EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How do I add custom data to a XML Signature?

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
Posted: 02/18/2014 06:41:55
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155


I want to add custom data inside a XML Signature, i suppose i need XAdES instead of just XMLDSig, but, how to do it? I thought it should be in XAdESSigner.QualifyingProperties.SignedProperties, but how can i create a new property and add data to it? the data i must add is binary, so... should i convert it first into Base64?.

Any tips please? :)
Posted: 02/18/2014 06:50:21
by Eugene Mayevski (EldoS Corp.)

Can you please show the example of what you want to achieve? That will be more productive than guessing.

Sincerely yours
Eugene Mayevski
Posted: 02/18/2014 07:01:35
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

Sure!, i've got biometrical data that should be binded to a XML signature.

At the moment, i'm doing the same in PDF, using PAdES and ExtraSpace:

procedure BeforeSignPades(Sender: TObject;CMS : TElSignedCMSMessage);
with CMS.Signatures[CMS.SignatureCount-1].CustomSignedAttributes do

(and on the verifying side, i'm getting that CustomSignedAttribute also)

What i must accomplish is the same using XAdES instead of PAdES, so i suppose i should create a new "signed attribute" in XAdES and put the data there, but don't know how to translate this to XAdES.
Posted: 02/18/2014 07:18:41
by Eugene Mayevski (EldoS Corp.)

Please show the sample of the resulting XML. Whatever you do is useless if the reader of the data doesn't understand it. So you must format the data in the way that will be understood by the reader. So what this format is?

Sincerely yours
Eugene Mayevski
Posted: 02/18/2014 07:40:56
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

whatever, base64 for example or whatever best/easiest encoding and format schema. We have the verifier of the biometrical data, so we'll implement it... i thought about just a "Attribute Name" and "Attribute Data", and in the data i put the base64 of the (ALREADY) binary-encoded biometrical data.

so... as we have both signer and verifier, no problem about reader involved, and we still not have made the signer side :), i can only show you a tipical XAdES-XL xml enveloped signature without this new signed atributes/nodes.

Thanks Eugene
Posted: 02/18/2014 14:12:21
by Dmytro Bogatskyy (EldoS Corp.)


As far as I know, XAdES scheme doesn't allow a custom elements inside SignedProperties element or inside its childs SignedSignatureProperties and SignedDataObjectProperties elements.
The standard way to add custom data into the signature, would be to create a custom ds:Object element with your content and create additional reference that point to this object, so the object would be signed.
Sample code to add a reference for this object:
Signer.UpdateReferencesDigest; // as reference points inside the signature, it should be added after digest update
Ref := TElXMLReference.Create;
Ref.URI := '#objectId1'; // object id

Sample code to create a “ds:Object” element with a custom “Data” element that contains a text:
// Generating signature structure

Obj : TElXMLObject := TElXMLObject.Create();
ObjEl : TElXMLDOMElement := XMLDocument.CreateElement(‘Data’);
ObjEl.TextContent := 'text/base64 data'
Obj.ID := 'objectId1';
Obj.MimeType := 'text/xml';
Posted: 02/19/2014 03:53:22
by Santiago Castaño (Standard support level)
Joined: 04/16/2006
Posts: 155

This works perfectly for me, thank you very much for the tip!! :), exactly what i was looking for
Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages



Topic viewed 4035 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!