DataFlex
DataFlex
Sign XML for Zakat, Tax and Customs Authority (ZATCA)
See more ZATCA Examples
Demonstrates how to sign XML for Zakat, Tax and Customs Authority (ZATCA).Chilkat DataFlex Downloads
Use ChilkatAx-win32.pkg
Procedure Test
Boolean iSuccess
Variant vSbXml
Handle hoSbXml
Handle hoGen
Handle hoObject1
Variant vXml1
Handle hoXml1
Variant vCert
FromPfx Handle hoCertFromPfx
Variant vCert
Handle hoCert
Variant vPrivKey
Handle hoPrivKey
Handle hoVerifier
Integer iNumSigs
Integer iVerifyIdx
Boolean iVerified
String sTemp1
Move False To iSuccess
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Move True To iSuccess
// Load XML to be signed...
Get Create (RefClass(cComChilkatStringBuilder)) To hoSbXml
If (Not(IsComObjectCreated(hoSbXml))) Begin
Send CreateComObject of hoSbXml
End
Get ComLoadFile Of hoSbXml "qa_data/xml_dsig_valid_samples/UBL_Saudi_ZATCA_Zakat_Tax_and_Customs_Authority_toBeSigned.xml" "utf-8" To iSuccess
If (iSuccess = False) Begin
Showln "Failed to load XML file to be signed."
Procedure_Return
End
// Loads XML containing the following (with data modified from the original sample).
// <?xml version="1.0" encoding="UTF-8"?>
// <Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:ext="urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2"><ext:UBLExtensions>
// <ext:UBLExtension>
// <ext:ExtensionURI>urn:oasis:names:specification:ubl:dsig:enveloped:xades</ext:ExtensionURI>
// <ext:ExtensionContent>
// <sig:UBLDocumentSignatures xmlns:sig="urn:oasis:names:specification:ubl:schema:xsd:CommonSignatureComponents-2" xmlns:sac="urn:oasis:names:specification:ubl:schema:xsd:SignatureAggregateComponents-2" xmlns:sbc="urn:oasis:names:specification:ubl:schema:xsd:SignatureBasicComponents-2">
// <sac:SignatureInformation>
// <cbc:ID>urn:oasis:names:specification:ubl:signature:1</cbc:ID>
// <sbc:ReferencedSignatureID>urn:oasis:names:specification:ubl:signature:Invoice</sbc:ReferencedSignatureID>
//
// </sac:SignatureInformation>
// </sig:UBLDocumentSignatures>
// </ext:ExtensionContent>
// </ext:UBLExtension>
// </ext:UBLExtensions>
//
// <cbc:ProfileID>reporting:1.0</cbc:ProfileID>
// <cbc:ID>100</cbc:ID>
// <cbc:UUID>3cf5ee18-ee25-44ea-a444-2c37ba7f28be</cbc:UUID>
// <cbc:IssueDate>2021-04-25</cbc:IssueDate>
// <cbc:IssueTime>15:30:00</cbc:IssueTime>
// <cbc:InvoiceTypeCode name="0100000">388</cbc:InvoiceTypeCode>
// <cbc:DocumentCurrencyCode>SAR</cbc:DocumentCurrencyCode>
// <cbc:TaxCurrencyCode>SAR</cbc:TaxCurrencyCode>
// <cbc:LineCountNumeric>2</cbc:LineCountNumeric>
// <cac:AdditionalDocumentReference>
// <cbc:ID>ICV</cbc:ID>
// <cbc:UUID>46531</cbc:UUID>
// </cac:AdditionalDocumentReference>
// <cac:AdditionalDocumentReference>
// <cbc:ID>PIH</cbc:ID>
// <cac:Attachment>
// <cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">NWZl......NTdlOQ==</cbc:EmbeddedDocumentBinaryObject>
