Discuss this help topic in SecureBlackbox Forum
XML: Upgrade to higher XAdES signature form
To upgrade a XAdES signature to a higher XAdES form you need to load a signature using TElXMLVerifier and TElXAdESVerifier classes first, then depending on the current XAdES form and the target XAdES form call the appropriate TElXAdESVerifier method to upgrade XAdES form.
For details please refer to this article ("Extending XAdES signature" section).
The sample code below upgrades XAdES-BES or XAdES-EPES forms to XAdES-T form, or adds additional signature timestamp for XAdES-T form:
C#:
void UpgradeToXAdES_T(TElXMLDOMElement SignatureElement, TElCustomTSPClient TSPClient)
{
TElXMLVerifier Verifier = new TElXMLVerifier(null);
TElXAdESVerifier XAdESVerifier = new TElXAdESVerifier(null);
try
{
Verifier.XAdESProcessor = XAdESVerifier;
Verifier.Load(SignatureElement);
// validate signature and references
// ...
// upgrade XAdES-BES or XAdES-EPES forms to XAdES-T form, or add additional signature timestamp for XAdES-T form
if (XAdESVerifier.IsEnabled && XAdESFormGreaterOrEqual(SBXMLXAdES.__Global.XAdES_T, XAdESVerifier.XAdESForm))
{
int k = XAdESVerifier.AddSignatureTimestamp(TSPClient);
if (k != 0)
throw new Exception("Failed to timestamp: " + k.ToString());
}
else
throw new Exception("XAdES form is greater than XAdES-T form or no XAdES info available");
}
finally
{
Verifier.Dispose();
XAdESVerifier.Dispose();
}
}
Delphi:
procedure UpgradeToXAdES_T(SignatureElement : TElXMLDOMElement; TSPClient : TElCustomTSPClient);
var
Verifier : TElXMLVerifier;
XAdESVerifier : TElXAdESVerifier;
k : Integer;
begin
Verifier := TElXMLVerifier.Create(nil);
XAdESVerifier := TElXAdESVerifier.Create(nil);
try
Verifier.XAdESProcessor := XAdESVerifier;
Verifier.Load(SignatureElement);
// validate signature and references
// ...
// upgrade XAdES-BES or XAdES-EPES forms to XAdES-T form,
// or add additional signature timestamp for XAdES-T form
if XAdESVerifier.IsEnabled and XAdESFormGreaterOrEqual(XAdES_T, XAdESVerifier.XAdESForm) then
begin
k := XAdESVerifier.AddSignatureTimestamp(TSPClient);
if k <> 0 then
raise Exception.Create('Failed to timestamp: ' + IntToStr(k));
end
else
raise Exception.Create('XAdES form is greater than XAdES-T form or no XAdES info available');
finally
FreeAndNil(Verifier);
FreeAndNil(XAdESVerifier);
end;
end;