Chilkat HOME .NET Core C# Android™ AutoIt C C# C++ Chilkat2-Python CkPython Classic ASP DataFlex Delphi ActiveX Delphi DLL Go Java Lianja Mono C# Node.js Objective-C PHP ActiveX PHP Extension Perl PowerBuilder PowerShell PureBasic Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ VB.NET VBScript Visual Basic 6.0 Visual FoxPro Xojo Plugin
(PowerBuilder) XAdES using TSA Requiring Client CertificateSee more XML Digital Signatures ExamplesDemonstrates how to create an XMLDSig (XAdES) signed document which includes an EncapsulatedTimestamp using a TSA (TimeStamp Authority) server requiring client certificate authentication. One such TSA is https://www3.postsignum.cz/TSS/TSS_crt/
integer li_rc integer li_Success oleobject loo_SbXml oleobject loo_Gen oleobject loo_Object1 oleobject loo_Cert oleobject loo_JsonTsa oleobject loo_Http // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. li_Success = 1 // Load the XML to be signed. For example, the XML to be signed might contain something like this: // <?xml version="1.0" encoding="utf-8"?> // <TransakcniLogSystemu xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://nsess.public.cz/erms_trans/v_01_01" Id="Signature1"> // <TransLogInfo> // <Identifikator>XYZ ABC</Identifikator> // <DatumVzniku>2022-12-20T14:39:02.3625922+01:00</DatumVzniku> // <DatumCasOd>2022-12-20T14:26:26.88</DatumCasOd> // <DatumCasDo>2022-12-20T14:39:02.287</DatumCasDo> // <Software>XYZ</Software> // <VerzeSoftware>2.0.19.32</VerzeSoftware> // </TransLogInfo> // <Udalosti> // <Udalost> // <Poradi>1</Poradi> // ... // Load the XML to be signed from a file. // (XML can be loaded from other source, such as a string variable.) loo_SbXml = create oleobject // Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0 li_rc = loo_SbXml.ConnectToNewObject("Chilkat.StringBuilder") if li_rc < 0 then destroy loo_SbXml MessageBox("Error","Connecting to COM object failed") return end if li_Success = loo_SbXml.LoadFile("xmlToSign.xml","utf-8") loo_Gen = create oleobject // Use "Chilkat_9_5_0.XmlDSigGen" for versions of Chilkat < 10.0.0 li_rc = loo_Gen.ConnectToNewObject("Chilkat.XmlDSigGen") loo_Gen.SigLocation = "TransakcniLogSystemu" loo_Gen.SigLocationMod = 0 loo_Gen.SigId = "SignatureID-Signature1" loo_Gen.SigNamespacePrefix = "ds" loo_Gen.SigNamespaceUri = "http://www.w3.org/2000/09/xmldsig#" loo_Gen.SignedInfoCanonAlg = "C14N" loo_Gen.SignedInfoDigestMethod = "sha256" // Set the KeyInfoId before adding references.. loo_Gen.KeyInfoId = "KeyInfoId-Signature-Signature1" // Create an Object to be added to the Signature. // Note: Chilkat will automatically fill in the values marked as "TO BE GENERATED BY CHILKAT" at the time of signing. // The EncapsulatedTimestamp will be automatically generated. loo_Object1 = create oleobject // Use "Chilkat_9_5_0.Xml" for versions of Chilkat < 10.0.0 li_rc = loo_Object1.ConnectToNewObject("Chilkat.Xml") loo_Object1.Tag = "xades:QualifyingProperties" loo_Object1.AddAttribute("xmlns:xades","http://uri.etsi.org/01903/v1.3.2#") loo_Object1.AddAttribute("Target","#Signature1") loo_Object1.UpdateAttrAt("xades:SignedProperties",1,"Id","SignedProperties-Signature-Signature1") loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime","TO BE GENERATED BY CHILKAT") loo_Object1.UpdateAttrAt("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod",1,"Algorithm","http://www.w3.org/2001/04/xmlenc#sha256") loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue","TO BE GENERATED BY CHILKAT") loo_Object1.UpdateChildContent("xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2","TO BE GENERATED BY CHILKAT") // The EncapsulatedTimestamp will be included in the unsigned properties. loo_Object1.UpdateAttrAt("xades:UnsignedProperties|xades:UnsignedSignatureProperties|xades:SignatureTimeStamp",1,"Id","signature-timestamp-5561-8212-3316-5191") loo_Object1.UpdateAttrAt("xades:UnsignedProperties|xades:UnsignedSignatureProperties|xades:SignatureTimeStamp|ds:CanonicalizationMethod",1,"Algorithm","http://www.w3.org/2001/10/xml-exc-c14n#") loo_Object1.UpdateAttrAt("xades:UnsignedProperties|xades:UnsignedSignatureProperties|xades:SignatureTimeStamp|xades:EncapsulatedTimeStamp",1,"Encoding","http://uri.etsi.org/01903/v1.2.2#DER") loo_Object1.UpdateChildContent("xades:UnsignedProperties|xades:UnsignedSignatureProperties|xades:SignatureTimeStamp|xades:EncapsulatedTimeStamp","TO