// </cac:Attachment>
// </cac:AdditionalDocumentReference>
//
//
// <cac:AdditionalDocumentReference>
// <cbc:ID>QR</cbc:ID>
// <cac:Attachment>
// <cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">ARlBbC........FAau5g</cbc:EmbeddedDocumentBinaryObject>
// </cac:Attachment>
// </cac:AdditionalDocumentReference><cac:Signature>
// <cbc:ID>urn:oasis:names:specification:ubl:signature:Invoice</cbc:ID>
// <cbc:SignatureMethod>urn:oasis:names:specification:ubl:dsig:enveloped:xades</cbc:SignatureMethod>
// </cac:Signature><cac:AccountingSupplierParty>
// <cac:Party>
// <cac:PartyIdentification>
// <cbc:ID schemeID="MLS">123457890</cbc:ID>
// </cac:PartyIdentification>
// <cac:PostalAddress>
// <cbc:StreetName>King Abdulaziz Road</cbc:StreetName>
// <cbc:BuildingNumber>9999</cbc:BuildingNumber>
// <cbc:PlotIdentification>9999</cbc:PlotIdentification>
// <cbc:CitySubdivisionName>Al Amal</cbc:CitySubdivisionName>
// <cbc:CityName>Riyadh</cbc:CityName>
// <cbc:PostalZone>12643</cbc:PostalZone>
// <cbc:CountrySubentity>Riyadh Region</cbc:CountrySubentity>
// <cac:Country>
// <cbc:IdentificationCode>SA</cbc:IdentificationCode>
// </cac:Country>
// </cac:PostalAddress>
// <cac:PartyTaxScheme>
// <cbc:CompanyID>300099999900003</cbc:CompanyID>
// <cac:TaxScheme>
// <cbc:ID>VAT</cbc:ID>
// </cac:TaxScheme>
// </cac:PartyTaxScheme>
// <cac:PartyLegalEntity>
// <cbc:RegistrationName>Example Co. LTD</cbc:RegistrationName>
// </cac:PartyLegalEntity>
// </cac:Party>
// </cac:AccountingSupplierParty>
// <cac:AccountingCustomerParty>
// <cac:Party>
// <cac:PartyIdentification>
// <cbc:ID schemeID="SAG">123C12345678</cbc:ID>
// </cac:PartyIdentification>
// <cac:PostalAddress>
// <cbc:StreetName>King Abdullah Road</cbc:StreetName>
// <cbc:BuildingNumber>9999</cbc:BuildingNumber>
// <cbc:PlotIdentification>9999</cbc:PlotIdentification>
// <cbc:CitySubdivisionName>Al Mursalat</cbc:CitySubdivisionName>
// <cbc:CityName>Riyadh</cbc:CityName>
// <cbc:PostalZone>11564</cbc:PostalZone>
// <cbc:CountrySubentity>Riyadh Region</cbc:CountrySubentity>
// <cac:Country>
// <cbc:IdentificationCode>SA</cbc:IdentificationCode>
// </cac:Country>
// </cac:PostalAddress>
// <cac:PartyTaxScheme>
// <cac:TaxScheme>
// <cbc:ID>VAT</cbc:ID>
// </cac:TaxScheme>
// </cac:PartyTaxScheme>
// <cac:PartyLegalEntity>
// <cbc:RegistrationName>EXAMPLE MARKETS</cbc:RegistrationName>
// </cac:PartyLegalEntity>
// </cac:Party>
// </cac:AccountingCustomerParty>
// <cac:Delivery>
// <cbc:ActualDeliveryDate>2022-04-25</cbc:ActualDeliveryDate>
// </cac:Delivery>
// <cac:PaymentMeans>
// <cbc:PaymentMeansCode>42</cbc:PaymentMeansCode>
// </cac:PaymentMeans>
// <cac:TaxTotal>
// <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount>
// <cac:TaxSubtotal>
// <cbc:TaxableAmount currencyID="SAR">900.00</cbc:TaxableAmount>
