Sample code for 30+ languages & platforms
Lianja

Create Egypt ITIDA CAdES-BES .p7s Signature (with strings in-memory)

See more Egypt ITIDA Examples

Demonstrates how to create a .p7s signature that fits Egypt's ITIDA requirements.

Note: This example requires Chilkat v9.5.0.75 or greater.

Chilkat Lianja Downloads

Lianja
llSuccess = .F.

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

loCrypt = createobject("CkCrypt2")

loCert = createobject("CkCert")

// There are many ways to load the certificate.  
// This example was created for a customer using an ePass2003 USB token.
// Assuming the USB token is the only source of a hardware-based private key..
llSuccess = loCert.LoadFromSmartcard("")
if (llSuccess <> .T.) then
    ? loCert.LastErrorText
    release loCrypt
    release loCert
    return
endif

// Tell the crypt component to use this cert.
llSuccess = loCrypt.SetSigningCert(loCert)
if (llSuccess <> .T.) then
    ? loCrypt.LastErrorText
    release loCrypt
    release loCert
    return
endif

loCmsOptions = createobject("CkJsonObject")
// Setting "DigestData" causes OID 1.2.840.113549.1.7.5 (digestData) to be used.
loCmsOptions.UpdateBool("DigestData",.T.)
loCmsOptions.UpdateBool("OmitAlgorithmIdNull",.T.)
loCrypt.CmsOptions = loCmsOptions.Emit()

// The CadesEnabled property applies to all methods that create CMS/PKCS7 signatures. 
// To create a CAdES-BES signature, set this property equal to true. 
loCrypt.CadesEnabled = .T.

loCrypt.HashAlgorithm = "sha256"

loJsonSigningAttrs = createobject("CkJsonObject")
loJsonSigningAttrs.UpdateInt("contentType",1)
loJsonSigningAttrs.UpdateInt("signingTime",1)
loJsonSigningAttrs.UpdateInt("messageDigest",1)
loJsonSigningAttrs.UpdateInt("signingCertificateV2",1)
loCrypt.SigningAttributes = loJsonSigningAttrs.Emit()

// By default, all the certs in the chain of authentication are included in the signature.
// If desired, we can choose to only include the signing certificate:
loCrypt.IncludeCertChain = .F.

// Make sure we sign the utf-8 byte representation of the JSON string
loCrypt.Charset = "utf-8"

// Create the CAdES-BES signature.
lcTextToSign = '"issuer""address""branchID""0""country""EG""regionCity...'

loCrypt.EncodingMode = "base64"
lcSigBase64 = loCrypt.SignStringENC(lcTextToSign)
if (loCrypt.LastMethodSuccess = .F.) then
    ? loCrypt.LastErrorText
    release loCrypt
    release loCert
    release loCmsOptions
    release loJsonSigningAttrs
    return
endif

? "Base64 signature:"
? lcSigBase64


release loCrypt
release loCert
release loCmsOptions
release loJsonSigningAttrs