Sample code for 30+ languages & platforms
Visual FoxPro

XML-DSig Add Object Reference with Transforms Specified Explicitly

Demonstrates how to use the new AddObjectRef2 method to explicitly specify the XML Transforms fragment.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL loXmlToSign
LOCAL loGen
LOCAL loObject1
LOCAL loXml1
LOCAL loXml2
LOCAL loCert
LOCAL loSbXml
LOCAL loVerifier
LOCAL lnNumSigs
LOCAL lnVerifyIdx
LOCAL lnVerified

lnSuccess = 0

* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

lnSuccess = 1

* Build the following XML to be signed:

* <?xml version="1.0" encoding="utf-8"?>
* <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
*     <DocumentType>JPK</DocumentType>
*     <Version>01.02.01.20160617</Version>
*     <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">xxxx</EncryptionKey>
*     <DocumentList>
*         <Document>
*             <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
*             <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName>
*             <ContentLength>8736</ContentLength>
*             <HashValue algorithm="SHA-256" encoding="Base64">JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue>
*             <FileSignatureList filesNumber="1">
*                 <Packaging>
*                     <SplitZip mode="zip" type="split"/>
*                 </Packaging>
*                 <Encryption>
*                     <AES block="16" mode="CBC" padding="PKCS#7" size="256">
*                         <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV>
*                     </AES>
*                 </Encryption>
*                 <FileSignature>
*                     <OrdinalNumber>1</OrdinalNumber>
*                     <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName>
*                     <ContentLength>16</ContentLength>
*                     <HashValue algorithm="MD5" encoding="Base64">5MX0q1935fvMjLFV7E1yDw==</HashValue>
*                 </FileSignature>
*             </FileSignatureList>
*         </Document>
*     </DocumentList>
* </InitUpload>

* Use this online tool to generate code from sample XML: 
* Generate Code to Create XML

loXmlToSign = CreateObject('Chilkat.Xml')
loXmlToSign.Tag = "InitUpload"
loXmlToSign.AddAttribute("xmlns","http://e-dokumenty.mf.gov.pl")
loXmlToSign.UpdateChildContent("DocumentType","JPK")
loXmlToSign.UpdateChildContent("Version","01.02.01.20160617")
loXmlToSign.UpdateAttrAt("EncryptionKey",1,"algorithm","RSA")
loXmlToSign.UpdateAttrAt("EncryptionKey",1,"encoding","Base64")
loXmlToSign.UpdateAttrAt("EncryptionKey",1,"mode","ECB")
loXmlToSign.UpdateAttrAt("EncryptionKey",1,"padding","PKCS#1")
loXmlToSign.UpdateChildContent("EncryptionKey","xxxx")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",1,"schemaVersion","1-1")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FormCode",1,"systemCode","JPK_VAT (3)")
loXmlToSign.UpdateChildContent("DocumentList|Document|FormCode","JPK_VAT")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileName","JPK_VAT_3_v1-1_20181201.xml")
loXmlToSign.UpdateChildContent("DocumentList|Document|ContentLength","8736")
loXmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",1,"algorithm","SHA-256")
loXmlToSign.UpdateAttrAt("DocumentList|Document|HashValue",1,"encoding","Base64")
loXmlToSign.UpdateChildContent("DocumentList|Document|HashValue","JEDI1pItwh6dj/Xx1uts/x61qnjZ4DLHpkZMhmf1oKQ=")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList",1,"filesNumber","1")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",1,"mode","zip")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Packaging|SplitZip",1,"type","split")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",1,"block","16")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",1,"mode","CBC")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",1,"padding","PKCS#7")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES",1,"size","256")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",1,"bytes","16")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|Encryption|AES|IV",1,"encoding","Base64")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|Encryption|AES|IV","z64oN9zXHt1+S3XACRSCYw==")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber","1")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|FileName","JPK_VAT_3_v1-1_20181201-000.xml.zip.aes")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|ContentLength","16")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",1,"algorithm","MD5")
loXmlToSign.UpdateAttrAt("DocumentList|Document|FileSignatureList|FileSignature|HashValue",1,"encoding","Base64")
loXmlToSign.UpdateChildContent("DocumentList|Document|FileSignatureList|FileSignature|HashValue","5MX0q1935fvMjLFV7E1yDw==")

loGen = CreateObject('Chilkat.XmlDSigGen')

loGen.SigLocation = "InitUpload"
loGen.SigLocationMod = 0
loGen.SigId = "id-1234"
loGen.SigNamespacePrefix = "ds"
loGen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#"
loGen.SignedInfoCanonAlg = "EXCL_C14N"
loGen.SignedInfoDigestMethod = "sha256"

* Create an Object to be added to the Signature.