// <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount>
// <cac:TaxCategory>
// <cbc:ID>S</cbc:ID>
// <cbc:Percent>15</cbc:Percent>
// <cac:TaxScheme>
// <cbc:ID>VAT</cbc:ID>
// </cac:TaxScheme>
// </cac:TaxCategory>
// </cac:TaxSubtotal>
// </cac:TaxTotal>
// <cac:TaxTotal>
// <cbc:TaxAmount currencyID="SAR">135.00</cbc:TaxAmount>
// </cac:TaxTotal>
// <cac:LegalMonetaryTotal>
// <cbc:LineExtensionAmount currencyID="SAR">900.00</cbc:LineExtensionAmount>
// <cbc:TaxExclusiveAmount currencyID="SAR">900.00</cbc:TaxExclusiveAmount>
// <cbc:TaxInclusiveAmount currencyID="SAR">1035.00</cbc:TaxInclusiveAmount>
// <cbc:AllowanceTotalAmount currencyID="SAR">0.00</cbc:AllowanceTotalAmount>
// <cbc:PayableAmount currencyID="SAR">1035.00</cbc:PayableAmount>
// </cac:LegalMonetaryTotal>
// <cac:InvoiceLine>
// <cbc:ID>1</cbc:ID>
// <cbc:InvoicedQuantity unitCode="PCE">1</cbc:InvoicedQuantity>
// <cbc:LineExtensionAmount currencyID="SAR">200.00</cbc:LineExtensionAmount>
// <cac:TaxTotal>
// <cbc:TaxAmount currencyID="SAR">30.00</cbc:TaxAmount>
// <cbc:RoundingAmount currencyID="SAR">230.00</cbc:RoundingAmount>
// </cac:TaxTotal>
// <cac:Item>
// <cbc:Name>Item A</cbc:Name>
// <cac:ClassifiedTaxCategory>
// <cbc:ID>S</cbc:ID>
// <cbc:Percent>15</cbc:Percent>
// <cac:TaxScheme>
// <cbc:ID>VAT</cbc:ID>
// </cac:TaxScheme>
// </cac:ClassifiedTaxCategory>
// </cac:Item>
// <cac:Price>
// <cbc:PriceAmount currencyID="SAR">200.00</cbc:PriceAmount>
// </cac:Price>
// </cac:InvoiceLine>
// <cac:InvoiceLine>
// <cbc:ID>2</cbc:ID>
// <cbc:InvoicedQuantity unitCode="PCE">2</cbc:InvoicedQuantity>
// <cbc:LineExtensionAmount currencyID="SAR">700.00</cbc:LineExtensionAmount>
// <cac:TaxTotal>
// <cbc:TaxAmount currencyID="SAR">105.00</cbc:TaxAmount>
// <cbc:RoundingAmount currencyID="SAR">805.00</cbc:RoundingAmount>
// </cac:TaxTotal>
// <cac:Item>
// <cbc:Name>Item B</cbc:Name>
// <cac:ClassifiedTaxCategory>
// <cbc:ID>S</cbc:ID>
// <cbc:Percent>15</cbc:Percent>
// <cac:TaxScheme>
// <cbc:ID>VAT</cbc:ID>
// </cac:TaxScheme>
// </cac:ClassifiedTaxCategory>
// </cac:Item>
// <cac:Price>
// <cbc:PriceAmount currencyID="SAR">350.00</cbc:PriceAmount>
// </cac:Price>
// </cac:InvoiceLine>
// </Invoice>
Get Create (RefClass(cComChilkatXmlDSigGen)) To hoGen
If (Not(IsComObjectCreated(hoGen))) Begin
Send CreateComObject of hoGen
End
Set ComSigLocation Of hoGen To "Invoice|ext:UBLExtensions|ext:UBLExtension|ext:ExtensionContent|sig:UBLDocumentSignatures|sac:SignatureInformation"
Set ComSigLocationMod Of hoGen To 0
Set ComSigId Of hoGen To "signature"
Set ComSigNamespacePrefix Of hoGen To "ds"
Set ComSigNamespaceUri Of hoGen To "http://www.w3.org/2000/09/xmldsig#"
Set ComSignedInfoCanonAlg Of hoGen To "C14N_11"
Set ComSignedInfoDigestMethod Of hoGen To "sha256"
// Create an Object to be added to the Signature.
