Microsoft XML Core Services (MSXML) 5.0 for Microsoft Office - Digital Signatures

JScript Source: setRef.js

var xmldoc, xmldsig, infile, outfile;
var szResult = "";

NOKEYINFO = 0;
KEYVALUE  = 1;
CERTIFICATES = 2;
PURGE     = 4;

DSIGNS = "xmlns:ds='http://www.w3.org/2000/09/xmldsig#'";
PROV_RSA_FULL = 1;
//Change this key container name to your own if necessary.
RSA_KEY = "MyRSAFullKeys";
csp = PROV_RSA_FULL;
key = RSA_KEY;
infile = "signature_template.setRef.rsa.xml";
outfile1 = "signature.setRef.rsa.obj1.xml";
outfile2 = "signature.setRef.rsa.obj2.xml";


if (InitXML()) 
{
  alert("Attempting to sign the object of 'obj1'.\n");
  outfile = outfile1;
  if (LoadXML(infile)) {
    SignXML("obj1");
  }

  if (LoadXML(outfile)) {
    VerifyXML("obj1");
  }

  alert("\n");
  alert("Attempting to sign the object of 'obj2'.\n");
  outfile = outfile2;
  if (LoadXML(infile)) {
    SignXML("obj2");
  }

  if (LoadXML(outfile)) {
    VerifyXML("obj2");
  }
}

/////////  Helper functions: /////////
function alert(str) { WScript.echo(str); } 

///////// Set signature for signing. ////////
function InitXML()
{
   try {
     xmldoc = new ActiveXObject("Msxml2.DOMDOcument.5.0");
     xmldsig= new ActiveXObject("Msxml2.MXDigitalSignature.5.0");
   }
   catch (e) {
     alert("Installation of mxsml5 is required to run this app.\n");
     return false;
   }
   
   xmldoc.async = false;
   xmldoc.preserveWhiteSpace = true;
   xmldoc.validateOnParse = false;
   xmldoc.resolveExternals = false;
   return true;
}

function LoadXML(file)
{
   if (xmldoc == null) {
     alert("must instantiate xml dom\n");
     return false;
   }
  
   if (!xmldoc.load(file)) {
     alert("Can't load "+ file + "\n");
     return false;
   }
   xmldoc.setProperty("SelectionNamespaces", DSIGNS);
   xmldsig.signature = xmldoc.selectSingleNode(".//ds:Signature");
   return true;
}

function SignXML(objID)
{
   if (!xmldsig.signature) 
   {
      alert("Invalid signature template\n");
      return false;
   }

   var oKey = xmldsig.createKeyFromCSP(csp, "", key, 0);
   if (!oKey)
   {
      alert("Invalid key.\n");
      return false;
   }

   xpath = ".//ds:Object[@Id='"+objID+"']";
   dataObj = xmldoc.selectSingleNode(xpath);
   xmldsig.setReferenceData("#obj2", dataObj);

   var oSignedKey = xmldsig.sign(oKey,KEYVALUE);
   if (!oSignedKey) 
   {
      alert("sign failed.\n");
      return false;
   }

   xmldoc.save(outfile);

   alert("The specified data was signed successfully.\n"+
         "Resultant signature:\n\n"+
         xmldoc.xml + "\n");
   return true;
}

function VerifyXML(objID)
{
   if (!xmldsig.signature) {
      alert("Invalid signature.\n");
      return false;
   }

   var oKeyInfo = xmldoc.selectSingleNode(".//ds:KeyInfo/ds:KeyValue");
   if (!oKeyInfo) {
      alert("Invalid <KeyInfo> element.\n");
      return false;
   }

   var oKey = xmldsig.createKeyFromNode(oKeyInfo);
   if (!oKey)
   {
      alert("Failed to create key from <KeyInfo>\n");
      return false;
   }

   xpath = ".//ds:Object[@Id='"+objID+"']";
   dataObj = xmldoc.selectSingleNode(xpath);
   xmldsig.setReferenceData("#obj2", dataObj);

   var oVerifiedKey = xmldsig.verify(oKey); 
   if (oVerifiedKey == null) {
      alert("Signature not verified.\n");
   }

   alert("Signature verified on the data.\n");
   return true;
}

Try It!

  1. Ensure that you have completed all the procedures in Getting Started with XML Digital Signatures.
  2. Copy the XML signature template from Resource: (signature_template.setRef.rsa.xml, and paste it into a text editor. Save the file as signature_template.setRef.rsa.xml.
  3. Copy the JScript listing above, and paste it into a text editor. Save it into a file as setRef.js, in the same directory where you saved signature_template.setRef.rsa.xml.
  4. From a command prompt, navigate to this directory, then type "cscript setRef.js".
    Note   Under operating systems other than Windows 2000 or Windows XP, you might need to install Windows Scripting Host (to run cscript.exe), if it is not already installed.
  5. Verify that your output is similar to that listed in the Output topic.