Discuss this help topic in SecureBlackbox Forum

XML: Upgrade to higher XAdES signature form

To upgrade a XAdES signature to a higher XAdES form you need to load a signature using TElXMLVerifier and TElXAdESVerifier classes first, then depending on the current XAdES form and the target XAdES form call the appropriate TElXAdESVerifier method to upgrade XAdES form.

For details please refer to this article ("Extending XAdES signature" section).

The sample code below upgrades XAdES-BES or XAdES-EPES forms to XAdES-T form, or adds additional signature timestamp for XAdES-T form:

C#:


void UpgradeToXAdES_T(TElXMLDOMElement SignatureElement, TElCustomTSPClient TSPClient)
{
  TElXMLVerifier Verifier = new TElXMLVerifier(null);
  TElXAdESVerifier XAdESVerifier = new TElXAdESVerifier(null);

  try
  {
    Verifier.XAdESProcessor = XAdESVerifier;
    Verifier.Load(SignatureElement);

    // validate signature and references
    // ...

    // upgrade XAdES-BES or XAdES-EPES forms to XAdES-T form, or add additional signature timestamp for XAdES-T form
    if (XAdESVerifier.IsEnabled && XAdESFormGreaterOrEqual(SBXMLXAdES.__Global.XAdES_T, XAdESVerifier.XAdESForm))
    {
      int k = XAdESVerifier.AddSignatureTimestamp(TSPClient);
      if (k != 0)
        throw new Exception("Failed to timestamp: " + k.ToString());
    }
    else
      throw new Exception("XAdES form is greater than XAdES-T form or no XAdES info available");
  }
  finally
  {
    Verifier.Dispose();
    XAdESVerifier.Dispose();
  }
}
Delphi:

procedure UpgradeToXAdES_T(SignatureElement : TElXMLDOMElement; TSPClient : TElCustomTSPClient);
var
  Verifier : TElXMLVerifier;
  XAdESVerifier : TElXAdESVerifier;
  k : Integer;
begin
  Verifier := TElXMLVerifier.Create(nil);
  XAdESVerifier := TElXAdESVerifier.Create(nil);
  try
    Verifier.XAdESProcessor := XAdESVerifier;
    Verifier.Load(SignatureElement);

    // validate signature and references
    // ...

    // upgrade XAdES-BES or XAdES-EPES forms to XAdES-T form,
	// or add additional signature timestamp for XAdES-T form
    if XAdESVerifier.IsEnabled and XAdESFormGreaterOrEqual(XAdES_T, XAdESVerifier.XAdESForm) then
    begin
      k := XAdESVerifier.AddSignatureTimestamp(TSPClient);
      if k <> 0 then
        raise Exception.Create('Failed to timestamp: ' + IntToStr(k));
    end
    else
      raise Exception.Create('XAdES form is greater than XAdES-T form or no XAdES info available');

  finally
    FreeAndNil(Verifier);
    FreeAndNil(XAdESVerifier);
  end;
end;

How To articles about XML signing (XMLDSig and XAdES)

Discuss this help topic in SecureBlackbox Forum