Get Create (RefClass(cComChilkatXml)) To hoObject1
If (Not(IsComObjectCreated(hoObject1))) Begin
Send CreateComObject of hoObject1
End
Set ComTag Of hoObject1 To "xades:QualifyingProperties"
Get ComAddAttribute Of hoObject1 "xmlns:xades" "http://uri.etsi.org/01903/v1.3.2#" To iSuccess
Get ComAddAttribute Of hoObject1 "Target" "signature" To iSuccess
Get ComUpdateAttrAt Of hoObject1 "xades:SignedProperties" True "Id" "xadesSignedProperties" To iSuccess
Send ComUpdateChildContent To hoObject1 "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime" "TO BE GENERATED BY CHILKAT"
Get ComUpdateAttrAt Of hoObject1 "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod" True "Algorithm" "http://www.w3.org/2001/04/xmlenc#sha256" To iSuccess
Send ComUpdateChildContent To hoObject1 "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue" "TO BE GENERATED BY CHILKAT"
Send ComUpdateChildContent To hoObject1 "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName" "TO BE GENERATED BY CHILKAT"
Send ComUpdateChildContent To hoObject1 "xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber" "TO BE GENERATED BY CHILKAT"
Get ComGetXml Of hoObject1 To sTemp1
Get ComAddObject Of hoGen "" sTemp1 "" "" To iSuccess
// -------- Reference 1 --------
Get Create (RefClass(cComChilkatXml)) To hoXml1
If (Not(IsComObjectCreated(hoXml1))) Begin
Send CreateComObject of hoXml1
End
Set ComTag Of hoXml1 To "ds:Transforms"
Get ComUpdateAttrAt Of hoXml1 "ds:Transform" True "Algorithm" "http://www.w3.org/TR/1999/REC-xpath-19991116" To iSuccess
Send ComUpdateChildContent To hoXml1 "ds:Transform|ds:XPath" "not(//ancestor-or-self::ext:UBLExtensions)"
Get ComUpdateAttrAt Of hoXml1 "ds:Transform[1]" True "Algorithm" "http://www.w3.org/TR/1999/REC-xpath-19991116" To iSuccess
Send ComUpdateChildContent To hoXml1 "ds:Transform[1]|ds:XPath" "not(//ancestor-or-self::cac:Signature)"
Get ComUpdateAttrAt Of hoXml1 "ds:Transform[2]" True "Algorithm" "http://www.w3.org/TR/1999/REC-xpath-19991116" To iSuccess
Send ComUpdateChildContent To hoXml1 "ds:Transform[2]|ds:XPath" "not(//ancestor-or-self::cac:AdditionalDocumentReference[cbc:ID='QR'])"
Get ComUpdateAttrAt Of hoXml1 "ds:Transform[3]" True "Algorithm" "http://www.w3.org/2006/12/xml-c14n11" To iSuccess
Get pvComObject of hoXml1 to vXml1
Get ComAddSameDocRef2 Of hoGen "" "sha256" vXml1 "" To iSuccess
Get ComSetRefIdAttr Of hoGen "" "invoiceSignedData" To iSuccess
// -------- Reference 2 --------
Get ComAddObjectRef Of hoGen "xadesSignedProperties" "sha256" "" "" "http://www.w3.org/2000/09/xmldsig#SignatureProperties" To iSuccess
// Provide a certificate + private key. (PFX password is test123)
Get Create (RefClass(cComChilkatCert)) To hoCertFromPfx
If (Not(IsComObjectCreated(hoCertFromPfx))) Begin
Send CreateComObject of hoCertFromPfx
End
Get ComLoadPfxFile Of hoCertFromPfx "qa_data/pfx/cert_test123.pfx" "test123" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCertFromPfx To sTemp1
Showln sTemp1
Procedure_Return
End
// Alternatively, if your certificate and private key are in separate PEM files, do this:
Get Create (RefClass(cComChilkatCert)) To hoCert
If (Not(IsComObjectCreated(hoCert))) Begin
Send CreateComObject of hoCert
End
Get ComLoadFromFile Of hoCert "qa_data/zatca/cert.pem" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
Get ComSubjectCN Of hoCert To sTemp1
Showln sTemp1
// Load the private key.
