Discuss this help topic in SecureBlackbox Forum

Creating ASiC-E containers

The creation of ASiC-E containers is much similar to the creation of ASiC-S ones; however the former ones are complicated by the use of Manifests.

The result of running the sample code below is a ZIP archive containing:

  • mimetype - the file with mime-type of the container;
  • sample.txt and sample2.txt - the original documents;
  • META-INF folder with all signatures;
  • \META-INF\ASiCManifest.xml - the first manifest pointing to: sample.txt, sample2.txt, and timestamp.tst;
  • \META-INF\ASiCManifest1.xml - the second manifest pointing to: sample.txt as the data, and to signature.p7s as the signature;
  • \META-INF\signature.p7s - the CAdES signature of the ASiCManifest.xml;
  • \META-INF\signatures.xml - the XAdES signature(s) over sample.txt and sample2.txt;
  • \META-INF\timestamp.tst - an RFC 3161 timestamp token applied to ASiCManifest1.xml.

// ASiC-E example (Pascal code)
Container := TElASiCContainer.Create(nil);
Container.SignatureForm := asfExtended;
// Add the documents
// Add a manifest that will point to the documents in the archive.
Manifest := Container.AddManifest;
// Add a timestamp.
Timestamp := Container.AddTimestamp(Timestamper);
// The manifest will be timestamped.
Manifest.Signature := Timestamp;
// Add the second manifest, with the first document and its CAdES signature.
Manifest2 := Container.AddManifest;
CadesSig := Container.AddCAdESSignature;
CadesSig.AddSignatureEntry(Certificate, nil);
Manifest2.Signature := CadesSig;
// Adding the XAdES signature does not require a manifest; data will be stored in the signatures.xml.
XadesSig := Container.AddXAdESSignature(Certificate);
// Create a XAdES signature entry over the first document only.
// Create another XAdES over both files:
index := XadesSig.AddSignatureEntry(Certificate2);
// Save the files.
// Add a CAdES signature. First load a certificate.
Certificate := TElX509Certificate.Create(nil);
Certificate.LoadFromFileAuto('C:\Documents\cert.pfx', 'password');
CadesSig := Container.AddCAdESSignature;
CadesSig.AddSignatureEntry(Certificate, nil);
// Adding a XAdES signature; use the same certificate.
XadesSig := Container.AddXAdESSignature(Certificate);
// We can add multiple signature entries to the XAdES signature document.
Certificate2 := TElX509Certificate.Create(nil);
Certificate2.LoadFromFileAuto('C:\Documents\cert2.pfx', 'password');
index := XadesSig.AddSignatureEntry(Certificate2);
// in this case we should also point to the signed entry
// Save the archive calculating all timestamps and signatures.

How To articles about ASiC

Discuss this help topic in SecureBlackbox Forum