project QadFinancials > class BDInvoice > method VerifySignature

Description

This method will be used internally to check if our Invoice Certification Signature can be verifired with our public key.

Parameters


iiDInvoiceIDinputintegerDInvoice ID
oiReturnStatusoutputintegerReturn status of the method.

Internal usage


unused

program code (program6/bdinvoice.p)

/* Although this method is not used in the code, it is used for testing */
/* !!! !!! !!! Please do not delete this method !!! !!! !!!             */

/* Query to use to find a suitable dinvoice ID */
/*
   select dinvoice_id, dinvoicecreationdate, companycode 
   from dinvoice, company 
   where dinvoiceinvcertkey <> "" and dinvoice.company_id = company.company_id. 
*/
   
if iiDInvoiceID = 0 or
   iiDInvoiceID = ?
then return.

/* =================== */
/* Get key & Signature */
/* =================== */                   
<Q-75 run DInvoiceForInvoiceCert (all) (Read) (NoCache)
   (input viCompanyId, (CompanyId)
    input iiDInvoiceID, (DInvoiceID)
    output dataset tqDInvoiceForInvoiceCert) in BDInvoice>
find tqDInvoiceForInvoiceCert where
     tqDInvoiceForInvoiceCert.tiDInvoice_ID = iiDInvoiceID
     no-lock no-error.
if not available tqDInvoiceForInvoiceCert
then return.

/* ============= */
/* Get PublicKey */
/* ============= */    
<Q-26 run SystemPropertyByAll (all) (Read) (NoCache)  (output dataset tqSystemPropertyByAll) in BSystemProperty>
find first tqSystemPropertyByAll no-lock no-error.
if not available tqSystemPropertyByAll
then return.

/* ============================= */
/* Save the public key in a file */
/* ============================= */
assign vcFileName = SESSION:TEMP-DIRECTORY + "QadPublicKey.txt".
output stream sInvCertif to value(vcFileName).
put stream sInvCertif unformatted tqSystemPropertyByAll.tcSysPropertyInvCertPublicKey.
output stream sInvCertif close.
    
/* ============================== */
/* Save the Invoice Key in a file */
/* ============================== */
assign vcFileName = SESSION:TEMP-DIRECTORY + "QadInvoiceKey.txt".
output stream sInvCertif to value(vcFileName).
put stream sInvCertif unformatted tqDInvoiceForInvoiceCert.tcDInvoiceInvCertKey.
output stream sInvCertif close.

/* ============================ */
/* Save the Signature in a file */
/* ============================ */
assign vcFileName = SESSION:TEMP-DIRECTORY + "QadInvoiceSignature.txt".
output stream sInvCertif to value(vcFileName).
put stream sInvCertif unformatted tqDInvoiceForInvoiceCert.tcDInvoiceInvCertSignatureCurr.
output stream sInvCertif close.

/* ================================================= */
/* Create a batch file to run the OpenSSL in Windows */
/* ================================================= */
assign vcFileName   = SESSION:TEMP-DIRECTORY + "QadVerify.bat"
       vcOpenSSLDir = tqSystemPropertyByAll.tcSysPropertyInvCertOpenSSLDir.
output stream sInvCertif to value(vcFileName).
put stream sInvCertif unformatted
        "@echo off" skip
        "set PATH=" + vcOpenSSLDir + ";%PATH%" skip
        "openssl enc -base64 -d -in QadInvoiceSignature.txt > QadDecryptedInvoiceSignature.txt" skip        
        "echo " "~"" tqDInvoiceForInvoiceCert.tcDInvoiceInvCertKey "~""
        " | openssl dgst -sha1 -verify QadPublicKey.txt -signature QadDecryptedInvoiceSignature.txt".
output stream sInvCertif close.

/* ======================================================================================= */
/* run the verify program                                                                  */
/* Because we use the import statement, we loose the LF or CR that might be in the output. */
/* That is exactly what we want, because the signature is one line of 172 characters       */
/* ======================================================================================= */
input stream sInvCertif through value(vcFileName).
repeat on error undo, throw:
    import stream sInvCertif unformatted vcImport.
    message vcImport view-as alert-box.
end. /* repeat: */
input stream sInvCertif close.

/*
/* ========================= */
/* Encrypt a new private key */
/* ========================= */
assign vhFcComponent = ?.
<M-87 run MainBlock  () in TCrypt>
assign vhCrypthandle = vhFcComponent.

assign vcPrivateKey = 
"-----BEGIN RSA PRIVATE KEY-----" + chr(10) +
"MII...slX" + chr(10) +
"/kt...Zsn" + chr(10) +
"1w/...QAB" + chr(10) +
"..." + chr(10) +
...
"w4A6...ntA==" + chr(10) +
"-----END RSA PRIVATE KEY-----" + chr(10).

<M-58 run EncryptString
   (input  vcPrivateKey (icInputString), 
    output vcEncryptedPrivateKey (ocOutputString), 
    output viExternalReturnStatus (oiReturnStatus)) in TCrypt>

run gipr_DeleteProcedure in vhCrypthandle.
delete procedure vhCrypthandle.

if viExternalReturnStatus < 0 or (viExternalReturnStatus > 0 and oiReturnStatus = 0)     
then assign oiReturnStatus = viExternalReturnStatus.
if viExternalReturnStatus < 0
then return.

/* Save the encrypted private key in a file */
assign vcFileName = SESSION:TEMP-DIRECTORY + "QadEncryptedPrivateKey.txt".
output stream sInvCertif to value(vcFileName).
put stream sInvCertif unformatted vcEncryptedPrivateKey.
output stream sInvCertif close.
*/