|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Tcl) Add EncapsulatedTimestamp to Already-Signed XMLSee more XML Digital Signatures ExamplesDemonstrates how to add an EncapsulatedTimestamp to an existing XML signature. Note: This example requires Chilkat v9.5.0.90 or greater.
load ./chilkat.dll # This example requires the Chilkat API to have been previously unlocked. # See Global Unlock Sample for sample code. # Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted. # (i.e. indentation and whitespace could change, and it would invalidate the existing signature.) # We must use a StringBuilder. set sbXml [new_CkStringBuilder] set success [CkStringBuilder_LoadFile $sbXml "qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml" "utf-8"] if {$success == 0} then { puts "Failed to load the XML file." delete_CkStringBuilder $sbXml exit } set dsig [new_CkXmlDSig] set success [CkXmlDSig_LoadSignatureSb $dsig $sbXml] if {$success == 0} then { puts [CkXmlDSig_lastErrorText $dsig] delete_CkStringBuilder $sbXml delete_CkXmlDSig $dsig exit } if {[CkXmlDSig_HasEncapsulatedTimeStamp $dsig] == 1} then { puts "This signed XML already has an EncapsulatedTimeStamp" delete_CkStringBuilder $sbXml delete_CkXmlDSig $dsig exit } # Specify the timestamping authority URL set json [new_CkJsonObject] CkJsonObject_UpdateString $json "timestampToken.tsaUrl" "http://timestamp.digicert.com" CkJsonObject_UpdateBool $json "timestampToken.requestTsaCert" 1 # Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature. # Note: If the signed XML contains multiple signatures, the signature modified is the one # indicated by the dsig.Selector property. set sbOut [new_CkStringBuilder] set success [CkXmlDSig_AddEncapsulatedTimeStamp $dsig $json $sbOut] if {$success == 0} then { puts [CkXmlDSig_lastErrorText $dsig] delete_CkStringBuilder $sbXml delete_CkXmlDSig $dsig delete_CkJsonObject $json delete_CkStringBuilder $sbOut exit } CkStringBuilder_WriteFile $sbOut "qa_output/addedEncapsulatedTimeStamp.xml" "utf-8" 0 # The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp # keyword to UncommonOptions. See here: # ---------------------------------------- # Verify the signatures we just produced... set verifier [new_CkXmlDSig] set success [CkXmlDSig_LoadSignatureSb $verifier $sbOut] if {$success != 1} then { puts [CkXmlDSig_lastErrorText $verifier] delete_CkStringBuilder $sbXml delete_CkXmlDSig $dsig delete_CkJsonObject $json delete_CkStringBuilder $sbOut delete_CkXmlDSig $verifier exit } # Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps CkXmlDSig_put_UncommonOptions $verifier "VerifyEncapsulatedTimeStamp" set numSigs [CkXmlDSig_get_NumSignatures $verifier] set verifyIdx 0 while {$verifyIdx < $numSigs} { CkXmlDSig_put_Selector $verifier $verifyIdx set verified [CkXmlDSig_VerifySignature $verifier 1] if {$verified != 1} then { puts [CkXmlDSig_lastErrorText $verifier] delete_CkStringBuilder $sbXml delete_CkXmlDSig $dsig delete_CkJsonObject $json delete_CkStringBuilder $sbOut delete_CkXmlDSig $verifier exit } set verifyIdx [expr $verifyIdx + 1] } puts "All signatures were successfully verified." delete_CkStringBuilder $sbXml delete_CkXmlDSig $dsig delete_CkJsonObject $json delete_CkStringBuilder $sbOut delete_CkXmlDSig $verifier |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.