Get Create (RefClass(cComChilkatPrivateKey)) To hoPrivKey
If (Not(IsComObjectCreated(hoPrivKey))) Begin
Send CreateComObject of hoPrivKey
End
Get ComLoadPemFile Of hoPrivKey "qa_data/zatca/ec-secp256k1-priv-key.pem" To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoPrivKey To sTemp1
Showln sTemp1
Procedure_Return
End
Get ComKeyType Of hoPrivKey To sTemp1
Showln "Key Type: " sTemp1
// Associate the private key with the certificate.
Get pvComObject of hoPrivKey to vPrivKey
Get ComSetPrivateKey Of hoCert vPrivKey To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoCert To sTemp1
Showln sTemp1
Procedure_Return
End
// The certificate passed to SetX509Cert must have an associated private key.
// If the cert was loaded from a PFX, then it should automatically has an associated private key.
// If the cert was loaded from PEM, then the private key was explicitly associated as shown above.
Get pvComObject of hoCert to vCert
Get ComSetX509Cert Of hoGen vCert True To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoGen To sTemp1
Showln sTemp1
Procedure_Return
End
Set ComKeyInfoType Of hoGen To "X509Data"
Set ComX509Type Of hoGen To "Certificate"
// ---------------- This is important -----------------------------------------
// Starting in Chilkat v9.5.0.92, add the "ZATCA" behavior to produce the format required by ZATCA.
Set ComBehaviors Of hoGen To "IndentedSignature,TransformSignatureXPath,ZATCA"
// ----------------------------------------------------------------------------
// Sign the XML...
Get pvComObject of hoSbXml to vSbXml
Get ComCreateXmlDSigSb Of hoGen vSbXml To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoGen To sTemp1
Showln sTemp1
Procedure_Return
End
// -----------------------------------------------
// Save the signed XML to a file.
Get ComWriteFile Of hoSbXml "qa_output/signedXml.xml" "utf-8" False To iSuccess
Get ComGetAsString Of hoSbXml To sTemp1
Showln sTemp1
// ----------------------------------------
// Verify the signatures we just produced...
Get Create (RefClass(cComChilkatXmlDSig)) To hoVerifier
If (Not(IsComObjectCreated(hoVerifier))) Begin
Send CreateComObject of hoVerifier
End
Get pvComObject of hoSbXml to vSbXml
Get ComLoadSignatureSb Of hoVerifier vSbXml To iSuccess
If (iSuccess <> True) Begin
Get ComLastErrorText Of hoVerifier To sTemp1
Showln sTemp1
Procedure_Return
End
// ---------------- This is important -----------------------------------------
// Starting in Chilkat v9.5.0.92, specify "ZATCA" in uncommon options
// to validate signed XML according to ZATCA needs.
// ----------------------------------------------------------------------------
Set ComUncommonOptions Of hoVerifier To "ZATCA"
Get ComNumSignatures Of hoVerifier To iNumSigs
Move 0 To iVerifyIdx
While (iVerifyIdx < iNumSigs)
Set ComSelector Of hoVerifier To iVerifyIdx
Get ComVerifySignature Of hoVerifier True To iVerified
If (iVerified <> True) Begin
Get ComLastErrorText Of hoVerifier To sTemp1
Showln sTemp1
Procedure_Return
End
Move (iVerifyIdx + 1) To iVerifyIdx
Loop
Showln "All signatures were successfully verified."
End_Procedure