Visual FoxPro
Visual FoxPro
XML-DSig Add Object Reference with Transforms Specified Explicitly
Demonstrates how to use the new AddObjectRef2 method to explicitly specify the XML Transforms fragment.Chilkat Visual FoxPro Downloads
LOCAL lnSuccess
LOCAL loXmlToSign
LOCAL loGen
LOCAL loObject1
LOCAL loXml1
LOCAL loXml2
LOCAL loCert
LOCAL loSbXml
LOCAL loVerifier
LOCAL lnNumSigs
LOCAL lnVerifyIdx
LOCAL lnVerified
lnSuccess = 0
* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.
lnSuccess = 1
* Build the following XML to be signed:
* <?xml version="1.0" encoding="utf-8"?>
* <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
* <DocumentType>JPK</DocumentType>
* <Version>01.02.01.20160617</Version>
* <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">xxxx</EncryptionKey>
* <DocumentList>
* <Document>
* <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
* <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName>
* <ContentLength>8736</ContentLength>
* <HashValue algorithm="SHA-256" encoding="Base64">JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue>
* <FileSignatureList filesNumber="1">
* <Packaging>
* <SplitZip mode="zip" type="split"/>
* </Packaging>
* <Encryption>
* <AES block="16" mode="CBC" padding="PKCS#7" size="256">
* <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV>
* </AES>
* </Encryption>
* <FileSignature>
* <OrdinalNumber>1</OrdinalNumber>
* <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName>
* <ContentLength>16</ContentLength>
* <HashValue algorithm="MD5" encoding="Base64">5MX0q1935fvMjLFV7E1yDw==</HashValue>
* </FileSignature>
* </FileSignatureList>
* </Document>
* </DocumentList>
* </InitUpload>
* Use this online tool to generate code from sample XML:
* Generate Code to Create XML
loXmlToSign = CreateObject('Chilkat.Xml')
loXmlToSign.Tag = "InitUpload"
loXmlToSign.AddAttribute("xmlns","http://e-dokumenty.mf.gov.pl")
loXmlToSign.UpdateChildContent("DocumentType","JPK")
loXmlToSign.UpdateChildContent("Version","01.02.01.20160617")
loXmlToSign.UpdateAttrAt("EncryptionKey",1,"algorithm","RSA")
loXmlToSign.UpdateAttrAt("EncryptionKey",1,"encoding","Base64")
loXmlToSign.UpdateAttrAt("EncryptionKey",1,"mode","ECB")
loXmlToSign.UpdateAttrAt("EncryptionKey",1,"padding","PKCS#1")
loXmlToSign.UpdateChildContent("EncryptionKey","xxxx")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",1,"schemaVersion","1-1")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",1,"systemCode","JPK_VAT (3)")
loXmlToSign.UpdateChildContent("DocumentList|Document|FormCode","JPK_VAT")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileName","JPK_VAT_3_v1-1_20181201.xml")
loXmlToSign.UpdateChildContent("DocumentList|Document|ContentLength","8736")
loXmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",1,"algorithm","SHA-256")
loXmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",1,"encoding","Base64")
loXmlToSign.UpdateChildContent("DocumentList|Document|HashValue","JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList",1,"filesNumber","1")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",1,"mode","zip")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",1,"type","split")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",1,"block","16")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",1,"mode","CBC")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",1,"padding","PKCS#7")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",1,"size","256")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",1,"bytes","16")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",1,"encoding","Base64")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|Encryption|AES|IV","z64oN9zXHt1+S3XACRSCYw==")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber","1")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|FileName","JPK_VAT_3_v1-1_20181201-000.xml.zip.aes")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|ContentLength","16")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",1,"algorithm","MD5")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",1,"encoding","Base64")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|HashValue","5MX0q1935fvMjLFV7E1yDw==")
loGen = CreateObject('Chilkat.XmlDSigGen')
loGen.SigLocation = "InitUpload"
loGen.SigLocationMod = 0
loGen.SigId = "id-1234"
loGen.SigNamespacePrefix = "ds"
loGen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
loGen.SignedInfoCanonAlg = "EXCL_C14N"
loGen.SignedInfoDigestMethod = "sha256"
* Create an Object to be added to the Signature.
