Sample code for 30+ languages & platforms
Unicode C

Create JPK VAT metadata XML

See more RSA Examples

Demonstrates how to create the JPK VAT metadata XML (InitUpload) that will be signed using XADES.

Chilkat Unicode C Downloads

Unicode C
#include <C_CkXmlW.h>
#include <C_CkBinDataW.h>
#include <C_CkCrypt2W.h>
#include <C_CkZipW.h>
#include <C_CkPrngW.h>
#include <C_CkCertW.h>
#include <C_CkPublicKeyW.h>
#include <C_CkRsaW.h>

void ChilkatSample(void)
    {
    BOOL success;
    HCkXmlW xml;
    HCkBinDataW bdXml;
    HCkCrypt2W crypt;
    HCkZipW zip;
    HCkBinDataW bdZip;
    HCkPrngW prng;
    HCkBinDataW bdAesKey;
    const wchar_t *ivBytes;
    HCkCertW cert;
    HCkPublicKeyW pubKey;
    HCkRsaW rsa;
    const wchar_t *finalXml;

    success = FALSE;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // First build an InitUpload XML template

    // Use this online tool to generate the code from the sample XML below: 
    // Generate Code to Create XML

    // <InitUpload xmlns="http://e-dokumenty.mf.gov.pl">
    //     <DocumentType>JPK</DocumentType>
    //     <Version>01.02.01.20160617</Version>
    //     <EncryptionKey algorithm="RSA" encoding="Base64" mode="ECB" padding="PKCS#1">F9EhKFec...uWqAWUIg==</EncryptionKey>
    //     <DocumentList>
    //         <Document>
    //             <FormCode schemaVersion="1-1" systemCode="JPK_VAT (3)">JPK_VAT</FormCode>
    //             <FileName>JPK_VAT_3_v1-1_20181201.xml</FileName>
    //             <ContentLength>8736</ContentLength>
    //             <HashValue algorithm="SHA-256" encoding="Base64">JFDI1pItwh6dj/Xe1uts/x61qnjZ4DLHpkZMhmf1oKQ=</HashValue>
    //             <FileSignatureList filesNumber="1">
    //                 <Packaging>
    //                     <SplitZip mode="zip" type="split"/>
    //                 </Packaging>
    //                 <Encryption>
    //                     <AES block="16" mode="CBC" padding="PKCS#7" size="256">
    //                         <IV bytes="16" encoding="Base64">z64oN9zXHt1+S3XACRSCYw==</IV>
    //                     </AES>
    //                 </Encryption>
    //                 <FileSignature>
    //                     <OrdinalNumber>1</OrdinalNumber>
    //                     <FileName>JPK_VAT_3_v1-1_20181201-000.xml.zip.aes</FileName>
    //                     <ContentLength>16</ContentLength>
    //                     <HashValue algorithm="MD5" encoding="Base64">5NX0q1935fvMjLFV7E1yDw==</HashValue>
    //                 </FileSignature>
    //             </FileSignatureList>
    //         </Document>
    //     </DocumentList>
    // </InitUpload>

