Chilkat2-Python
Chilkat2-Python
Add EncapsulatedTimestamp to Already-Signed XML
See more XML Digital Signatures Examples
Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.Note: This example requires Chilkat v9.5.0.90 or greater.
Chilkat Chilkat2-Python Downloads
import sys
import chilkat2
success = False
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
# (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
# We must use a StringBuilder.
sbXml = chilkat2.StringBuilder()
success = sbXml.LoadFile("qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml","utf-8")
if (success == False):
print("Failed to load the XML file.")
sys.exit()
dsig = chilkat2.XmlDSig()
success = dsig.LoadSignatureSb(sbXml)
if (success == False):
print(dsig.LastErrorText)
sys.exit()
if (dsig.HasEncapsulatedTimeStamp() == True):
print("This signed XML already has an EncapsulatedTimeStamp")
sys.exit()
# Specify the timestamping authority URL
json = chilkat2.JsonObject()
json.UpdateString("timestampToken.tsaUrl","http://timestamp.digicert.com")
json.UpdateBool("timestampToken.requestTsaCert",True)
# Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
# Note: If the signed XML contains multiple signatures, the signature modified is the one
# indicated by the dsig.Selector property.
sbOut = chilkat2.StringBuilder()
success = dsig.AddEncapsulatedTimeStamp(json,sbOut)
if (success == False):
print(dsig.LastErrorText)
sys.exit()
sbOut.WriteFile("qa_output/addedEncapsulatedTimeStamp.xml","utf-8",False)
# The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
# keyword to UncommonOptions. See here:
# ----------------------------------------
# Verify the signatures we just produced...
verifier = chilkat2.XmlDSig()
success = verifier.LoadSignatureSb(sbOut)
if (success != True):
print(verifier.LastErrorText)
sys.exit()
# Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
verifier.UncommonOptions = "VerifyEncapsulatedTimeStamp"
numSigs = verifier.NumSignatures
verifyIdx = 0
while verifyIdx < numSigs :
verifier.Selector = verifyIdx
verified = verifier.VerifySignature(True)
if (verified != True):
print(verifier.LastErrorText)
sys.exit()
verifyIdx = verifyIdx + 1
print("All signatures were successfully verified.")