(Go) Add EncapsulatedTimestamp to Already-Signed XML

See more XML Digital Signatures Examples

Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.

Note: This example requires Chilkat v9.5.0.90 or greater.

Chilkat Go Downloads Go Package for Windows, MacOS, Linux, Alpine Linux, Solaris

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
    // (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
    // We must use a StringBuilder.
    sbXml := chilkat.NewStringBuilder()
    success := sbXml.LoadFile("qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml","utf-8")
    if success == false {
        fmt.Println("Failed to load the XML file.")
        sbXml.DisposeStringBuilder()
        return
    }

    dsig := chilkat.NewXmlDSig()
    success = dsig.LoadSignatureSb(sbXml)
    if success == false {
        fmt.Println(dsig.LastErrorText())
        sbXml.DisposeStringBuilder()
        dsig.DisposeXmlDSig()
        return
    }

    if dsig.HasEncapsulatedTimeStamp() == true {
        fmt.Println("This signed XML already has an EncapsulatedTimeStamp")
        sbXml.DisposeStringBuilder()
        dsig.DisposeXmlDSig()
        return
    }

    // Specify the timestamping authority URL
    json := chilkat.NewJsonObject()
    json.UpdateString("timestampToken.tsaUrl","http://timestamp.digicert.com")
    json.UpdateBool("timestampToken.requestTsaCert",true)

    // Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
    // Note: If the signed XML contains multiple signatures, the signature modified is the one 
    // indicated by the dsig.Selector property.
    sbOut := chilkat.NewStringBuilder()
    success = dsig.AddEncapsulatedTimeStamp(json,sbOut)
    if success == false {
        fmt.Println(dsig.LastErrorText())
        sbXml.DisposeStringBuilder()
        dsig.DisposeXmlDSig()
        json.DisposeJsonObject()
        sbOut.DisposeStringBuilder()
        return
    }

    sbOut.WriteFile("qa_output/addedEncapsulatedTimeStamp.xml","utf-8",false)

    // The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
    // keyword to UncommonOptions.  See here:

    // ----------------------------------------
    // Verify the signatures we just produced...
    verifier := chilkat.NewXmlDSig()
    success = verifier.LoadSignatureSb(sbOut)
    if success != true {
        fmt.Println(verifier.LastErrorText())
        sbXml.DisposeStringBuilder()
        dsig.DisposeXmlDSig()
        json.DisposeJsonObject()
        sbOut.DisposeStringBuilder()
        verifier.DisposeXmlDSig()
        return
    }

    // Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
    verifier.SetUncommonOptions("VerifyEncapsulatedTimeStamp")

    numSigs := verifier.NumSignatures()
    verifyIdx := 0
    for verifyIdx < numSigs {
        verifier.SetSelector(verifyIdx)
        verified := verifier.VerifySignature(true)
        if verified != true {
            fmt.Println(verifier.LastErrorText())
            sbXml.DisposeStringBuilder()
            dsig.DisposeXmlDSig()
            json.DisposeJsonObject()
            sbOut.DisposeStringBuilder()
            verifier.DisposeXmlDSig()
            return
        }

        verifyIdx = verifyIdx + 1
    }

    fmt.Println("All signatures were successfully verified.")

    sbXml.DisposeStringBuilder()
    dsig.DisposeXmlDSig()
    json.DisposeJsonObject()
    sbOut.DisposeStringBuilder()
    verifier.DisposeXmlDSig()