Freigeben über

Visual Basic Source: getVerifyingCert.frm

  • Artikel

 

[This sample code uses features that were implemented in MSXML 5.0 for Microsoft Office Applications. XML digital signatures are not supported in MXSML 6.0 and later.]

' Be sure to select "CAPICOM v2.0 Type Library"
' and "Microsoft XML v5.0" options from the
' "Project->References..." menu item in
' Visual Studio.
'
Dim xmldoc As New DOMDocument50
Dim xmldsig As New MXDigitalSignature50
Dim dsigKey As IXMLDSigKey
Dim dataObj As IXMLDOMNode
Dim infile, provType, keyContainer

Const DSIGNS = "xmlns:ds='http://www.w3.org/2000/09/xmldsig#'"

Private Function WriteLine(ByVal str As String)
    Text1.Text = Text1.Text + str + vbNewLine
End Function
Private Function writeClear()
    Text1.Text = ""
End Function

Private Function LoadXML(ByVal file As String)
    ' Read input xml file and display the content in the Text1.
    Path = App.Path + "\" + file
    xmldoc.async = False
    xmldoc.preserveWhiteSpace = True
    xmldoc.validateOnParse = False
    xmldoc.resolveExternals = False
    If xmldoc.Load(Path) = False Then
        WriteLine "Can't load " + Path
        WriteLine "Reason: " + xmldoc.parseError.reason
        LoadXML = False
        Exit Function
    End If
    xmldoc.setProperty "SelectionNamespaces", DSIGNS
    Set xmldsig.signature = xmldoc.selectSingleNode(".//ds:Signature")
    LoadXML = True
End Function


Private Sub Form_Load()

    'Resize the text box to the size of the form
    Text1.Top = 100
    Text1.Left = 100
    Text1.Width = Form1.Width - 350
    Text1.Height = Form1.Height - 750
    infile = "signature_signed.rsa.cert.xml"
    writeClear
    wki = CERTIFICATES
    
    If LoadXML(infile) = True Then
        WriteLine "Verifying " & infile & "..."
        VerifyXML wki
    End If
    
End Sub

Private Sub Form_Resize()
    'Resize the text box to the size of the form
    Text1.Width = Form1.Width - 350
    Text1.Height = Form1.Height - 750
End Sub

Private Sub VerifyXML(fWriteKeyInfo)
    Dim xpath As String
    Dim oKeyNode As IXMLDOMNode
    Dim oKey As IXMLDSigKey
    Dim oKeyOut As IXMLDSigKey
    
    
    If xmldsig.signature Is Nothing Then
        WriteLine "Invalid signature "
        Exit Sub
    End If
    
    xpath = ""
    If fWriteKeyInfo = CERTIFICATES Then
        xpath = ".//ds:KeyInfo/ds:X509Data"
    Else
        If fwWriteKeyInfo = KEYVALUE Then
            xpath = "./ds:KeyInfo/ds:KeyValue"
        End If
    End If
    
    Set oKeyNode = xmldoc.selectSingleNode(xpath)
    If oKeyNode Is Nothing Then
        WriteLine "Invalid key from signature doc."
        Exit Sub
    End If
    
    Set oKey = xmldsig.createKeyFromNode(oKeyNode)
    If oKey Is Nothing Then
        WriteLine "Failed to create key from node."
        Exit Sub
    End If
    
    Set oKeyOut = xmldsig.verify(oKey)
    If oKeyOut Is Nothing Then
        WriteLine "Signature not verified."
        Exit Sub
    End If
    
    WriteLine vbNewLine
    WriteLine "Signature verified on the data"
    WriteLine vbNewLine
    
    If fWriteKeyInfo = CERTIFICATES Then
        If IsCertificateValid(oKeyOut) = True Then
            WriteLine "Certificate used is valid."
        End If
    End If
End Sub

Function IsCertificateValid(ByVal oKey As IXMLDSigKey) As Boolean
    Dim oCert As ICertificate
    Dim oChain As New Chain
    Dim status As Boolean
    
    If oKey Is Nothing Then
        WriteLine "invalid key object."
        IsCertificateValid = False
        Return
    End If
    
    ' Retrieve the certificate from the key that has
    ' been used to verify a signature.
    Set oCert = oKey.getVerifyingCertificate
    If oCert Is Nothing Then
        WriteLine "invalid verifying certificate"
        IsCertificateValid = False
        Return
    End If
    
    ' Build a trust chain starting from oCert.
    status = oChain.Build(oCert)
    If status = False Then
        WriteLine "borken trust chain. error = " & status
        IsCertificateValid = False
        Exit Function
    End If
    
    ' Walk through the trust chain.
    WriteLine "Examining certificate chain:"
    i = 1
    For Each oCert In oChain.CERTIFICATES
        WriteLine "  Certificate No. " & i & ":"
        WriteLine "      subjecyt:  " & oCert.SubjectName
        WriteLine "      issuer:    " & oCert.IssuerName
        WriteLine vbNewLine
        i = i + 1
    Next
    
    ' Examine the root certificate in the chain.
    Set oCert = oChain.CERTIFICATES.Item(oChain.CERTIFICATES.Count)
    WriteLine "Display the Root Certificate:"
    WriteLine "  subject:  " & oCert.SubjectName
    WriteLine "  issuer:   " & oCert.IssuerName
    WriteLine vbNewLine
    
    IsCertificateValid = True
End Function

Try It!

  1. Ensure that you have completed all the procedures in Getting Started with XML Digital Signatures.

  2. Copy the XML signature template from Resource Files and paste it into a text file. Save the file as signature_signed.rsa.cert.xml.

  3. Create a Standard EXE project in Visual Basic. Save the empty project as getVerifyingCert.vbp to the same directory where you saved signature_signed.rsa.cert.xml. Name the form file getVerifyingCert.frm.

  4. Create a reference to MSXML 5.0 for Microsoft Office Applications. To do this, select References... from the Project menu, then check the boxes for Microsoft XML, v5.0 and CAPICOM v2.0 Type Library.

  5. Double click on the TextBox icon from the tools menu. A TextBox control will appear on the project's form named "Text1". Select the Text1 control and and in the Properties window, modify the following settings: select "2 - Vertical" as the value for the ScrollBars property and set the value of the MultiLine property to True.

  6. Copy the Visual Basic code listing above, and paste it into the Visual Basic code editor to replace whatever code is already there.

  7. Execute the code by selecting Start from the Run menu.

  8. Verify that your output is similar to that listed in the Output topic.