|
|
|
|
|
- Example of digital signature to be used for the compliance of cash register software (NF525 standard).
- Example of string signature
CertificateSignString (Example)
Example of digital signature to be used for the compliance of cash register software (NF525 standard). // Data to sign bufToSign is Buffer bufDataSeparator is Buffer = "," // Bundle containing the certificate and the private key with the requested type of algorithm: // RSA 2048, Elliptic Curve Digital Signature Algorithm (ECDSA).... sFileNameCerticateAndPrivateKeyForSignature is string sFileNameCerticateAndPrivateKeyForSignature = fDataDir() + "\signature.p12" // Password for the private key of certificate sPasswordPrivateKeyCertificate is string = "passwordprivatekey" // Certificate only or public key only, to be supplied to the applications/tools // that must be able to check the signatures sFileNameCerticateOnly is string = fDataDir() + ... "\certificate.cer" //or fDataDir() + "\public.pem" // Signature obtained bufRoughSignature is Buffer // Signature in Base64 URL format (printable characters only) sSignaturebase64URL is string  // Data to sign, a combination of items in most cases: // Line ID, Date and time (for signature = invoice date or payment date), ActionCode // Third-party ID, Third-party caption,Third-party VAT num,Third-party country, // Company name, Company VAT num, Company country, // Author ID,Author name // Invoice ID,Invoice ref,Invoice date // Payment ID,Payment ref,Payment date // Grand total,Amount (part on the invoice),Payment mode // Amount BT,VAT amount,Amount tax 1,Amount tax 2,Amount IOT // Example below with "hard-coded" values instead of item names: arrItems is array of strings = ["LineID","InvoiiceDateTime", "ActionCode"] bufToSign = ArrayToString(arrItems,bufDataSeparator) //Etc....  WHEN EXCEPTION IN bufRoughSignature = CertificateSignString(bufToSign, ... sFileNameCerticateAndPrivateKeyForSignature, ... sPasswordPrivateKeyCertificate, ... certSignatureOnly + certSHA256 ) //SHA2 = SHA256 // Notes:  // - to support the algorithms of some certificates // (Elliptic Curve Digital Signature Algorithm (ECDSA)), // you must specify the file name and // YOU MUST NOT USE a certificate variable with CertifcateLoad. // - the certificate can be included in the application library (.WDL or .EXE file) // all you have to do is place it in the project dependencies ("Other" // in the treeview of project explorer) // - The update dated July 28, 2017 must have been downloaded: // http://www.windev.com/st/telec/windev22/windev22_71k.htm#download DO Error("Signature failure", ExceptionInfo()) RETURN ELSE IF ErrorOccurred THEN Error("Error during the signature", ErrorInfo()) ELSE // Transforms the signature into base64 URL, without non-printable characters sSignaturebase64URL = Encode(bufRoughSignature, encodeBASE64URL)  Trace("Base64URL signature: " + sSignaturebase64URL) // To check the signature in another process, use a code such as: // Caution: You must use the file of public key // and not the certificate with private key that requires a password SWITCH CertificateCheckString(bufToSign, Decode(sSignaturebase64URL, encodeBASE64URL), ... sFileNameCerticateOnly, certSignatureOnly + certSHA256) CASE certificateOk: Info("Valid signature and trusted certificate") CASE certificateInvalid: Info("Invalid signature or certificate", ErrorInfo()) CASE certificateExpired: Info("Valid signature but expired certificate", ErrorInfo()) CASE certificateUntrusted: Info("Valid signature but root confidence " + ... "of certificate not reliable", ErrorInfo()) // Case for a self-signed certificate used on another computer/network OTHER CASE Error("Unexpected result of signature check", ErrorInfo()) END END     END
Example of string signature String signature according to a certificate installed on the computer (caution: using the syntax with a Certificate variable NOT COMPATIBLE with the NF525 standard regarding the accounting software). MyCertificate is Certificate // Open the certificate picker of Windows  MyCertificate = CertificateSelect()  // Cancelation or error IF MyCertificate.Name = "" THEN RETURN END   // Checks the certificate validity for the signature // Caution: not compatible with some types of certificates, especially ECDSA/Elliptic Curve // for these certificates, you must use the syntax of CertificateSignString // without the 'Certificate' type with the name of certificate file IF MyCertificate.ValidForSignature = False THEN Info("The selected certificate cannot be used to generate a signature.") RETURN END  // Retrieve the buffer containing the signature bufSignature is Buffer bufSignature = CertificateSignString("Character string to sign", MyCertificate)  // Retrieve the certificate found in the signature buffer MyExtractedCertificate is Certificate MyExtractedCertificate = CertificateExtract(buffSignature)  // Manage the errors IF MyExtractedCertificate = Null THEN RETURN END  // Open the window for certificate properties CertificateOpenProperties(MyExtractedCertificate)
This page is also available for…
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|