Has anybode done a digital signature of an xml document (Dsig with RSA-SHA256) with OpenEdge code? Is this even possible?
(Could use OpenEgge 11.5.x if needed)
Your thoughts?
I did something like this.
USING System.Xml.Xsl.*.
USING System.Security.Cryptography.*.
/* nombrearch contendrá el nombre base, y de aqui se generará: <arch>.txt - la cadena original <arch>.bin - la cadena ya aplicado el sha1, o sea, ya binaria. <arch>.b64 - el sello binario pero ya en base64 */ /* ArchCadenaOriginal AS CHARACTER */ /* archivoSINbom AS LONGCHAR */ /* NombreXSLT AS CHARACTER */ /* cCadenaOriginal AS LONGCHAR */ /* cCadenaDigerida AS RAW */ /* cCadenaBase64 AS CHARACTER */ FIX-CODEPAGE (cCadenaOriginal) = ?. FIX-CODEPAGE (cCadenaBase64) = "UTF-8". ASSIGN ArchCadenaOriginal = dirTrabajo + "cadenaOriginal-" + string(CFDI.NumCFDI) + ".txt". /*-----------------------------------------------------------*/ xslt = NEW XslCompiledTransform(). xslt:Load(NombreXSLT). xslt:Transform(pArchivoDisco, ArchCadenaOriginal). /*-----------------------------------------------------------*/ COPY-LOB FROM FILE ArchCadenaOriginal TO OBJECT cCadenaBase64. COPY-LOB FROM OBJECT cCadenaBase64 TO FILE (ArchCadenaOriginal) NO-CONVERT. FIND CURRENT CFDI EXCLUSIVE-LOCK. ASSIGN CFDI.CadenaOriginal = cCadenaBase64.
Hope gives you some clues, or I can elaborate more if you need
I vaguely remember a similar topic, possibly an internal question from Tech Support, but don't recall the answer, and I could not find it. I don't know of specific work in OE to handle digital signatures in XML. Sorry, not much help, but it might jog someone else's memory.
The ABL language does not currently support any use case of Asymmetric (public/private) encryption, including its use in [xml] digital signatures. I've heard of solutions that use external products, but I don't have specifics in what products where used.
I did something like this.
USING System.Xml.Xsl.*.
USING System.Security.Cryptography.*.
/* nombrearch contendrá el nombre base, y de aqui se generará: <arch>.txt - la cadena original <arch>.bin - la cadena ya aplicado el sha1, o sea, ya binaria. <arch>.b64 - el sello binario pero ya en base64 */ /* ArchCadenaOriginal AS CHARACTER */ /* archivoSINbom AS LONGCHAR */ /* NombreXSLT AS CHARACTER */ /* cCadenaOriginal AS LONGCHAR */ /* cCadenaDigerida AS RAW */ /* cCadenaBase64 AS CHARACTER */ FIX-CODEPAGE (cCadenaOriginal) = ?. FIX-CODEPAGE (cCadenaBase64) = "UTF-8". ASSIGN ArchCadenaOriginal = dirTrabajo + "cadenaOriginal-" + string(CFDI.NumCFDI) + ".txt". /*-----------------------------------------------------------*/ xslt = NEW XslCompiledTransform(). xslt:Load(NombreXSLT). xslt:Transform(pArchivoDisco, ArchCadenaOriginal). /*-----------------------------------------------------------*/ COPY-LOB FROM FILE ArchCadenaOriginal TO OBJECT cCadenaBase64. COPY-LOB FROM OBJECT cCadenaBase64 TO FILE (ArchCadenaOriginal) NO-CONVERT. FIND CURRENT CFDI EXCLUSIVE-LOCK. ASSIGN CFDI.CadenaOriginal = cCadenaBase64.
Hope gives you some clues, or I can elaborate more if you need
Sorry.. I missed to send the other part of the process.
OUTPUT STREAM streamSello TO VALUE (nombredelBATCH). PUT STREAM streamSello UNFORMATTED "path = c:\OpenSSL-Win32\bin;%path%~n". PUT STREAM streamSello UNFORMATTED SUBSTITUTE ("c:\OpenSSL-Win32\bin\openssl dgst -sha1 -out &1sello&4.bin -sign &2key.pem &3~n", dirTrabajo, DirXSLTs, ArchCadenaOriginal, STRING(CFDI.NumCFDI)). PUT STREAM streamSello UNFORMATTED SUBSTITUTE ("c:\OpenSSL-Win32\bin\openssl base64 -in &1sello&2.bin -out &1sello&2.txt~n", dirTrabajo, STRING(CFDI.NumCFDI)). OUTPUT STREAM streamSello CLOSE. OS-COMMAND NO-CONSOLE VALUE(nombredelBATCH).
This is where it gets encrypted..
.