eSeGeCe
software
sgcSign XAdES / PAdES / CAdES for Delphi
Digital signatures are no longer a niche requirement. From VeriFactu and TicketBAI in Spain to FatturaPA in Italy, KSeF in Poland, Factur-X in France/Germany and myDATA in Greece, European governments now mandate cryptographically signed electronic invoices and tax documents. Building a compliant signing pipeline from scratch means wrestling with XML canonicalization, ETSI standards, timestamping, OCSP, certificate chains, HSM integration and a different set of rules for every country.
Today we are releasing sgcSign, a brand-new product from eSeGeCe that turns all of this into three lines of Pascal. sgcSign is a production-ready digital signature library for Delphi 7 through Delphi 13 and C++Builder, implementing XAdES, PAdES, CAdES and XMLDSig, and shipping with pre-configured profiles for 12 European tax authorities.
To celebrate the launch, every sgcSign license is 50% off during the launch period — see the pricing section below, or download the free trial and try it today.
What is sgcSign?
sgcSign is a native VCL/FMX component library that adds a complete digital signature and verification pipeline to any Delphi or C++Builder application. A single, consistent API lets your code:
|
Sign Produce legally valid XAdES, PAdES, CAdES and XMLDSig signatures with full ETSI compliance. Embed timestamps, OCSP responses and signed properties automatically. |
Verify Validate any signed document end-to-end: digest check, RSA/ECDSA signature, certificate chain, revocation status (OCSP/CRL) and XAdES/PAdES property validation. |
Under the hood, sgcSign handles the hard parts — XML canonicalization (C14N 1.0 and Exclusive C14N), incremental PDF updates, CMS/PKCS#7 structures, RFC 3161 timestamping, and every edge case of the ETSI EN 319 132 and EN 319 142 standards — so your code stays short and your output stays valid.
How sgcSign Works
The signing model is deliberately simple. You connect a key provider (where the private key lives), pick a profile (which standard and country rules to apply), and call Sign.
1. Load a Key Provider — Choose where your signing key lives: Windows Certificate Store, PFX/PKCS#12, PEM, PKCS#11 hardware token, Azure Trusted Signing, AWS KMS, Google Cloud KMS, HashiCorp Vault, Certum SimplySign or a self-signed certificate for development.
2. Select a Profile — Pick the ready-made profile that matches your use case (e.g. spVeriFactu, spFatturaPA, spFacturX). The profile sets the correct algorithm, canonicalization, reference transforms and signed properties required by the tax authority.
3. Sign — Call SignFile or SignXML. sgcSign canonicalizes the data, computes digests, builds the signed-properties block, signs with your private key, applies an optional RFC 3161 timestamp and embeds the result. The output is a ready-to-submit XML, PDF or CMS file.
4. Verify — Call VerifyFile on any document you receive. sgcSign walks the signature chain, validates digests, checks the certificate against issuer trust anchors, queries OCSP, and reports exactly which step passed or failed.
Signing a VeriFactu invoice in Delphi looks like this:
var
vSign: TsgcSign;
begin
vSign := TsgcSign.Create(nil);
vSign.Certificate.LoadFromPFX('cert.pfx', 'password');
vSign.Profile := spVeriFactu;
vSign.SignFile('invoice.xml', 'signed.xml');
// Verify the signed document
if vSign.VerifyFile('signed.xml') then
ShowMessage('Signature is valid');
end;Drop the TsgcSign component on your form, configure a couple of properties at design-time, and your VCL or FMX application is ready to sign.
