Discuss this help topic in SecureBlackbox Forum

Customize CAdES signature

CAdES signatures can be customized by including specific attributes such as policy identifiers or extended signer information.

There are two ways to include custom attributes to the signatures using TElCAdESSignatureProcessor class.

First, you can set the attributes before calling any TElCAdESSignatureProcessor.CreateXXX() method. Individual attributes can be accessed via the underlying TElCMSSignature object, for example:

processor.Signature.SignaturePolicy.Included = true;
processor.Signature.SignaturePolicy.Signed = true
processor.Signature.SignaturePolicy.PolicyIdentifier = SBStrUtils.Unit.StrToOID("");

The second method allows you to intercept and modify the signature object right before signing. This way you can also alter the default attributes of the signature added by the CreateXXX() method of the signature processor. For example, you can use it to remove the csoUseGeneralizedTimeFormat from signature options if the receiving application expects times in UTCTime.

To intercept the signature template right before it is signed, handle the TElCAdESSignatureProcessor.OnBeforeSign event. The event accepts three parameters: the signature object itself, the certificate it is going to be signed with, and the chain. You can alter the signature object as you wish before passing it over for signing.

How To articles about CAdES

Discuss this help topic in SecureBlackbox Forum