* <xades:QualifyingProperties Target="#id-1234" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#">
*     <xades:SignedProperties Id="xades-id-1234">
*         <xades:SignedSignatureProperties>
*             <xades:SigningTime>TO BE GENERATED BY CHILKAT</xades:SigningTime>
*             <xades:SigningCertificate>
*                 <xades:Cert>
*                     <xades:CertDigest>
*                         <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
*                         <ds:DigestValue>TO BE GENERATED BY CHILKAT</ds:DigestValue>
*                     </xades:CertDigest>
*                     <xades:IssuerSerial>
*                         <ds:X509IssuerName>TO BE GENERATED BY CHILKAT</ds:X509IssuerName>
*                         <ds:X509SerialNumber>TO BE GENERATED BY CHILKAT</ds:X509SerialNumber>
*                     </xades:IssuerSerial>
*                 </xades:Cert>
*             </xades:SigningCertificate>
*         </xades:SignedSignatureProperties>
*         <xades:SignedDataObjectProperties>
*             <xades:DataObjectFormat ObjectReference="#r-id-1">
*                 <xades:MimeType>text/xml</xades:MimeType>
*             </xades:DataObjectFormat>
*         </xades:SignedDataObjectProperties>
*     </xades:SignedProperties>
* </xades:QualifyingProperties>

loObject1 = CreateObject('Chilkat.Xml')
loObject1.Tag = "xades:QualifyingProperties"
loObject1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#")
loObject1.AddAttribute("Target","#id-1234")
loObject1.UpdateAttrAt("xades:SignedProperties",1,"Id","xades-id-1234")
* Note: It may be that http://www.w3.org/2001/04/xmlenc#sha256 is needed in the following line instead of http://www.w3.org/2000/09/xmldsig#sha1
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT")
loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",1,"Algorithm","http://www.w3.org/2000/09/xmldsig#sha1")
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT")
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT")
loObject1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",1,"ObjectReference","#r-id-1")
loObject1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","text/xml")

loGen.AddObject("",loObject1.GetXml(),"","")

* -------- Reference 1 --------
* Build the following Transforms fragment:

* <ds:Transforms>
*     <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
*         <ds:XPath>not(ancestor-or-self::ds:Signature)</ds:XPath>
*     </ds:Transform>
*     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
* </ds:Transforms>

loXml1 = CreateObject('Chilkat.Xml')
loXml1.Tag = "ds:Transforms"
loXml1.UpdateAttrAt("ds:Transform",1,"Algorithm","http://www.w3.org/TR/1999/REC-xpath-19991116")
loXml1.UpdateChildContent("ds:Transform|ds:XPath","not(ancestor-or-self::ds:Signature)")
loXml1.UpdateAttrAt("ds:Transform[1]",1,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#")

loGen.AddSameDocRef2("","sha256",loXml1,"")
loGen.SetRefIdAttr("","r-id-1")

* -------- Reference 2 --------
* Build the following Transforms fragment:

* <ds:Transforms>
*     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
* </ds:Transforms>

loXml2 = CreateObject('Chilkat.Xml')
loXml2.Tag = "ds:Transforms"
loXml2.UpdateAttrAt("ds:Transform",1,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#")

loGen.AddObjectRef2("xades-id-1234","sha256",loXml2,"http://uri.etsi.org/01903#SignedProperties")

* Provide a certificate + private key. (PFX password is test123)
loCert = CreateObject('Chilkat.Cert')
lnSuccess = loCert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123")
IF (lnSuccess <> 1) THEN
    ? loCert.LastErrorText
    RELEASE loXmlToSign
    RELEASE loGen
    RELEASE loObject1
    RELEASE loXml1
    RELEASE loXml2
    RELEASE loCert
    CANCEL
ENDIF

loGen.SetX509Cert(loCert,1)

loGen.KeyInfoType = "X509Data"
loGen.X509Type = "Certificate"

* Load XML to be signed...
loSbXml = CreateObject('Chilkat.StringBuilder')
loXmlToSign.GetXmlSb(loSbXml)

loGen.Behaviors = "IndentedSignature"

* Sign the XML...
lnSuccess = loGen.CreateXmlDSigSb(loSbXml)
IF (lnSuccess <> 1) THEN
    ? loGen.LastErrorText
    RELEASE loXmlToSign
    RELEASE loGen
    RELEASE loObject1
    RELEASE loXml1
    RELEASE loXml2
    RELEASE loCert
    RELEASE loSbXml
    CANCEL
ENDIF

* -----------------------------------------------

* Save the signed XML to a file.
lnSuccess = loSbXml.WriteFile("qa_output/signedXml.xml","utf-8",0)

? loSbXml.GetAsString()

* ----------------------------------------
* Verify the signatures we just produced...
loVerifier = CreateObject('Chilkat.XmlDSig')
lnSuccess = loVerifier.LoadSignatureSb(loSbXml)
IF (lnSuccess <> 1) THEN
    ? loVerifier.LastErrorText
    RELEASE loXmlToSign
    RELEASE loGen
    RELEASE loObject1
    RELEASE loXml1
    RELEASE loXml2
    RELEASE loCert
    RELEASE loSbXml
    RELEASE loVerifier
    CANCEL
ENDIF

lnNumSigs = loVerifier.NumSignatures
lnVerifyIdx = 0
DO WHILE lnVerifyIdx < lnNumSigs
    loVerifier.Selector = lnVerifyIdx
    lnVerified = loVerifier.VerifySignature(1)
    IF (lnVerified <> 1) THEN
        ? loVerifier.LastErrorText
        RELEASE loXmlToSign
        RELEASE loGen
        RELEASE loObject1
        RELEASE loXml1
        RELEASE loXml2
        RELEASE loCert
        RELEASE loSbXml
        RELEASE loVerifier
        CANCEL
    ENDIF

    lnVerifyIdx = lnVerifyIdx + 1
ENDDO
? "All signatures were successfully verified."

RELEASE loXmlToSign
RELEASE loGen
RELEASE loObject1
RELEASE loXml1
RELEASE loXml2
RELEASE loCert
RELEASE loSbXml
RELEASE loVerifier