Sample code for 30+ languages & platforms
Pascal (Lazarus/Delphi)

Create XAdES using Smart Card or USB Token

See more XAdES Examples

Demonstrates how to create an XAdES signed XML document using a certificate located on a smartcard or USB token.

Chilkat Pascal (Lazarus/Delphi) Downloads

Pascal (Lazarus/Delphi)
program ChilkatDemo;

// Demonstrates using the Chilkat Pascal wrapper via the C bridge DLL.
// Builds as a console application under Lazarus (FPC) or Delphi.

{$IFDEF FPC}
  {$MODE DELPHI}
{$ENDIF}
{$APPTYPE CONSOLE}

uses
  {$IFDEF UNIX}
  cthreads,
  {$ENDIF}
  SysUtils,
  CkDllLoader,
  Chilkat.StringBuilder,
  Chilkat.XmlDSigGen,
  Chilkat.Xml,
  Chilkat.XmlDSig,
  Chilkat.Cert;

// ---------------------------------------------------------------------------

procedure RunDemo;
var
  success: Boolean;
  xmlToSign: TXml;
  gen: TXmlDSigGen;
  object1: TXml;
  cert: TCert;
  sbXml: TStringBuilder;
  verifier: TXmlDSig;
  verified: Boolean;

begin
  success := False;

  //  Load the XML to be signed.
  xmlToSign := TXml.Create;
  success := xmlToSign.LoadXmlFile('qa_data/fattura_electronica/docToSign.xml');
  if (success = False) then
    begin
      WriteLn(xmlToSign.LastErrorText);
      Exit;
    end;

  gen := TXmlDSigGen.Create;

  gen.SigLocation := 'p:FatturaElettronica';
  gen.SigId := 'xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504';
  gen.SigNamespacePrefix := 'ds';
  gen.SigNamespaceUri := 'http://www.w3.org/2000/09/xmldsig#';
  gen.SigValueId := 'xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-sigvalue';
  gen.SignedInfoCanonAlg := 'C14N';
  gen.SignedInfoDigestMethod := 'sha256';

  //  Create an Object to be added to the Signature.
  //  Note: Chilkat will automatically populate the strings indicated by "TO BE GENERATED BY CHILKAT" with actual/correct values
  //  when the XML is signed.
  object1 := TXml.Create;
  object1.Tag := 'xades:QualifyingProperties';
  object1.AddAttribute('xmlns:xades','http://uri.etsi.org/01903/v1.3.2#');
  object1.AddAttribute('xmlns:xades141','http://uri.etsi.org/01903/v1.4.1#');
  object1.AddAttribute('Target','#xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504');
  object1.UpdateAttrAt('xades:SignedProperties',True,'Id','xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-signedprops');
  object1.UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningTime','TO BE GENERATED BY CHILKAT');
  object1.UpdateAttrAt('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestMethod',True,'Algorithm','http://www.w3.org/2001/04/xmlenc#sha256');
  object1.UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:CertDigest|ds:DigestValue','TO BE GENERATED BY CHILKAT');
  object1.UpdateChildContent('xades:SignedProperties|xades:SignedSignatureProperties|xades:SigningCertificateV2|xades:Cert|xades:IssuerSerialV2','TO BE GENERATED BY CHILKAT');

  gen.AddObject('',object1.GetXml(),'','');

  //  -------- Reference 1 --------
  gen.KeyInfoId := 'xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-keyinfo';
  gen.AddSameDocRef('xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-keyinfo','sha256','','','');

  //  -------- Reference 2 --------
  gen.AddSameDocRef('','sha256','','','');
  gen.SetRefIdAttr('','xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-ref0');

  //  -------- Reference 3 --------
  gen.AddObjectRef('xmldsig-6f4b994a-7191-4bb1-ab3c-17549515b504-signedprops','sha256','','','http://uri.etsi.org/01903#SignedProperties');

  //  ----------------------------------------------------------------
  //   Load a certificate that has been pre-installed on the Windows system
  //   This includes certificates on smartcards and USB tokens
  cert := TCert.Create;

  //   You may provide the PIN here..
  cert.SmartCardPin := '000000';

  //  Load the certificate on the smartcard currently in the reader (or on the USB token).
  //  Pass an empty string to allow Chilkat to automatically choose the CSP (Cryptographi Service Provider).
  //  See Load Certificate on Smartcard for information about explicitly selecting a particular CSP.
  success := cert.LoadFromSmartcard('');
  if (success = False) then
    begin
      WriteLn(cert.LastErrorText);
      Exit;
    end;

  gen.SetX509Cert(cert,True);
  gen.KeyInfoType := 'X509Data';
  gen.X509Type := 'Certificate';

  //  Load XML to be signed...
  sbXml := TStringBuilder.Create;
  xmlToSign.GetXmlSb(sbXml);

  gen.Behaviors := 'IndentedSignature,ForceAddEnvelopedSignatureTransform';

  //  Sign the XML...
  success := gen.CreateXmlDSigSb(sbXml);
  if (success = False) then
    begin
      WriteLn(gen.LastErrorText);
      Exit;
    end;

  //  Save the signed XMl to a file.
  success := sbXml.WriteFile('qa_output/signedXml.xml','utf-8',False);

  WriteLn(sbXml.GetAsString());

  //  ----------------------------------------
  //  Verify the signature we just produced...
  verifier := TXmlDSig.Create;
  success := verifier.LoadSignatureSb(sbXml);
  if (success = False) then
    begin
      WriteLn(verifier.LastErrorText);
      Exit;
    end;

  verified := verifier.VerifySignature(True);
  if (verified <> True) then
    begin
      WriteLn(verifier.LastErrorText);
      Exit;
    end;
  WriteLn('This signature was successfully verified.');


  xmlToSign.Free;
  gen.Free;
  object1.Free;
  cert.Free;
  sbXml.Free;
  verifier.Free;

end;

// ---------------------------------------------------------------------------

begin

  try
    RunDemo;
  except
    on E: Exception do
      WriteLn('Unhandled exception: ', E.ClassName, ': ', E.Message);
  end;

  WriteLn;
  {$IFDEF MSWINDOWS}
  WriteLn('Press Enter to exit...');
  ReadLn;
  {$ENDIF}
end.