PowerShell
PowerShell
Add EncapsulatedTimestamp to Already-Signed XML
See more XML Digital Signatures Examples
Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.Note: This example requires Chilkat v9.5.0.90 or greater.
Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
# (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
# We must use a StringBuilder.
$sbXml = New-Object Chilkat.StringBuilder
$success = $sbXml.LoadFile("qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml","utf-8")
if ($success -eq $false) {
$("Failed to load the XML file.")
exit
}
$dsig = New-Object Chilkat.XmlDSig
$success = $dsig.LoadSignatureSb($sbXml)
if ($success -eq $false) {
$($dsig.LastErrorText)
exit
}
if ($dsig.HasEncapsulatedTimeStamp() -eq $true) {
$("This signed XML already has an EncapsulatedTimeStamp")
exit
}
# Specify the timestamping authority URL
$json = New-Object Chilkat.JsonObject
$json.UpdateString("timestampToken.tsaUrl","http://timestamp.digicert.com")
$json.UpdateBool("timestampToken.requestTsaCert",$true)
# Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
# Note: If the signed XML contains multiple signatures, the signature modified is the one
# indicated by the dsig.Selector property.
$sbOut = New-Object Chilkat.StringBuilder
$success = $dsig.AddEncapsulatedTimeStamp($json,$sbOut)
if ($success -eq $false) {
$($dsig.LastErrorText)
exit
}
$sbOut.WriteFile("qa_output/addedEncapsulatedTimeStamp.xml","utf-8",$false)
# The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
# keyword to UncommonOptions. See here:
# ----------------------------------------
# Verify the signatures we just produced...
$verifier = New-Object Chilkat.XmlDSig
$success = $verifier.LoadSignatureSb($sbOut)
if ($success -ne $true) {
$($verifier.LastErrorText)
exit
}
# Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
$verifier.UncommonOptions = "VerifyEncapsulatedTimeStamp"
$numSigs = $verifier.NumSignatures
$verifyIdx = 0
while ($verifyIdx -lt $numSigs) {
$verifier.Selector = $verifyIdx
$verified = $verifier.VerifySignature($true)
if ($verified -ne $true) {
$($verifier.LastErrorText)
exit
}
$verifyIdx = $verifyIdx + 1
}
$("All signatures were successfully verified.")