Java
Java
Add EncapsulatedTimestamp to Already-Signed XML
See more XML Digital Signatures Examples
Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.Note: This example requires Chilkat v9.5.0.90 or greater.
Chilkat Java Downloads
import com.chilkatsoft.*;
public class ChilkatExample {
static {
try {
System.loadLibrary("chilkat");
} catch (UnsatisfiedLinkError e) {
System.err.println("Native code library failed to load.\n" + e);
System.exit(1);
}
}
public static void main(String argv[])
{
boolean success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
// (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
// We must use a StringBuilder.
CkStringBuilder sbXml = new CkStringBuilder();
success = sbXml.LoadFile("qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml","utf-8");
if (success == false) {
System.out.println("Failed to load the XML file.");
return;
}
CkXmlDSig dsig = new CkXmlDSig();
success = dsig.LoadSignatureSb(sbXml);
if (success == false) {
System.out.println(dsig.lastErrorText());
return;
}
if (dsig.HasEncapsulatedTimeStamp() == true) {
System.out.println("This signed XML already has an EncapsulatedTimeStamp");
return;
}
// Specify the timestamping authority URL
CkJsonObject json = new CkJsonObject();
json.UpdateString("timestampToken.tsaUrl","http://timestamp.digicert.com");
json.UpdateBool("timestampToken.requestTsaCert",true);
// Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
// Note: If the signed XML contains multiple signatures, the signature modified is the one
// indicated by the dsig.Selector property.
CkStringBuilder sbOut = new CkStringBuilder();
success = dsig.AddEncapsulatedTimeStamp(json,sbOut);
if (success == false) {
System.out.println(dsig.lastErrorText());
return;
}
sbOut.WriteFile("qa_output/addedEncapsulatedTimeStamp.xml","utf-8",false);
// The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
// keyword to UncommonOptions. See here:
// ----------------------------------------
// Verify the signatures we just produced...
CkXmlDSig verifier = new CkXmlDSig();
success = verifier.LoadSignatureSb(sbOut);
if (success != true) {
System.out.println(verifier.lastErrorText());
return;
}
// Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
verifier.put_UncommonOptions("VerifyEncapsulatedTimeStamp");
int numSigs = verifier.get_NumSignatures();
int verifyIdx = 0;
while (verifyIdx < numSigs) {
verifier.put_Selector(verifyIdx);
boolean verified = verifier.VerifySignature(true);
if (verified != true) {
System.out.println(verifier.lastErrorText());
return;
}
verifyIdx = verifyIdx+1;
}
System.out.println("All signatures were successfully verified.");
}
}