@ECHO OFF
REM $Id DoSigChecks.bat $
REM $Date: 2017-12-17T12:05Z $
REM DO CHECKS AS PER https://www.cryptosys.net/firmasat/why-signature-not-valid.html

:**************************************************
: USER INPUT: CHANGE THESE TO SUIT YOUR FILE NAMES
SET MYXML="miarchivo-base.xml"
SET MYCER="CSD01_AAA010101AAA.cer"
SET MYKEY="CSD01_AAA010101AAA.key"
SET MYPWD="12345678a"
SET MYNEW="miarchivo-signed.xml"
:**************************************************

@ECHO.
@ECHO INPUT DATA:
@ECHO Base XML file = %MYXML%
@ECHO Certificate file = %MYCER%
@ECHO Key file = %MYKEY%
@ECHO Password = %MYPWD%
@ECHO New file = %MYNEW%

@PROMPT $G$S
@ECHO ON

FirmaSAT LIBINFO
@IF ERRORLEVEL 1 goto ERROR

FirmaSAT XMLOK %MYXML%
@IF ERRORLEVEL 1 goto ERROR

FirmaSAT NUMBERCERT %MYCER%
@IF ERRORLEVEL 1 goto ERROR

FirmaSAT ATTRIBUTE -a NoCertificado -e "" %MYXML%
@IF ERRORLEVEL 1 goto ERROR

@REM Capture values in batch file variables, then compare
@FOR /f "tokens=*" %%a IN ('FirmaSAT NUMBERCERT %MYCER%') DO @SET NUMBERCERT=%%a
@FOR /f "tokens=*" %%a IN ('FirmaSAT ATTRIBUTE -a NoCertificado -e "" %MYXML%') DO @SET NOCERTIFICADO=%%a
@IF %NUMBERCERT% NEQ %NOCERTIFICADO% ECHO ERROR: CERTIFICATE NUMBERS DO NOT MATCH & goto ERROR

FirmaSAT SIGNXML -c %MYCER% -k %MYKEY% -p %MYPWD% -i %MYXML% -o %MYNEW% -s @
@IF ERRORLEVEL 1 goto ERROR

FirmaSAT XMLOK %MYNEW%
@IF ERRORLEVEL 1 goto ERROR

FirmaSAT VERIFYSIG %MYNEW%
@IF ERRORLEVEL 1 goto ERROR

FirmaSAT FORMDIGEST %MYNEW%
@IF ERRORLEVEL 1 goto ERROR

FirmaSAT EXTRACTDIGEST %MYNEW%
@IF ERRORLEVEL 1 goto ERROR

@REM Capture values in batch file variables, then compare (case insensitive)
@FOR /f "tokens=*" %%a IN ('FirmaSAT FORMDIGEST %MYNEW%') DO @SET FORMDIGEST=%%a
@FOR /f "tokens=*" %%a IN ('FirmaSAT EXTRACTDIGEST %MYNEW%') DO @SET EXTRACTDIGEST=%%a
@IF /i %FORMDIGEST% NEQ %EXTRACTDIGEST% ECHO ERROR: DIGEST VALUES DO NOT MATCH & goto ERROR

@ECHO.
@ECHO ALL DONE.

@goto DONE
:ERROR
@ECHO ERROR OCCURRED!

:DONE
@PROMPT $P$G