Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(Xojo Plugin) ZATCA QR Code TLV Encoding and ECDSA Cryptographic StampSee more ZATCA ExamplesDemonstrates how to create the TLV encoding of the QR code fields, then apply the ECDSA signature and ECDSA public key, and finally insert into the previously signed XML E-Invoice. Note: This example requires Chilkat v9.5.0.92 or greater.
// This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // In Step 1, we applied a signature to an e-invoice Zakat, Tax and Customs Authority (ZATCA) of Saudi Arabia // This example is Step 2, where we compose the TLV encoding of the QR code, apply the ECDSA signature, and then insert into the signed XML without disturbing the signed XML. Dim success As Boolean // Construct TLV (Tag-Length-Value) encoding of the QR data. // We have 5 pieces of data: Seller Name, VAT Number, Time Stamp, Invoice Total, and VAT Total. // For example: Dim sellerName As String sellerName = "Firoz Ashraf" Dim vatNumber As String vatNumber = "1234567891" // The timestamp in QR Code should be based on Invoice Issue Time (KSA-25) and Invoice Issue Date (BT-2). // It can either be in format YYYY-MM-DD'T'HH:MM:SS (for local time in KSA) or YYYY-MM-DD'T'HH:MM:SS'Z' (for UTC time or Zulu time) // Get the current UTC date/time in this format: YYYY-MM-DD'T'HH:MM:SS'Z' Dim dt As New Chilkat.CkDateTime success = dt.SetFromCurrentSystemTime() Dim timeStamp As String timeStamp = dt.GetAsTimestamp(False) Dim invoiceTotal As String invoiceTotal = "100.00" Dim vatTotal As String vatTotal = "15.00" // TLV encode into a Chilkat BinData object. Dim bdTlv As New Chilkat.BinData Dim charset As String charset = "utf-8" Dim tag As Int32 tag = 1 success = bdTlv.AppendByte(tag) success = bdTlv.AppendCountedString(1,False,sellerName,charset) tag = tag + 1 // This is tag 2 success = bdTlv.AppendByte(tag) success = bdTlv.AppendCountedString(1,False,vatNumber,charset) tag = tag + 1 // This is tag 3 success = bdTlv.AppendByte(tag) success = bdTlv.AppendCountedString(1,False,timeStamp,charset) tag = tag + 1 // This is tag 4 success = bdTlv.AppendByte(tag) success = bdTlv.AppendCountedString(1,False,invoiceTotal,charset) tag = tag + 1 // This is tag 5 success = bdTlv.AppendByte(tag) success = bdTlv.AppendCountedString(1,False,vatTotal,charset) // ---------------------------------------------------------------------------------------------------------------------------------------------- // For tag 6, we need the SHA256 hash from the signed XML. This is the DigestValue as shown in the fragment of the XML Signature below: // <ds:Reference Id="invoiceSignedData" URI=""> // <ds:Transforms> // <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> // <ds:XPath>not(//ancestor-or-self::ext:UBLExtensions)</ds:XPath> // </ds:Transform> // <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> // <ds:XPath>not(//ancestor-or-self::cac:Signature)</ds:XPath> // </ds:Transform> // <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> // <ds:XPath>not(//ancestor-or-self::cac:AdditionalDocumentReference[cbc:ID='QR'])</ds:XPath> // </ds:Transform> // <ds:Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/> // </ds:Transforms> // <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> // <ds:DigestValue>zCp+kF1qzNgXD6AhLq69/CYCklMFSXUmmVPbm4v/76U=</ds:DigestValue> // </ds:Reference> // To get this information, we'll need to load the signed XML into a Chilkat XML object, and then access it. // Load the XML we previously signed... Dim signedXmlFilePath As String signedXmlFilePath = "qa_data/zatca/testing/SignedXML.xml" Dim xmlSigned As New Chilkat.Xml success = xmlSigned.LoadXmlFile(signedXmlFilePath) If (success = False) Then System.DebugLog(xmlSigned.LastErrorText) Return End If // digestValue is a base64 string. Dim sbDigestValue As New Chilkat.StringBuilder success = xmlSigned.GetChildContentSb("ext:UBLExtensions|ext:UBLExtension|ext:ExtensionContent|sig:UBLDocumentSignatures|sac:SignatureInformation|ds:Signature|ds:SignedInfo|ds:Reference[0]|ds:DigestValue",sbDigestValue) If (success = False) Then System.DebugLog("Failed to get DigestValue from signed XML.") Return End If System.DebugLog("DigestValue = " + sbDigestValue.GetAsString()) // Append the DigestValue base64 string to the TLV. tag = 6 success = bdTlv.AppendByte(tag) success = bdTlv.AppendByte(sbDigestValue.Length) success = bdTlv.AppendSb(sbDigestValue,"utf-8") // ---------------------------------------------------------------------------------------------------------------------------------------------- // Tag 7 will contain the <ds:Signature> value from the signed XML. // PS> To get the XML path passed to GetChildContentSb, you can copy/paste the signed XML into Chilkat's online tool at https://tools.chilkat.io/xmlParse // The parsing code that is generated by the online tool will reveal the required path to the element in the XML. Dim sbSignatureValue As New Chilkat.StringBuilder success = xmlSigned.GetChildContentSb("ext:UBLExtensions|ext:UBLExtension|ext:ExtensionContent|sig:UBLDocumentSignatures|sac:SignatureInformation|ds:Signature|ds:SignatureValue",sbSignatureValue) If (success = False) Then System.DebugLog("Failed to get SignatureValue from signed XML.") Return End If System.DebugLog("SignatureValue = " + sbSignatureValue.GetAsString()) // Append the SignatureValue base64 string to the TLV. tag = 7 success = bdTlv.AppendByte(tag) success = bdTlv.AppendByte(sbSignatureValue.Length) success = bdTlv.AppendSb(sbSignatureValue,"utf-8") // ---------------------------------------------------------------------------------------------------------------------------------------------- // Tag 8 will contain the public key of the signing certificate. // The signing certificate is available within the signed XML at <ds:X509Certificate>. Dim x509Certificate As String x509Certificate = xmlSigned.GetChildContent("ext:UBLExtensions|ext:UBLExtension|ext:ExtensionContent|sig:UBLDocumentSignatures|sac:SignatureInformation|ds:Signature|ds:KeyInfo|ds:X509Data|ds:X509Certificate") If (xmlSigned.LastMethodSuccess = False) Then System.DebugLog("Failed to get X509Certificate from the signed XML.") Return End If Dim cert As New Chilkat.Cert success = cert.SetFromEncoded(x509Certificate) If (success = False) Then System.DebugLog("Failed to load signing certificate from base64.") Return End If // We want to get the cert's public key bytes having this ASN.1 format. // SEQUENCE (2 elem) // SEQUENCE (2 elem) // OBJECT IDENTIFIER 1.2.840.10045.2.1 ecPublicKey (ANSI X9.62 public key type) // OBJECT IDENTIFIER 1.3.132.0.10 secp256k1 (SECG (Certicom) named elliptic curve) // BIT STRING (520 bit) 0000010001110000110111000001111110100110101110110101111000110001110100 // Note: The cert.GetPubKeyDer method was added in Chilkat v9.5.0.92 Dim bdPubKey As New Chilkat.BinData success = cert.GetPubKeyDer(True,bdPubKey) If (success = False) Then System.DebugLog("Failed to get certificate's public key.") Return End If // We want to add the binary bytes of the public key (not the base64 string) to the QR code. tag = 8 success = bdTlv.AppendByte(tag) success = bdTlv.AppendByte(bdPubKey.NumBytes) success = bdTlv.AppendBd(bdPubKey) // Show the public key in base64 format: System.DebugLog("Certificate public key:") System.DebugLog(bdPubKey.GetEncoded("base64")) // ---------------------------------------------------------------------------------------------------------------------------------------------- // Tag 9 will contain the signature contained in the signing certificate. // Note: The cert.GetPubKeyDer method was added in Chilkat v9.5.0.92 Dim bdCertSig As New Chilkat.BinData success = cert.GetSignature(bdCertSig) If (success = False) Then System.DebugLog("Failed to get certificate's signature.") Return End If // We want to add the binary bytes of the signature (not the base64 string) to the QR code. tag = 9 success = bdTlv.AppendByte(tag) success = bdTlv.AppendByte(bdCertSig.NumBytes) success = bdTlv.AppendBd(bdCertSig) // Show the cert's signature in hex format: System.DebugLog("Certificate signature:") System.DebugLog(bdCertSig.GetEncoded("hex")) // ---------------------------------------------------------------------------------------------------------------------------------------------- // At this point the full QR code is contained in bdTlv. // Get it as a base64 string Dim qr_base64 As String qr_base64 = bdTlv.GetEncoded("base64") System.DebugLog("QR: " + qr_base64) // ---------------------------------------------------------------------------------------------------------------------------------------------- // Insert the QR XML fragment into the previously signed XML -- without disturbing (invalidating) the signature. // We need to build and insert the following XML fragment under the // as a cac:AdditionalDocumentReference just before the "<cac:Signature>" opening tag. // <cac:AdditionalDocumentReference> // <cbc:ID>QR</cbc:ID> // <cac:Attachment> // <cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">BASE64_TLV_CONTENT</cbc:EmbeddedDocumentBinaryObject> // </cac:Attachment> // </cac:AdditionalDocumentReference> Dim xmlQR As New Chilkat.Xml xmlQR.Tag = "cac:AdditionalDocumentReference" xmlQR.UpdateChildContent "cbc:ID","QR" success = xmlQR.UpdateAttrAt("cac:Attachment|cbc:EmbeddedDocumentBinaryObject",True,"mimeCode","text/plain") xmlQR.UpdateChildContent "cac:Attachment|cbc:EmbeddedDocumentBinaryObject",bdTlv.GetEncoded("base64") // Load our previously signed XML into a Chilkat StringBuilder. // We should not load the previously signed XML into a Chilkat XML object because the XML gets loaded into an internal DOM (Document Object Model). // When re-emitted from the DOM, formatting can change and it would break the XML signature. // Therefore, we must load into a StringBuilder and insert the new fragment without disturbing the remainder. // The inserted fragment is ignored because the following transform was included in the XML signature reference: // <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> // <ds:XPath>not(//ancestor-or-self::cac:AdditionalDocumentReference[cbc:ID='QR'])</ds:XPath> // </ds:Transform> Dim sbSignedXml As New Chilkat.StringBuilder success = sbSignedXml.LoadFile(signedXmlFilePath,"utf-8") If (success = False) Then System.DebugLog("Failed to load previously signed XML file.") Return End If Dim sbReplaceStr As New Chilkat.StringBuilder xmlQR.EmitXmlDecl = False xmlQR.EmitCompact = True success = sbReplaceStr.Append(xmlQR.GetXml()) success = sbReplaceStr.Append("<cac:Signature>") success = sbSignedXml.ReplaceFirst("<cac:Signature>",sbReplaceStr.GetAsString()) If (success = False) Then System.DebugLog("Did not find <cac:Signature> in the signed XML") Return End If // Save the updated signed XML. success = sbSignedXml.WriteFile("qa_output/signedXML_withQR.xml","utf-8",False) // ---------------------------------------- // Verify the updated signed XML to make sure we didn't invalidate the signature... Dim verifier As New Chilkat.XmlDSig success = verifier.LoadSignatureSb(sbSignedXml) If (success <> True) Then System.DebugLog(verifier.LastErrorText) Return End If // ---------------- This is important ----------------------------------------- // Starting in Chilkat v9.5.0.92, specify "ZATCA" in uncommon options // to validate signed XML according to ZATCA needs. // ---------------------------------------------------------------------------- verifier.UncommonOptions = "ZATCA" Dim numSigs As Int32 numSigs = verifier.NumSignatures Dim verifyIdx As Int32 verifyIdx = 0 While verifyIdx < numSigs verifier.Selector = verifyIdx Dim verified As Boolean verified = verifier.VerifySignature(True) If (verified <> True) Then System.DebugLog(verifier.LastErrorText) Return End If verifyIdx = verifyIdx + 1 Wend System.DebugLog("All signatures were successfully verified.") |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.