PHP ActiveX
PHP ActiveX
Add EncapsulatedTimestamp to Already-Signed XML
See more XML Digital Signatures Examples
Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.Note: This example requires Chilkat v9.5.0.90 or greater.
Chilkat PHP ActiveX Downloads
<?php
$success = 0;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
// (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
// We must use a StringBuilder.
$sbXml = new COM("Chilkat.StringBuilder");
$success = $sbXml->LoadFile('qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml','utf-8');
if ($success == 0) {
print 'Failed to load the XML file.' . "\n";
exit;
}
$dsig = new COM("Chilkat.XmlDSig");
$success = $dsig->LoadSignatureSb($sbXml);
if ($success == 0) {
print $dsig->LastErrorText . "\n";
exit;
}
if ($dsig->HasEncapsulatedTimeStamp() == 1) {
print 'This signed XML already has an EncapsulatedTimeStamp' . "\n";
exit;
}
// Specify the timestamping authority URL
$json = new COM("Chilkat.JsonObject");
$json->UpdateString('timestampToken.tsaUrl','http://timestamp.digicert.com');
$json->UpdateBool('timestampToken.requestTsaCert',1);
// Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
// Note: If the signed XML contains multiple signatures, the signature modified is the one
// indicated by the dsig.Selector property.
$sbOut = new COM("Chilkat.StringBuilder");
$success = $dsig->AddEncapsulatedTimeStamp($json,$sbOut);
if ($success == 0) {
print $dsig->LastErrorText . "\n";
exit;
}
$sbOut->WriteFile('qa_output/addedEncapsulatedTimeStamp.xml','utf-8',0);
// The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
// keyword to UncommonOptions. See here:
// ----------------------------------------
// Verify the signatures we just produced...
$verifier = new COM("Chilkat.XmlDSig");
$success = $verifier->LoadSignatureSb($sbOut);
if ($success != 1) {
print $verifier->LastErrorText . "\n";
exit;
}
// Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
$verifier->UncommonOptions = 'VerifyEncapsulatedTimeStamp';
$numSigs = $verifier->NumSignatures;
$verifyIdx = 0;
while ($verifyIdx < $numSigs) {
$verifier->Selector = $verifyIdx;
$verified = $verifier->VerifySignature(1);
if ($verified != 1) {
print $verifier->LastErrorText . "\n";
exit;
}
$verifyIdx = $verifyIdx + 1;
}
print 'All signatures were successfully verified.' . "\n";
?>