Sample code for 30+ languages & platforms
PHP ActiveX

Add EncapsulatedTimestamp to Already-Signed XML

See more XML Digital Signatures Examples

Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.

Note: This example requires Chilkat v9.5.0.90 or greater.

Chilkat PHP ActiveX Downloads

PHP ActiveX
<?php

$success = 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
// (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
// We must use a StringBuilder.
$sbXml = new COM("Chilkat.StringBuilder");
$success = $sbXml->LoadFile('qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml','utf-8');
if ($success == 0) {
    print 'Failed to load the XML file.' . "\n";
    exit;
}

$dsig = new COM("Chilkat.XmlDSig");
$success = $dsig->LoadSignatureSb($sbXml);
if ($success == 0) {
    print $dsig->LastErrorText . "\n";
    exit;
}

if ($dsig->HasEncapsulatedTimeStamp() == 1) {
    print 'This signed XML already has an EncapsulatedTimeStamp' . "\n";
    exit;
}

// Specify the timestamping authority URL
$json = new COM("Chilkat.JsonObject");
$json->UpdateString('timestampToken.tsaUrl','http://timestamp.digicert.com');
$json->UpdateBool('timestampToken.requestTsaCert',1);

// Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
// Note: If the signed XML contains multiple signatures, the signature modified is the one 
// indicated by the dsig.Selector property.
$sbOut = new COM("Chilkat.StringBuilder");
$success = $dsig->AddEncapsulatedTimeStamp($json,$sbOut);
if ($success == 0) {
    print $dsig->LastErrorText . "\n";
    exit;
}

$sbOut->WriteFile('qa_output/addedEncapsulatedTimeStamp.xml','utf-8',0);

// The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
// keyword to UncommonOptions.  See here:

// ----------------------------------------
// Verify the signatures we just produced...
$verifier = new COM("Chilkat.XmlDSig");
$success = $verifier->LoadSignatureSb($sbOut);
if ($success != 1) {
    print $verifier->LastErrorText . "\n";
    exit;
}

// Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
$verifier->UncommonOptions = 'VerifyEncapsulatedTimeStamp';

$numSigs = $verifier->NumSignatures;
$verifyIdx = 0;
while ($verifyIdx < $numSigs) {
    $verifier->Selector = $verifyIdx;
    $verified = $verifier->VerifySignature(1);
    if ($verified != 1) {
        print $verifier->LastErrorText . "\n";
        exit;
    }

    $verifyIdx = $verifyIdx + 1;
}

print 'All signatures were successfully verified.' . "\n";

?>