BE GENERATED BY CHILKAT") loo_Gen.AddObject("XadesObjectId-Signature1",loo_Object1.GetXml(),"","") // -------- Reference 1 -------- loo_Gen.AddObjectRef("SignedProperties-Signature-Signature1","sha256","EXCL_C14N","","http://uri.etsi.org/01903#SignedProperties") // -------- Reference 2 -------- loo_Gen.AddSameDocRef("KeyInfoId-Signature-Signature1","sha256","EXCL_C14N","","") loo_Gen.SetRefIdAttr("KeyInfoId-Signature-Signature1","ReferenceKeyInfo") // -------- Reference 3 -------- loo_Gen.AddSameDocRef("","sha256","EXCL_C14N","","") loo_Gen.SetRefIdAttr("","Reference-Signature1") // Provide a certificate + private key. (PFX password is test123) loo_Cert = create oleobject // Use "Chilkat_9_5_0.Cert" for versions of Chilkat < 10.0.0 li_rc = loo_Cert.ConnectToNewObject("Chilkat.Cert") li_Success = loo_Cert.LoadPfxFile("qa_data/pfx/cert_test123.pfx","test123") if li_Success <> 1 then Write-Debug loo_Cert.LastErrorText destroy loo_SbXml destroy loo_Gen destroy loo_Object1 destroy loo_Cert return end if loo_Gen.SetX509Cert(loo_Cert,1) loo_Gen.KeyInfoType = "X509Data" loo_Gen.X509Type = "Certificate" loo_Gen.Behaviors = "IndentedSignature" // ------------------------------------------------------------------------------------------- // To have the EncapsulatedTimeStamp automatically added... // 1) Add the <xades:EncapsulatedTimeStamp Encoding="http://uri.etsi.org/01903/v1.2.2#DER">TO BE GENERATED BY CHILKAT</xades:EncapsulatedTimeStamp> // to the unsigned properties. (This was accomplished in the above code.) // 2) Specify the TSA URL (Timestamping Authority URL). // Here we specify the TSA URL: // ------------------------------------------------------------------------------------------- loo_JsonTsa = create oleobject // Use "Chilkat_9_5_0.JsonObject" for versions of Chilkat < 10.0.0 li_rc = loo_JsonTsa.ConnectToNewObject("Chilkat.JsonObject") loo_JsonTsa.UpdateString("timestampToken.tsaUrl","https://www3.postsignum.cz/TSS/TSS_crt/") loo_JsonTsa.UpdateBool("timestampToken.requestTsaCert",1) loo_Gen.SetTsa(loo_JsonTsa) // ------------------------------------------------------------------------------------------- // In this case, the TSA requires client certificate authentication. // To provide your client certificate, the application will instantiate a Chilkat HTTP object, // then set it up with a SSL/TLS client certificate, and then tell the XmlDSigGen object // to use the HTTP object for connections to the TSA server. // ------------------------------------------------------------------------------------------- loo_Http = create oleobject // Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0 li_rc = loo_Http.ConnectToNewObject("Chilkat.Http") li_Success = loo_Http.SetSslClientCertPfx("/home/bob/pfxFiles/myClientSideCertWithPrivateKey.pfx","pfxPassword") if li_Success <> 1 then Write-Debug loo_Http.LastErrorText destroy loo_SbXml destroy loo_Gen destroy loo_Object1 destroy loo_Cert destroy loo_JsonTsa destroy loo_Http return end if // Tell the XmlDSigGen object to use the above HTTP object for TSA communications. loo_Gen.SetHttpObj(loo_Http) // Sign the XML... li_Success = loo_Gen.CreateXmlDSigSb(loo_SbXml) if li_Success <> 1 then Write-Debug loo_Gen.LastErrorText destroy loo_SbXml destroy loo_Gen destroy loo_Object1 destroy loo_Cert destroy loo_JsonTsa destroy loo_Http return end if // ----------------------------------------------- // Save the signed XML to a file. li_Success = loo_SbXml.WriteFile("c:/temp/qa_output/signedXml.xml","utf-8",0) Write-Debug loo_SbXml.GetAsString() destroy loo_SbXml destroy loo_Gen destroy loo_Object1 destroy loo_Cert destroy loo_JsonTsa destroy loo_Http |
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.