SQL Server
SQL Server
Add EncapsulatedTimestamp to Already-Signed XML
See more XML Digital Signatures Examples
Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.Note: This example requires Chilkat v9.5.0.90 or greater.
Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
DECLARE @iTmp0 int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
-- Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
-- (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
-- We must use a StringBuilder.
DECLARE @sbXml int
EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbXml OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
EXEC sp_OAMethod @sbXml, 'LoadFile', @success OUT, 'qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml', 'utf-8'
IF @success = 0
BEGIN
PRINT 'Failed to load the XML file.'
EXEC @hr = sp_OADestroy @sbXml
RETURN
END
DECLARE @dsig int
EXEC @hr = sp_OACreate 'Chilkat.XmlDSig', @dsig OUT
EXEC sp_OAMethod @dsig, 'LoadSignatureSb', @success OUT, @sbXml
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @dsig, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @sbXml
EXEC @hr = sp_OADestroy @dsig
RETURN
END
EXEC sp_OAMethod @dsig, 'HasEncapsulatedTimeStamp', @iTmp0 OUT
IF @iTmp0 = 1
BEGIN
PRINT 'This signed XML already has an EncapsulatedTimeStamp'
EXEC @hr = sp_OADestroy @sbXml
EXEC @hr = sp_OADestroy @dsig
RETURN
END
-- Specify the timestamping authority URL
DECLARE @json int
EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT
EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'timestampToken.tsaUrl', 'http://timestamp.digicert.com'
EXEC sp_OAMethod @json, 'UpdateBool', @success OUT, 'timestampToken.requestTsaCert', 1
-- Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
-- Note: If the signed XML contains multiple signatures, the signature modified is the one
-- indicated by the dsig.Selector property.
DECLARE @sbOut int
EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbOut OUT
EXEC sp_OAMethod @dsig, 'AddEncapsulatedTimeStamp', @success OUT, @json, @sbOut
IF @success = 0
BEGIN
EXEC sp_OAGetProperty @dsig, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @sbXml
EXEC @hr = sp_OADestroy @dsig
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbOut
RETURN
END
EXEC sp_OAMethod @sbOut, 'WriteFile', @success OUT, 'qa_output/addedEncapsulatedTimeStamp.xml', 'utf-8', 0
-- The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
-- keyword to UncommonOptions. See here:
-- ----------------------------------------
-- Verify the signatures we just produced...
DECLARE @verifier int
EXEC @hr = sp_OACreate 'Chilkat.XmlDSig', @verifier OUT
EXEC sp_OAMethod @verifier, 'LoadSignatureSb', @success OUT, @sbOut
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @verifier, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @sbXml
EXEC @hr = sp_OADestroy @dsig
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbOut
EXEC @hr = sp_OADestroy @verifier
RETURN
END
-- Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
EXEC sp_OASetProperty @verifier, 'UncommonOptions', 'VerifyEncapsulatedTimeStamp'
DECLARE @numSigs int
EXEC sp_OAGetProperty @verifier, 'NumSignatures', @numSigs OUT
DECLARE @verifyIdx int
SELECT @verifyIdx = 0
WHILE @verifyIdx < @numSigs
BEGIN
EXEC sp_OASetProperty @verifier, 'Selector', @verifyIdx
DECLARE @verified int
EXEC sp_OAMethod @verifier, 'VerifySignature', @verified OUT, 1
IF @verified <> 1
BEGIN
EXEC sp_OAGetProperty @verifier, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @sbXml
EXEC @hr = sp_OADestroy @dsig
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbOut
EXEC @hr = sp_OADestroy @verifier
RETURN
END
SELECT @verifyIdx = @verifyIdx + 1
END
PRINT 'All signatures were successfully verified.'
EXEC @hr = sp_OADestroy @sbXml
EXEC @hr = sp_OADestroy @dsig
EXEC @hr = sp_OADestroy @json
EXEC @hr = sp_OADestroy @sbOut
EXEC @hr = sp_OADestroy @verifier
END
GO