Discuss this help topic in SecureBlackbox Forum

Creating ASiC-S containers

Three steps necessary to create a new ASiC-S container:

  1. Create an instance of TElASiCContainer class.
  2. Call the CreateContainer() method.
  3. Populate the container with all required documents and signatures/manifests using the corresponding Add* methods.

The result of running the sample code below is a ZIP archive containing:

  • mimetype - the file with mime-type of the container;
  • sample.txt - the original document;
  • META-INF folder with all signatures;
  • \META-INF\signature.p7s - the CAdES signature of the sample.txt;
  • \META-INF\signatures.xml - the XAdES signature(s) over sample.txt;
  • \META-INF\timestamp.tst - an RFC 3161 timestamp token applied to sample.txt.

// ASiC-S example (Pascal code)
Container := TElASiCContainer.Create(nil);
Container.SignatureForm := asfSimple;
// Adding a timestamp. First initialize a TSP client, here we use TElHTTPTSPClient.
HTTPClient := TElHTTPSClient.Create(nil);
HTTPClient.OnCertificateValidate := DoCertificateValidate;
Timestamper := TElHTTPTSPClient.Create(nil);
Timestamper.HTTPClient := HTTPClient;
Timestamper.URL := 'http://time.certum.pl/';
// Add a CAdES signature; load a certificate first.
Certificate := TElX509Certificate.Create(nil);
Certificate.LoadFromFileAuto('C:\Documents\cert.pfx', 'password');
CadesSig := Container.AddCAdESSignature;
CadesSig.AddSignatureEntry(Certificate, nil);
// Add a XAdES signature; use the same certificate.
XadesSig := Container.AddXAdESSignature(Certificate);
// We can add multiple signature entries to XAdES signature document.
Certificate2 := TElX509Certificate.Create(nil);
Certificate2.LoadFromFileAuto('C:\Documents\cert2.pfx', 'password');
index := XadesSig.AddSignatureEntry(Certificate2);
// in this case we should also point to the signed entry
// Save the archive calculating all timestamps and signatures.

How To articles about ASiC

Discuss this help topic in SecureBlackbox Forum