EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Implementing XAdES signing of data using SecureBlackbox (page 1)

First | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | Last | All

Working with XAdES

An XAdES (XML Advanced Electronic Signatures) is built upon XML-DSig (XML Digital Signatures) by adding additional information qualifying the signature and the signed data. This qualifying information is arranged in so called “qualifying properties” which are added to the signature as data object. “Qualifying properties“ consist from signed and unsigned properties.

SecureBlackbox has a following components to manage XML-DSig and XAdES signatures: TElXMLSigner and TElXMLVerifier components are capable of creating and verifying XML-DSig signature. TElXAdESSigner and TElXAdESVerifier components are capable for creating, extending and verifying XAdES info. They are used together with TElXMLSigner or TElXMLVerifier components.

XAdES components support all XAdES versions: 1.1.1, 1.2.2, 1.3.2, 1.4.1 (aka 1.4.2), and all XAdES forms: XAdES. XAdES-BES. -EPES, -T, -C, -X, -X-L. -A. They can also extend XAdES signature of a "lower" form (e.g. XAdES-EPES) to an "upper" form (e.g. XAdES-A).

Below you will find the code snippets that illustrate how to create and extend general XAdES signature and a collection of code snippets that illustrate creating/extending each XAdES form.

Creating XAdES signature

This sample shows creation of enveloped XML-DSig signature with XAdES info, though the same components can be used to sign any type of data. XML-DSig signature may be detached from or attached to signed data, may be enveloping (when it contains the signed data within itself) or enveloped (when it comprises a part of the document containing the signed data).

[Delphi]

// Creating an instance of XML-DSig signer.
Signer := TElXMLSigner.Create(nil);
// Creating an instance of XAdES signer.
XAdESSigner := TElXAdESSigner.Create(nil);
// Setup XAdES processor
Signer.XAdESProcessor := XAdESSigner;
try
  // adding a references. For example, adding a reference for a document element.
  Ref := TElXMLReference.Create();
  Ref.TransformChain.Add(TElXMLEnvelopedSignatureTransform.Create);
  Ref.URI := '';
  Ref.URINode := XMLDocument.DocumentElement;
  Signer.References.Add(Ref);

  // Setup Signer options.
  // For example, using default ones: enveloped signature, RSA-SHA1 signature method and etc.

  // Setup signer key data
  Signer.KeyData := X509Data;

  // calculate digest value for references
  Signer.UpdateReferencesDigest();

  // Filling XAdES info
  // Setting XAdES version
  XAdESSigner.XAdESVersion := XAdES_v1_4_1;

  // Place a code to setup Signed properties and Timestamp client
  // [XAdES PLACE #1]

  // Generating XAdES structure, specify desired XAdES form as parameter
  XAdESSigner.Generate(XAdES_BES);

  // Generating signature structure
  Signer.GenerateSignature();

  // Selecting a target node for the signature
  SigNode := XMLDocument.DocumentElement;
  // Signing and saving signature
  Signer.Save(SigNode);

  // Place a code to extend XAdES form immediately after signing. 
  // Used, for example, if you want to specify own revocation info not auto collected one.
  // [XAdES PLACE #2]

finally
  FreeAndNil(Signer);
  FreeAndNil(XAdESSigner);
end;

[C#]

// Creating an instance of XML-DSig signer.
TElXMLSigner Signer = new TElXMLSigner();
// Creating an instance of XAdES signer.
TElXAdESSigner XAdESSigner = new TElXAdESSigner();
// Setup XAdES processor
Signer.XAdESProcessor = XAdESSigner;
try
{
  // adding a references. For example, adding a reference for a document element.
  TElXMLReference Ref = new TElXMLReference();
  Ref.TransformChain.Add(new TElXMLEnvelopedSignatureTransform());
  Ref.URI = "";
  Ref.URINode = XMLDocument.DocumentElement;
  Signer.References.Add(Ref);

  // Setup Signer options. 
  // For example, using default ones: enveloped signature, RSA-SHA1 signature method and etc.

  // Setup signer key data
  Signer.KeyData = X509Data;

  // calculate digest value for references
  Signer.UpdateReferencesDigest();

  // Filling XAdES info
  // Setting XAdES version
  XAdESSigner.XAdESVersion = SBXMLAdES.Unit.XAdES_v1_4_1;

  // Place a code to setup Signed properties and Timestamp client
  // [XAdES PLACE #1]

  // Generating XAdES structure, specify desired XAdES form as parameter
  XAdESSigner.Generate(SBXMLAdES.Unit.XAdES_BES);

  // Generating signature structure
  Signer.GenerateSignature();

  // Selecting a target node for the signature
  TElXMLDOMNode SigNode = XMLDocument.DocumentElement;
  // Signing and saving signature
  Signer.Save(ref SigNode);

  // Place a code to extend XAdES form immediately after signing.
  // Used, for example, if you want to specify own revocation info not auto collected one.
  // [XAdES PLACE #2]
}
finally
{
  Signer.Dispose();
  XAdESSigner.Dispose();
}
First | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | Last | All

Return to the list

|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!