Microsoft XML Core Services (MSXML) 5.0 for Microsoft Office - Digital Signatures

store Property

[This feature was first implemented for MSXML 5.0.]

This read/write property makes a certificate store available for use in an XML application. The certificate store is a CAPICOM 2.0 object of the Store class.

JScript Syntax

var objCertStore = objXMLDigitalSignature.store;
objXMLDigitalSignature.store = objCertStore;
[Visual Basic]

Visual Basic Syntax

Set objCertStore = objXMLDigitalSignature.store
Set objXMLDigitalSignature.store = objCertStore
[C/C++]

C/C++ Syntax Using Smart Pointers

IUnknownPtr objCertStore = objXMLDigitalSignature.store;
objXMLDigitalSignature.store = objCertStore;

C/C++ Syntax

HRESULT get_store (IUnknown** objCertStore);
HRESULT putref_store (IUnknown* objCertStore);

Parameters

objCertStore
A certificate store object created as a CAPICOM 2.0 object of the Store class.

Return Values

S_OK
Getting or setting the store object succeeded.
E_FAIL
Getting or setting the store object failed. The objCertStore parameter returns NULL.

Remarks

You can only set the store property if the CERTIFICATES flag has been passed via the fWriteKeyInfo parameter during the sign method call. If this flag has been passed, and the signature property has been set, an application can then set the store property to specify the certificate store to use. From this store, certificates are retrieved and written to the <ds:KeyInfo> element in the signed signature.

You might want your application to verify the authenticity of the certificate used to sign or verify. To do this, you can use the store property to obtain the certificate store, enumerate the certificates there, and build a certificate chain to see if the certificate used can be trusted.

To create the CAPICOM 2.0 Store object, use the following ProgID:

"CAPICOM 2.0 Store"

For more information, see the following example.

Example

This example illustrates the effect of setting the store property on an IXMLDigitalSignature object. When a signature is signed without setting this property and the CERTIFICATES flag is set in the call to the sign method, the resultant signature document contains the certificate of the key used in sign. However, when the signature is signed after this property is set to the certificate store, the resultant signature document contains all the certificates in the store, in addition to the certificate of the key used in sign.

In this example, the certificate store has three certificates. So the signed signature document contains four <ds:Certificate> entries, two of which are identical.

The example uses a resource file, signature_template.store.rsa.xml. We've provided source files for the sample in three languages: JScript, Visual Basic, and C++. The output is the same from each language.

Applies To

IXMLDigitalSignature

Versioning

MSXML 5.0 and later

To view reference information for Visual Basic, C/C++, or Script only, click the Language Filter button Language Filter in the upper-left corner of the page.

See Also

IXMLDigitalSignatureEx | sign Method | verify Method