Anda, una herramienta bastante interesante! ¿Alguna directriz de alguien que la haya usado? He cogido un ejemplo oficial (Ejemplo_TicketBAI_79732487C_A2022_0399.xml) y me muestra esto con las opciones de
.pfx/.p12 file y en
C#:
Código PHP:
// ----------------------------------------------------------------------
// IMPORTANT: This generated example may require Chilkat v9.5.0.80 or later.
// ----------------------------------------------------------------------
bool success = true;
// Load the XML to be signed from a string...
Chilkat.Xml xmlToSign = new Chilkat.Xml();
xmlToSign.LoadXml("...");
Chilkat.XmlDSigGen gen = new Chilkat.XmlDSigGen();
gen.SigLocation = "T:TicketBai";
gen.SigLocationMod = 0;
gen.SigId = "Signature-63c35f38-2b5f-4600-b3da-3ddee86d62b3-Signature";
gen.SigNamespacePrefix = "ds";
gen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#";
gen.SigValueId = "Signature-63c35f38-2b5f-4600-b3da-3ddee86d62b3-SignatureValue";
gen.SignedInfoCanonAlg = "C14N";
gen.SignedInfoDigestMethod = "sha256";
// Set the KeyInfoId before adding references..
gen.KeyInfoId = "Signature-63c35f38-2b5f-4600-b3da-3ddee86d62b3-KeyInfo";
// Create an Object to be added to the Signature.
Chilkat.Xml object1 = new Chilkat.Xml();
object1.Tag = "xades:QualifyingProperties";
object1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#");
object1.AddAttribute("Id","Signature-63c35f38-2b5f-4600-b3da-3ddee86d62b3-QualifyingProperties");
object1.AddAttribute("Target","#Signature-63c35f38-2b5f-4600-b3da-3ddee86d62b3-Signature");
object1.AddAttribute("xmlns:ds","http://www.w3.org/2000/09/xmldsig#");
object1.UpdateAttrAt("xades:SignedProperties",true,"Id","Signature-63c35f38-2b5f-4600-b3da-3ddee86d62b3-SignedProperties");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT");
object1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestMethod",true,"Algorithm","http://www.w3.org/2001/04/xmlenc#sha512");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509IssuerName","TO BE GENERATED BY CHILKAT");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificate|xades:Cert|xades:IssuerSerial|ds:X509SerialNumber","TO BE GENERATED BY CHILKAT");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SignaturePolicyIdentifier|xades:SignaturePolicyId|xades:SigPolicyId|xades:Identifier","https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SignaturePolicyIdentifier|xades:SignaturePolicyId|xades:SigPolicyId|xades:Description","");
object1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SignaturePolicyIdentifier|xades:SignaturePolicyId|xades:SigPolicyHash|ds:DigestMethod",true,"Algorithm","http://www.w3.org/2001/04/xmlenc#sha256");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SignaturePolicyIdentifier|xades:SignaturePolicyId|xades:SigPolicyHash|ds:DigestValue","Quzn98x3PMbSHwbUzaj5f5KOpiH0u8bvmwbbbNkO9Es=");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SignaturePolicyIdentifier|xades:SignaturePolicyId|xades:SigPolicyQualifiers|xades:SigPolicyQualifier|xades:SPURI","https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf");
object1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat",true,"ObjectReference","#Reference-7e6f3481-4acc-47de-90fd-67878ad15e8e");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Description","");
object1.UpdateAttrAt("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier",true,"Qualifier","OIDAsURN");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Identifier","urn:oid:1.2.840.10003.5.109.10");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:ObjectIdentifier|xades:Description","");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:MimeType","text/xml");
object1.UpdateChildContent("xades:SignedProperties|xades:SignedDataObjectProperties|xades:DataObjectFormat|xades:Encoding","");
gen.AddObject("",object1.GetXml(),"","");
// -------- Reference 1 --------
gen.AddSameDocRef("","sha512","C14N","","http://www.w3.org/2000/09/xmldsig#Object");
gen.SetRefIdAttr("","Reference-7e6f3481-4acc-47de-90fd-67878ad15e8e");
// -------- Reference 2 --------
gen.AddObjectRef("Signature-63c35f38-2b5f-4600-b3da-3ddee86d62b3-SignedProperties","sha512","","","http://uri.etsi.org/01903#SignedProperties");
// -------- Reference 3 --------
gen.AddSameDocRef("Signature-63c35f38-2b5f-4600-b3da-3ddee86d62b3-KeyInfo","sha512","","","");
// Provide a certificate + private key. (PFX password is test123)
Chilkat.Cert cert = new Chilkat.Cert();
success = cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123");
if (success != true) {
Debug.WriteLine(cert.LastErrorText);
return;
}
gen.SetX509Cert(cert,true);
gen.KeyInfoType = "X509Data+KeyValue";
gen.X509Type = "Certificate";
// Load XML to be signed...
Chilkat.StringBuilder sbXml = new Chilkat.StringBuilder();
xmlToSign.GetXmlSb(sbXml);
gen.Behaviors = "CompactSignedXml,TransformSignatureXPath";
// Sign the XML...
success = gen.CreateXmlDSigSb(sbXml);
if (success != true) {
Debug.WriteLine(gen.LastErrorText);
return;
}
// -----------------------------------------------
// Save the signed XML to a file.
success = sbXml.WriteFile("qa_output/signedXml.xml","utf-8",false);
Debug.WriteLine(sbXml.GetAsString());
// ----------------------------------------
// Verify the signatures we just produced...
Chilkat.XmlDSig verifier = new Chilkat.XmlDSig();
success = verifier.LoadSignatureSb(sbXml);
if (success != true) {
Debug.WriteLine(verifier.LastErrorText);
return;
}
int numSigs = verifier.NumSignatures;
int verifyIdx = 0;
while (verifyIdx < numSigs) {
verifier.Selector = verifyIdx;
bool verified = verifier.VerifySignature(true);
if (verified != true) {
Debug.WriteLine(verifier.LastErrorText);
return;
}
verifyIdx = verifyIdx + 1;
}
Debug.WriteLine("All signatures were successfully verified.");