Supported IDEs and Platforms
| Delphi | Delphi 7 through Delphi 13 (Athens). Runtime and design-time packages for every version. |
| C++Builder | C++Builder 2007 through C++Builder 13. Full HPP headers shipped with the library. |
| Frameworks | VCL and FireMonkey (FMX). Drop the component onto a form or instantiate it from non-visual code. |
| Platforms | Win32, Win64, macOS, Linux64, iOS and Android — wherever Delphi and C++Builder compile. |
Key Features
|
XAdES Signatures Full ETSI EN 319 132-1. Enveloped, detached and enveloping modes. Levels B-B, B-T, B-LT and B-LTA. |
PAdES PDF Signatures Sign PDFs with PAdES-Basic incremental updates. Original bytes preserved. Reason, location and signer name metadata supported. |
CAdES CMS Signatures CMS/PKCS#7 for any binary payload. CAdES-BES, CAdES-T (timestamp) and CAdES-XL (long-term) levels. |
|
XMLDSig Core Plain W3C XML Digital Signatures for non-XAdES use cases. Enveloped, detached and enveloping modes. |
Canonicalization C14N 1.0 and Exclusive C14N implemented in native Pascal. Deterministic digests on every target platform. |
RFC 3161 Timestamping Attach trusted timestamps from any TSA authority to upgrade signatures to B-T / CAdES-T levels automatically. |
|
OCSP & Chain Validation Full verification pipeline: digest, signature, certificate validity period, issuer chain, and real-time OCSP revocation checks. |
10 Key Providers Windows Cert Store, PFX, PEM, PKCS#11, Azure Trusted Signing, AWS KMS, GCP KMS, HashiCorp Vault, Certum SimplySign, Self-Signed. |
12 Country Profiles Pre-configured compliance profiles for ES, IT, PT, PL, FR/DE, RO, HU, HR, BE and GR tax authorities. No manual tuning. |
Built-in Compliance for 12 European Tax Authorities
Each profile encapsulates the exact algorithm, canonicalization, namespace and signed-property requirements defined by the corresponding authority. Switch country by changing a single line of code.
| Country | System | Format | Level |
|---|---|---|---|
| Spain | VeriFactu | XAdES-EPES | B-B |
| Spain | TicketBAI | XAdES-EPES | B-B |
| Spain | Facturae B2B | XAdES-EPES | B-T |
| Italy | FatturaPA | XAdES-BES | B-B |
| Portugal | SAF-T PT | RSA-SHA256 | B-B |
| Poland | KSeF | XAdES | B-T |
| France / Germany | Factur-X / ZUGFeRD | XAdES | B-B |
| Romania | e-Factura (ANAF) | XAdES | B-T |
| Hungary | NAV Online | XML-DSig | B-B |
| Croatia | Fiskalizacija | XML-DSig | B-B |
| Belgium | Peppol | XAdES | B-T |
| Greece | myDATA (AADE) | XAdES | B-B |
Why Choose sgcSign
Time-to-compliance, not time-to-spec — The profiles map directly to each tax authority's technical specification. You do not need to read 200-page ETSI PDFs to produce a valid VeriFactu or FatturaPA invoice.
Native Pascal, no external binaries — All canonicalization, signing and verification logic is written in pure Object Pascal. No OpenSSL DLL dependency for the core pipeline, no P/Invoke surprises, clean deployment.
Delphi 7 to Delphi 13 — Every version supported, from legacy Delphi 7 codebases to the latest Athens release. C++Builder from 2007 to C++Builder 13. Upgrade your IDE without rewriting your signing layer.
No HSM lock-in — Ten key providers, covering file-based keys, system stores, hardware tokens and the four major cloud HSM services. Switch providers with a configuration change, not a rewrite.
Production verification — Every signing operation is paired with a verifier that walks the full chain including OCSP. Catch bad signatures in staging, not in a rejection email from the tax authority.
Royalty-free distribution — Ship your compiled application without runtime fees or per-signature charges. One license, unlimited signing.
Backed by eSeGeCe — 15+ years of shipping production Delphi and C++Builder networking libraries. Direct email support from the authors, not a ticket queue.
Launch Offer: 50% Off Every License
To celebrate the public release, every sgcSign license is 50% off the regular price. The discount applies to all three tiers and includes one year of updates plus full source code.
| Plan | Developers | Regular | Launch (50% off) |
|---|---|---|---|
| sgcSign Single | 1 developer | €299 | €149.50 |
| sgcSign Team | 2 developers | €449 | €224.50 |
| sgcSign Site | All developers in the company | €749 | €374.50 |
Every plan includes XAdES, PAdES and CAdES signing, signature verification, full source code and one year of updates. No per-signature fees, no runtime royalties.
Order online at esegece.com/products/sgcsign/sgcsign-order.
Try It Today
Download the free trial, run one of the built-in demos for your country (VeriFactu, TicketBAI, Facturae, FatturaPA, KSeF, Factur-X, e-Factura, NAV Online, Fiskalizacija, myDATA, Peppol, SAF-T PT), and see a fully valid signed document produced from your Delphi or C++Builder IDE in under five minutes.
Questions, quotes or custom-profile requests? Write to This email address is being protected from spambots. You need JavaScript enabled to view it. and you will get a reply from the people who wrote the code.
When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.
