Microsoft XML Core Services (MSXML) 5.0 for Microsoft Office - Digital Signatures

JScript Source: createSAXProxy.js

var xmldoc, xmldsig, saxProxy, saxReader, fileSys; 
var infile, dataID, dataSrc;

NOKEYINFO = 0;
KEYVALUE  = 1;
CERTIFICATES = 2;
PURGE     = 4;

DSIGNS = "xmlns:ds='http://www.w3.org/2000/09/xmldsig#'";
PROV_RSA_FULL = 1;
//// Change this key container name to your own if necessary.
RSA_KEY = "MyRSAFullKeys";
csp = PROV_RSA_FULL;
key = RSA_KEY;
infile = "signature_template.rsa.xml";
dataID = "#objData";

if (InitXML()) 
{
  if (LoadXML(infile)) {
    //// Sign the data embedded in the signature template.
    dataSrc = null;
    alert("Signing data referenced in signature...\n");
    SignXML(dataID, dataSrc);

    //// Sign the XML data of test.xml with the help of
    //// a SAX proxy object.
    dataSrc = fileSys.GetAbsolutePathName("test.xml");
    alert("\nSigning "+dataSrc+" fed through SAX Proxy...\n");
    LoadXML(infile);
    SignXML(dataID, dataSrc);
  }
}

/////////  Helper functions: /////////
function alert(str) { WScript.echo(str); } 

///////// Set signature for signing. ////////
function InitXML()
{
   try {
     xmldoc = new ActiveXObject("Msxml2.DOMDOcument.5.0");
     xmldsig= new ActiveXObject("Msxml2.MXDigitalSignature.5.0");
    fileSys = new ActiveXObject("Scripting.FileSystemObject");
   }
   catch (e) {
     alert("Installation of mxsml5 is required to run this app.\n");
     return false;
   }
   
   xmldoc.async = false;
   xmldoc.preserveWhiteSpace = true;
   xmldoc.validateOnParse = false;
   xmldoc.resolveExternals = false;

   return true;
}

function LoadXML(file)
{
   if (xmldoc == null) {
     alert("must instantiate xml dom\n");
     return false;
   }
  
   if (!xmldoc.load(file)) {
     alert("Can't load "+ file + "\n");
     return false;
   }
   xmldoc.setProperty("SelectionNamespaces", DSIGNS);
   xmldsig.signature = xmldoc.selectSingleNode(".//ds:Signature");

   return true;
}

function SignXML(dataID, srcUrl)
{
   var saxReader = null;

   if (!xmldsig.signature) 
   {
      alert("Invalid signature template\n");
      return false;
   }

   if (!dataID || dataID=="") {
      alert("Invalid reference ID\n");
   return false;
   }

   // For a non-empty srcUrl, create a SAXReader object and 
   // connect it to a SAXProxy object as its contentHandler, 
   // so that the data fed through a SAX stream from srcUrl
   // is used in signing.
   if (srcUrl && srcUrl != "") {
      try {
    saxReader = new ActiveXObject("Msxml2.SAXXMLReader.5.0");
      }
      catch (e) {
    alert("Invalid SAXReader: "+e.description+"\n");
    return false;
      }
      saxProxy = xmldsig.createSAXProxy();
      if (saxProxy == null) {
         alert("Failed to create SAX proxy.\n");
         return false;
      }
      try {
         saxReader.contentHandler = saxProxy;
         xmldsig.setReferenceData(dataID, saxProxy);
         saxReader.parseURL(srcUrl);  
      }
      catch (e) {
         alert("Using SAX Proxy: " + e.description+"\n");
      }
   }

   var oKey = xmldsig.createKeyFromCSP(csp, "", key, 0);
   if (!oKey)
   {
      alert("Invalid key.\n");
      return false;
   }

   //// Sign the data and purge key info from the resultant
   //// signature file, because the key info will be the same 
   //// for both data sets and omitting them makes the output 
   //// shorter and more clear.
   var oSignedKey = xmldsig.sign(oKey,PURGE);
   if (!oSignedKey) 
   {
      alert("sign failed.\n");
      return false;
   }

   alert("Signing was successful.\n"+
         "Resultant signature:\n\n"+
         xmldoc.xml + "\n");
   return true;
}

Try It!

  1. Ensure that you have completed all the procedures in Getting Started with XML Digital Signatures.
  2. Copy the XML signature file from Resource Files (signature_template.rsa.xml and test.xml), and paste it into a text file. Save the file as signature_template.rsa.xml.
  3. Copy the XML data file from Resource Files, and paste it into a text file. Save the file as test.xml, in the same directory where you saved signature_template.rsa.xml.
  4. Copy the JScript listing above, and paste it into a text file. Save the file as createSAXProxy.js, in the same directory where you saved signature_template.rsa.xml and test.xml.
  5. From a command prompt, navigate to this directory, then type "cscript createSAXProxy.js".
    Note   Under operating systems other than Windows 2000 or Windows XP, you might need to install Windows Scripting Host (to run wscript.exe or cscript.exe), if it is not already installed.
  6. Verify that your output is similar to that listed in the Output topic.