* <xades:QualifyingProperties Target="#id-1234" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#">
* <xades:SignedProperties Id="xades-id-1234">
* <xades:SignedSignatureProperties>
* <xades:SigningTime>TO BE GENERATED BY CHILKAT</xades:SigningTime>
* <xades:SigningCertificate>
* <xades:Cert>
* <xades:CertDigest>
* <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
* <ds:DigestValue>TO BE GENERATED BY CHILKAT</ds:DigestValue>
* </xades:CertDigest>
* <xades:IssuerSerial>
* <ds:X509IssuerName>TO BE GENERATED BY CHILKAT</ds:X509IssuerName>
* <ds:X509SerialNumber>TO BE GENERATED BY CHILKAT</ds:X509SerialNumber>
* </xades:IssuerSerial>
* </xades:Cert>
* </xades:SigningCertificate>
* </xades:SignedSignatureProperties>
* <xades:SignedDataObjectProperties>
* <xades:DataObjectFormat ObjectReference="#r-id-1">
* <xades:MimeType>text/xml</xades:MimeType>
* </xades:DataObjectFormat>
* </xades:SignedDataObjectProperties>
* </xades:SignedProperties>
* </xades:QualifyingProperties>
loObject1 = CreateObject('Chilkat.Xml')
loObject1.Tag = "xades:QualifyingProperties"
loObject1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#")
loObject1.AddAttribute("Target","#id-1234")
loObject1.UpdateAttrAt("xades:SignedProperties",1,"Id","xades-id-1234")
* Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT")
loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",1,"Algorithm","http://www.w3.org/2000/09/xmldsig#sha1")
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT")
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT")
loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",1,"ObjectReference","#r-id-1")
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","text/xml")
loGen.AddObject("",loObject1.GetXml(),"","")
* -------- Reference 1 --------
* Build the following Transforms fragment:
* <ds:Transforms>
* <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
* <ds:XPath>not(ancestor-or-self::ds:Signature)</ds:XPath>
* </ds:Transform>
* <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
* </ds:Transforms>
loXml1 = CreateObject('Chilkat.Xml')
loXml1.Tag = "ds:Transforms"
loXml1.UpdateAttrAt("ds:Transform",1,"Algorithm","http://www.w3.org/TR/1999/REC-xpath-19991116")
loXml1.UpdateChildContent("ds:Transform|ds:XPath","not(ancestor-or-self::ds:Signature)")
loXml1.UpdateAttrAt("ds:Transform[1]",1,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#")
loGen.AddSameDocRef2("","sha256",loXml1,"")
loGen.SetRefIdAttr("","r-id-1")
* -------- Reference 2 --------
* Build the following Transforms fragment:
* <ds:Transforms>
* <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
* </ds:Transforms>
loXml2 = CreateObject('Chilkat.Xml')
loXml2.Tag = "ds:Transforms"
loXml2.UpdateAttrAt("ds:Transform",1,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#")
loGen.AddObjectRef2("xades-id-1234","sha256",loXml2,"http://uri.etsi.org/01903#SignedProperties")
* Provide a certificate + private key. (PFX password is test123)
loCert = CreateObject('Chilkat.Cert')
lnSuccess = loCert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
IF (lnSuccess <> 1) THEN
? loCert.LastErrorText
RELEASE loXmlToSign
RELEASE loGen
RELEASE loObject1
RELEASE loXml1
RELEASE loXml2
RELEASE loCert
CANCEL
ENDIF
loGen.SetX509Cert(loCert,1)
loGen.KeyInfoType = "X509Data"
loGen.X509Type = "Certificate"
* Load XML to be signed...
loSbXml = CreateObject('Chilkat.StringBuilder')
loXmlToSign.GetXmlSb(loSbXml)
loGen.Behaviors = "IndentedSignature"
* Sign the XML...
lnSuccess = loGen.CreateXmlDSigSb(loSbXml)
IF (lnSuccess <> 1) THEN
? loGen.LastErrorText
RELEASE loXmlToSign
RELEASE loGen
RELEASE loObject1
RELEASE loXml1
RELEASE loXml2
RELEASE loCert
RELEASE loSbXml
CANCEL
ENDIF
* -----------------------------------------------
* Save the signed XML to a file.
lnSuccess = loSbXml.WriteFile("qa_output/signedXml.xml","utf-8",0)
? loSbXml.GetAsString()
* ----------------------------------------
* Verify the signatures we just produced...
loVerifier = CreateObject('Chilkat.XmlDSig')
lnSuccess = loVerifier.LoadSignatureSb(loSbXml)
IF (lnSuccess <> 1) THEN
? loVerifier.LastErrorText
RELEASE loXmlToSign
RELEASE loGen
RELEASE loObject1
RELEASE loXml1
RELEASE loXml2
RELEASE loCert
RELEASE loSbXml
RELEASE loVerifier
CANCEL
ENDIF
lnNumSigs = loVerifier.NumSignatures
lnVerifyIdx = 0
DO WHILE lnVerifyIdx < lnNumSigs
loVerifier.Selector = lnVerifyIdx
lnVerified = loVerifier.VerifySignature(1)
IF (lnVerified <> 1) THEN
? loVerifier.LastErrorText
RELEASE loXmlToSign
RELEASE loGen
RELEASE loObject1
RELEASE loXml1
RELEASE loXml2
RELEASE loCert
RELEASE loSbXml
RELEASE loVerifier
CANCEL
ENDIF
lnVerifyIdx = lnVerifyIdx + 1
ENDDO
? "All signatures were successfully verified."
RELEASE loXmlToSign
RELEASE loGen
RELEASE loObject1
RELEASE loXml1
RELEASE loXml2
RELEASE loCert
RELEASE loSbXml
RELEASE loVerifier