Sample code for 30+ languages & platforms
Chilkat2-Python

Add EncapsulatedTimestamp to Already-Signed XML

See more XML Digital Signatures Examples

Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.

Note: This example requires Chilkat v9.5.0.90 or greater.

Chilkat Chilkat2-Python Downloads

Chilkat2-Python
import sys
import chilkat2

success = False

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
# (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
# We must use a StringBuilder.
sbXml = chilkat2.StringBuilder()
success = sbXml.LoadFile("qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml","utf-8")
if (success == False):
    print("Failed to load the XML file.")
    sys.exit()

dsig = chilkat2.XmlDSig()
success = dsig.LoadSignatureSb(sbXml)
if (success == False):
    print(dsig.LastErrorText)
    sys.exit()

if (dsig.HasEncapsulatedTimeStamp() == True):
    print("This signed XML already has an EncapsulatedTimeStamp")
    sys.exit()

# Specify the timestamping authority URL
json = chilkat2.JsonObject()
json.UpdateString("timestampToken.tsaUrl","http://timestamp.digicert.com")
json.UpdateBool("timestampToken.requestTsaCert",True)

# Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
# Note: If the signed XML contains multiple signatures, the signature modified is the one 
# indicated by the dsig.Selector property.
sbOut = chilkat2.StringBuilder()
success = dsig.AddEncapsulatedTimeStamp(json,sbOut)
if (success == False):
    print(dsig.LastErrorText)
    sys.exit()

sbOut.WriteFile("qa_output/addedEncapsulatedTimeStamp.xml","utf-8",False)

# The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
# keyword to UncommonOptions.  See here:

# ----------------------------------------
# Verify the signatures we just produced...
verifier = chilkat2.XmlDSig()
success = verifier.LoadSignatureSb(sbOut)
if (success != True):
    print(verifier.LastErrorText)
    sys.exit()

# Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
verifier.UncommonOptions = "VerifyEncapsulatedTimeStamp"

numSigs = verifier.NumSignatures
verifyIdx = 0
while verifyIdx < numSigs :
    verifier.Selector = verifyIdx
    verified = verifier.VerifySignature(True)
    if (verified != True):
        print(verifier.LastErrorText)
        sys.exit()

    verifyIdx = verifyIdx + 1

print("All signatures were successfully verified.")