    xml = CkXmlW_Create();
    CkXmlW_putTag(xml,L"InitUpload");
    CkXmlW_AddAttribute(xml,L"xmlns",L"http://e-dokumenty.mf.gov.pl");
    CkXmlW_UpdateChildContent(xml,L"DocumentType",L"JPK");
    CkXmlW_UpdateChildContent(xml,L"Version",L"01.02.01.20160617");
    CkXmlW_UpdateAttrAt(xml,L"EncryptionKey",TRUE,L"algorithm",L"RSA");
    CkXmlW_UpdateAttrAt(xml,L"EncryptionKey",TRUE,L"encoding",L"Base64");
    CkXmlW_UpdateAttrAt(xml,L"EncryptionKey",TRUE,L"mode",L"ECB");
    CkXmlW_UpdateAttrAt(xml,L"EncryptionKey",TRUE,L"padding",L"PKCS#1");
    CkXmlW_UpdateChildContent(xml,L"EncryptionKey",L"TO BE DETERMINED");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FormCode",TRUE,L"schemaVersion",L"1-1");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FormCode",TRUE,L"systemCode",L"JPK_VAT (3)");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FormCode",L"JPK_VAT");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FileName",L"JPK_VAT_3_v1-1_20181201.xml");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|ContentLength",L"9999");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|HashValue",TRUE,L"algorithm",L"SHA-256");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|HashValue",TRUE,L"encoding",L"Base64");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|HashValue",L"TO BE DETERMINED");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList",TRUE,L"filesNumber",L"1");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|Packaging|SplitZip",TRUE,L"mode",L"zip");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|Packaging|SplitZip",TRUE,L"type",L"split");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,L"block",L"16");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,L"mode",L"CBC");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,L"padding",L"PKCS#7");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|Encryption|AES",TRUE,L"size",L"256");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|Encryption|AES|IV",TRUE,L"bytes",L"16");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|Encryption|AES|IV",TRUE,L"encoding",L"Base64");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FileSignatureList|Encryption|AES|IV",L"TO BE DETERMINED");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FileSignatureList|FileSignature|OrdinalNumber",L"1");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FileSignatureList|FileSignature|FileName",L"JPK_VAT_3_v1-1_20181201-000.xml.zip.aes");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FileSignatureList|FileSignature|ContentLength",L"9999");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|FileSignature|HashValue",TRUE,L"algorithm",L"MD5");
    CkXmlW_UpdateAttrAt(xml,L"DocumentList|Document|FileSignatureList|FileSignature|HashValue",TRUE,L"encoding",L"Base64");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FileSignatureList|FileSignature|HashValue",L"TO BE DETERMINED");

    // ------------------------------------------------------------
    // Step 1: Load our JPK_VAT XML and update the DocumentList|Document|HashValue
    // and DocumentList|Document|ContentLength
    bdXml = CkBinDataW_Create();
    success = CkBinDataW_LoadFile(bdXml,L"qa_data/xml_dsig/jpk_vat/JPK_VAT_3_v1-1_20181201-000.xml");
    if (success != TRUE) {
        wprintf(L"Failed to load XML file.\n");
        CkXmlW_Dispose(xml);
        CkBinDataW_Dispose(bdXml);
        return;
    }

    CkXmlW_UpdateChildContentInt(xml,L"DocumentList|Document|ContentLength",CkBinDataW_getNumBytes(bdXml));

    crypt = CkCrypt2W_Create();
    CkCrypt2W_putHashAlgorithm(crypt,L"sha256");
    CkCrypt2W_putEncodingMode(crypt,L"base64");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|HashValue",CkCrypt2W_hashBdENC(crypt,bdXml));

    // ------------------------------------------------------------
    // Step 2: Create a Zip archive containing the XML.
    zip = CkZipW_Create();
    // The filename we pass here doesn't matter because we won't actually be creating a .zip file.
    CkZipW_NewZip(zip,L"anything.zip");
    CkZipW_AddBd(zip,L"JPK_VAT_3_v1-1_20181201-000.xml",bdXml);
    // Write the .zip file to a BinData object.
    bdZip = CkBinDataW_Create();
    CkZipW_WriteBd(zip,bdZip);

    // ------------------------------------------------------------
    // Step 3: Generate a random 256-bit AES key (32-bytes)
    prng = CkPrngW_Create();
    bdAesKey = CkBinDataW_Create();
    CkPrngW_GenRandomBd(prng,32,bdAesKey);
    ivBytes = CkPrngW_genRandom(prng,16,L"base64");

    // Store the IV (base64 string) in the XML.
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FileSignatureList|Encryption|AES|IV",ivBytes);

