Sample code for 30+ languages & platforms
Classic ASP

Aadhaar Paperless Offline e-kyc

See more XML Digital Signatures Examples

Opens an encrypted .zip containing Aadhaar Paperless Offline e-KYC XML. Gets the XML and validates the digital signature. Then computes the hash for the mobile number and Email ID.

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' Open the .zip containing the Aadhaar Paperless Offline e-KYC XML.
' The .zip is encrypted using the "Share Phrase".
set zip = Server.CreateObject("Chilkat.Zip")
success = zip.OpenZip("qa_data/xml_dsig/offline_paperless_kyc.zip")
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( zip.LastErrorText) & "</pre>"
    Response.End
End If

' The .zip should contain 1 XML file.
set entry = Server.CreateObject("Chilkat.ZipEntry")
success = zip.EntryAt(0,entry)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( zip.LastErrorText) & "</pre>"
    Response.End
End If

' To get the contents, we need to specify the Share Phrase.
sharePhrase = "Lock@487"
zip.DecryptPassword = sharePhrase

set bdXml = Server.CreateObject("Chilkat.BinData")
' The XML file will be unzipped into the bdXml object.
success = entry.UnzipToBd(bdXml)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( entry.LastErrorText) & "</pre>"
    Response.End
End If

' First verify the XML digital signature.
set dsig = Server.CreateObject("Chilkat.XmlDSig")
success = dsig.LoadSignatureBd(bdXml)
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( dsig.LastErrorText) & "</pre>"
    Response.End
End If

' The UIDAI XML signature does not contain the KeyInfo, so we must load the uidai certificate
' and indicate that its public key is to be used for verifying the signature.
set cert = Server.CreateObject("Chilkat.Cert")
success = cert.LoadFromFile("qa_data/xml_dsig/uidai_auth_sign_prod_2023.cer")
If (success = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( cert.LastErrorText) & "</pre>"
    Response.End
End If

' Get the certificate's public key.
set pubKey = Server.CreateObject("Chilkat.PublicKey")
success = cert.GetPublicKey(pubKey)

success = dsig.SetPublicKey(pubKey)

' The XML in this example contains only 1 signature.
bVerifyReferenceDigests = 1
bVerified = dsig.VerifySignature(bVerifyReferenceDigests)
If (bVerified = 0) Then
    Response.Write "<pre>" & Server.HTMLEncode( dsig.LastErrorText) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( "The signature was not valid.") & "</pre>"
    Response.End
End If

Response.Write "<pre>" & Server.HTMLEncode( "The XML digital signature is valid.") & "</pre>"

' Let's compute the hash for the Mobile Number.

' 	Hashing logic for Mobile Number :
' 	Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number
' 	(Ref ID field contains last 4 digits).
' 
' 	Example :
' 	Mobile: 1234567890
' 	Aadhaar Number:XXXX XXXX 3632
' 	Passcode : Lock@487
' 	Hash: Sha256(Sha256(1234567890Lock@487))*2
' 	In case of Aadhaar number ends with Zero we will hashed one time.

set crypt = Server.CreateObject("Chilkat.Crypt2")
crypt.HashAlgorithm = "sha256"
crypt.EncodingMode = "hexlower"

strToHash = "1234567890Lock@487"
set bdHash = Server.CreateObject("Chilkat.BinData")
success = bdHash.AppendString(strToHash,"utf-8")

' Hash a number of times equal to the last digit of your Aadhaar number.
' If the Aadhaar number ends with 0, then hash one time.
' For this example, we'll just set the number of times to hash
' for the case where an Aadhaar number ends in "9"
numTimesToHash = 9

For i = 1 To numTimesToHash
    tmpStr = crypt.HashBdENC(bdHash)
    success = bdHash.Clear()
    success = bdHash.AppendString(tmpStr,"utf-8")
Next

Response.Write "<pre>" & Server.HTMLEncode( "Computed Mobile hash = " & bdHash.GetString("utf-8")) & "</pre>"

' Let's get the mobile hash stored in the XML and compare it with our computed hash.
set xml = Server.CreateObject("Chilkat.Xml")
success = xml.LoadBd(bdXml,1)
m_hash = xml.ChilkatPath("UidData|Poi|(m)")

Response.Write "<pre>" & Server.HTMLEncode( "Stored Mobile hash   = " & m_hash) & "</pre>"

' Now do the same thing for the email hash:

strToHash = "abc@gm.comLock@487"
success = bdHash.Clear()
success = bdHash.AppendString(strToHash,"utf-8")

For i = 1 To numTimesToHash
    tmpStr = crypt.HashBdENC(bdHash)
    success = bdHash.Clear()
    success = bdHash.AppendString(tmpStr,"utf-8")
Next

Response.Write "<pre>" & Server.HTMLEncode( "Computed Email hash = " & bdHash.GetString("utf-8")) & "</pre>"

e_hash = xml.ChilkatPath("UidData|Poi|(e)")
Response.Write "<pre>" & Server.HTMLEncode( "Stored Email hash   = " & e_hash) & "</pre>"

%>
</body>
</html>