3pPqay6UzVA==</octets>
    // </sequence>

    xml = CkXmlW_Create();
    CkXmlW_putTag(xml,L"sequence");
    CkXmlW_UpdateChildContent(xml,L"sequence|oid",L"1.2.840.113549.2.5");
    CkXmlW_UpdateChildContent(xml,L"sequence|null",L"");
    CkXmlW_UpdateChildContent(xml,L"octets",md5_base64);

    asn = CkAsnW_Create();
    CkAsnW_LoadAsnXml(asn,CkXmlW_getXml(xml));
    wprintf(L"ASN.1 = %s\n",CkAsnW_getEncodedDer(asn,L"base64"));

    // Sign with the private key.
    rsa = CkRsaW_Create();
    success = CkRsaW_ImportPrivateKeyObj(rsa,privKey);
    if (success == FALSE) {
        wprintf(L"%s\n",CkRsaW_lastErrorText(rsa));
        CkStringBuilderW_Dispose(sb);
        CkPrivateKeyW_Dispose(privKey);
        CkXmlW_Dispose(xml);
        CkAsnW_Dispose(asn);
        CkRsaW_Dispose(rsa);
        return;
    }

    // Create the opaque signature.
    bdSig = CkBinDataW_Create();
    CkBinDataW_AppendEncoded(bdSig,CkAsnW_getEncodedDer(asn,L"base64"),L"base64");
    success = CkRsaW_OpenSslSignBd(rsa,bdSig);
    if (success == FALSE) {
        wprintf(L"%s\n",CkRsaW_lastErrorText(rsa));
        CkStringBuilderW_Dispose(sb);
        CkPrivateKeyW_Dispose(privKey);
        CkXmlW_Dispose(xml);
        CkAsnW_Dispose(asn);
        CkRsaW_Dispose(rsa);
        CkBinDataW_Dispose(bdSig);
        return;
    }

    // bd now contains the opaque signature, which embeds the ASN.1, which contains the MD5 hash.
    // We're going to add this line:
    // 800|4199800|1|BASE64_SIGNATURE|CERT_SERIAL_NUM|

    cert = CkCertW_Create();
    success = CkCertW_LoadFromFile(cert,L"qa_data/certs/mexico_test/Certificados_de_Prueba/Certificados_Pruebas/Personas Morales/EKU9003173C9_20230517223532/CSD_EKU9003173C9_20230517223903/CSD_Sucursal_1_EKU9003173C9_20230517_223850.cer");
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        CkStringBuilderW_Dispose(sb);
        CkPrivateKeyW_Dispose(privKey);
        CkXmlW_Dispose(xml);
        CkAsnW_Dispose(asn);
        CkRsaW_Dispose(rsa);
        CkBinDataW_Dispose(bdSig);
        CkCertW_Dispose(cert);
        return;
    }

    serialHex = CkCertW_serialNumber(cert);
    // The serial in hex form looks like this:   3330303031303030303030353030303033343136
    // Decode to us-ascii.
    sbSerial = CkStringBuilderW_Create();
    CkStringBuilderW_DecodeAndAppend(sbSerial,serialHex,L"hex",L"us-ascii");
    wprintf(L"serial number in us-ascii: %s\n",CkStringBuilderW_getAsString(sbSerial));

    numReplaced = CkStringBuilderW_Replace(sb,L"CERT_SERIAL",CkStringBuilderW_getAsString(sbSerial));
    numReplaced = CkStringBuilderW_Replace(sb,L"BASE64_SIGNATURE",CkBinDataW_getEncoded(bdSig,L"base64"));

    wprintf(L"------------------------------------\n");
    wprintf(L"Result:\n");
    wprintf(L"%s\n",CkStringBuilderW_getAsString(sb));


    CkStringBuilderW_Dispose(sb);
    CkPrivateKeyW_Dispose(privKey);
    CkXmlW_Dispose(xml);
    CkAsnW_Dispose(asn);
    CkRsaW_Dispose(rsa);
    CkBinDataW_Dispose(bdSig);
    CkCertW_Dispose(cert);
    CkStringBuilderW_Dispose(sbSerial);

    }