Sample code for 30+ languages & platforms
PowerShell

Add EncapsulatedTimestamp to Already-Signed XML

See more XML Digital Signatures Examples

Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.

Note: This example requires Chilkat v9.5.0.90 or greater.

Chilkat PowerShell Downloads

PowerShell
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"

$success = $false

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
# (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
# We must use a StringBuilder.
$sbXml = New-Object Chilkat.StringBuilder
$success = $sbXml.LoadFile("qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml","utf-8")
if ($success -eq $false) {
    $("Failed to load the XML file.")
    exit
}

$dsig = New-Object Chilkat.XmlDSig
$success = $dsig.LoadSignatureSb($sbXml)
if ($success -eq $false) {
    $($dsig.LastErrorText)
    exit
}

if ($dsig.HasEncapsulatedTimeStamp() -eq $true) {
    $("This signed XML already has an EncapsulatedTimeStamp")
    exit
}

# Specify the timestamping authority URL
$json = New-Object Chilkat.JsonObject
$json.UpdateString("timestampToken.tsaUrl","http://timestamp.digicert.com")
$json.UpdateBool("timestampToken.requestTsaCert",$true)

# Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
# Note: If the signed XML contains multiple signatures, the signature modified is the one 
# indicated by the dsig.Selector property.
$sbOut = New-Object Chilkat.StringBuilder
$success = $dsig.AddEncapsulatedTimeStamp($json,$sbOut)
if ($success -eq $false) {
    $($dsig.LastErrorText)
    exit
}

$sbOut.WriteFile("qa_output/addedEncapsulatedTimeStamp.xml","utf-8",$false)

# The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
# keyword to UncommonOptions.  See here:

# ----------------------------------------
# Verify the signatures we just produced...
$verifier = New-Object Chilkat.XmlDSig
$success = $verifier.LoadSignatureSb($sbOut)
if ($success -ne $true) {
    $($verifier.LastErrorText)
    exit
}

# Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
$verifier.UncommonOptions = "VerifyEncapsulatedTimeStamp"

$numSigs = $verifier.NumSignatures
$verifyIdx = 0
while ($verifyIdx -lt $numSigs) {
    $verifier.Selector = $verifyIdx
    $verified = $verifier.VerifySignature($true)
    if ($verified -ne $true) {
        $($verifier.LastErrorText)
        exit
    }

    $verifyIdx = $verifyIdx + 1
}

$("All signatures were successfully verified.")