    // ------------------------------------------------------------
    // Step 4: AES encrypt our zip archive (the contents of bdZip)
    CkCrypt2W_putCipherMode(crypt,L"cbc");
    CkCrypt2W_putKeyLength(crypt,256);
    CkCrypt2W_putCryptAlgorithm(crypt,L"aes");
    CkCrypt2W_putPaddingScheme(crypt,0);
    CkCrypt2W_SetEncodedIV(crypt,ivBytes,L"base64");
    CkCrypt2W_SetEncodedKey(crypt,CkBinDataW_getEncoded(bdAesKey,L"base64"),L"base64");
    // AES by definition has a block size of 16.
    CkCrypt2W_EncryptBd(crypt,bdZip);

    // bdZip now contains the AES encrypted data. 
    // Note: This is NOT the same as a zip where the contents are AES encrypted.
    // In that case, we have an unencrypted zip structure with AES encrypted files within.
    // In our case, the entire zip file image is encrypted.

    // Save the bdZip to a file.  This is what will get sent to e-dokumenty.mf.gov.pl
    success = CkBinDataW_WriteFile(bdZip,L"qa_output/JPK_VAT_3_v1-1_20181201-000.xml.zip.aes");
    CkXmlW_UpdateChildContentInt(xml,L"DocumentList|Document|FileSignatureList|FileSignature|ContentLength",CkBinDataW_getNumBytes(bdZip));

    // ------------------------------------------------------------
    // Step 4: RSA Encrypt the AES key using the public key certificate provided by the Ministry of Finance
    cert = CkCertW_Create();
    success = CkCertW_LoadFromFile(cert,L"qa_data/pem/mf_public_rsa.pem");
    if (success == FALSE) {
        wprintf(L"%s\n",CkCertW_lastErrorText(cert));
        CkXmlW_Dispose(xml);
        CkBinDataW_Dispose(bdXml);
        CkCrypt2W_Dispose(crypt);
        CkZipW_Dispose(zip);
        CkBinDataW_Dispose(bdZip);
        CkPrngW_Dispose(prng);
        CkBinDataW_Dispose(bdAesKey);
        CkCertW_Dispose(cert);
        return;
    }

    pubKey = CkPublicKeyW_Create();
    CkCertW_GetPublicKey(cert,pubKey);

    rsa = CkRsaW_Create();
    CkRsaW_UsePublicKey(rsa,pubKey);

    CkRsaW_putEncodingMode(rsa,L"base64");
    CkRsaW_putLittleEndian(rsa,FALSE);
    // in-place RSA encrypt the contents of bdAesKey.
    CkRsaW_EncryptBd(rsa,bdAesKey,FALSE);
    CkXmlW_UpdateChildContent(xml,L"EncryptionKey",CkBinDataW_getEncoded(bdAesKey,L"base64"));

    // Step 5: We forgot to get the MD5 hash of the AES encrypted zip.
    // (I'm assuming we need the MD5 of the encrypted zip as opposed to the MD5 of the pre-encrypted zip..)
    CkCrypt2W_putHashAlgorithm(crypt,L"md5");
    CkXmlW_UpdateChildContent(xml,L"DocumentList|Document|FileSignatureList|FileSignature|HashValue",CkCrypt2W_hashBdENC(crypt,bdZip));

    // At this point, the XML is prepared and the AES encrypted image of the zip file is written
    // to a file (and also in bdZip).
    finalXml = CkXmlW_getXml(xml);
    wprintf(L"%s\n",finalXml);

    CkXmlW_SaveXml(xml,L"qa_output/jpk_vat.xml");

    wprintf(L"Finished.\n");


    CkXmlW_Dispose(xml);
    CkBinDataW_Dispose(bdXml);
    CkCrypt2W_Dispose(crypt);
    CkZipW_Dispose(zip);
    CkBinDataW_Dispose(bdZip);
    CkPrngW_Dispose(prng);
    CkBinDataW_Dispose(bdAesKey);
    CkCertW_Dispose(cert);
    CkPublicKeyW_Dispose(pubKey);
    CkRsaW_Dispose(rsa);

    }