Sample code for 30+ languages & platforms
Objective-C

Add EncapsulatedTimestamp to Already-Signed XML

See more XML Digital Signatures Examples

Demonstrates how to add an EncapsulatedTimestamp to an existing XML signature.

Note: This example requires Chilkat v9.5.0.90 or greater.

Chilkat Objective-C Downloads

Objective-C
#import <CkoStringBuilder.h>
#import <CkoXmlDSig.h>
#import <CkoJsonObject.h>

BOOL success = NO;

//  This example requires the Chilkat API to have been previously unlocked.
//  See Global Unlock Sample for sample code.

//  Note: We cannot load the already-signed XML into a Chilkat XML object because it would re-format the XML when re-emitted.
//  (i.e. indentation and whitespace could change, and it would invalidate the existing signature.)
//  We must use a StringBuilder.
CkoStringBuilder *sbXml = [[CkoStringBuilder alloc] init];
success = [sbXml LoadFile: @"qa_data/xml_dsig_valid_samples/encapsulatedTimestamp_not_yet_added.xml" charset: @"utf-8"];
if (success == NO) {
    NSLog(@"%@",@"Failed to load the XML file.");
    return;
}

CkoXmlDSig *dsig = [[CkoXmlDSig alloc] init];
success = [dsig LoadSignatureSb: sbXml];
if (success == NO) {
    NSLog(@"%@",dsig.LastErrorText);
    return;
}

if ([dsig HasEncapsulatedTimeStamp] == YES) {
    NSLog(@"%@",@"This signed XML already has an EncapsulatedTimeStamp");
    return;
}

//  Specify the timestamping authority URL
CkoJsonObject *json = [[CkoJsonObject alloc] init];
[json UpdateString: @"timestampToken.tsaUrl" value: @"http://timestamp.digicert.com"];
[json UpdateBool: @"timestampToken.requestTsaCert" value: YES];

//  Call AddEncapsulatedTimeStamp to add the EncapsulatedTimeStamp to the signature.
//  Note: If the signed XML contains multiple signatures, the signature modified is the one 
//  indicated by the dsig.Selector property.
CkoStringBuilder *sbOut = [[CkoStringBuilder alloc] init];
success = [dsig AddEncapsulatedTimeStamp: json sbOut: sbOut];
if (success == NO) {
    NSLog(@"%@",dsig.LastErrorText);
    return;
}

[sbOut WriteFile: @"qa_output/addedEncapsulatedTimeStamp.xml" charset: @"utf-8" emitBom: NO];

//  The EncapsulatedTimeStamp can be validated when validating the signature by adding the VerifyEncapsulatedTimeStamp
//  keyword to UncommonOptions.  See here:

//  ----------------------------------------
//  Verify the signatures we just produced...
CkoXmlDSig *verifier = [[CkoXmlDSig alloc] init];
success = [verifier LoadSignatureSb: sbOut];
if (success != YES) {
    NSLog(@"%@",verifier.LastErrorText);
    return;
}

//  Add "VerifyEncapsulatedTimeStamp" to the UncommonOptions to also verify any EncapsulatedTimeStamps
verifier.UncommonOptions = @"VerifyEncapsulatedTimeStamp";

int numSigs = [verifier.NumSignatures intValue];
int verifyIdx = 0;
while (verifyIdx < numSigs) {
    verifier.Selector = [NSNumber numberWithInt: verifyIdx];
    BOOL verified = [verifier VerifySignature: YES];
    if (verified != YES) {
        NSLog(@"%@",verifier.LastErrorText);
        return;
    }

    verifyIdx = verifyIdx + 1;
}

NSLog(@"%@",@"All signatures were successfully verified.");