[This feature was implemented for MSXML 5.0 for Microsoft Office Applications. XML digital signatures are not supported in MXSML 6.0 and later.]

The IXMLDigitalSignature interface supports the following properties and methods to allow application developers to sign XML documents or verify signatures.

signatureThis read/write property allows you to get or set a signature template or object to be processed by the IXMLDigitalSignature object.
storeThis read/write property allows you to get or set a certificate store object.
createKeyFromCSPRetrieves a key handle from a key container within a specified cryptographic service provider (CSP). This key handle is used to access the private key used for signing or the public key for signature verification.
createKeyFromHMACSecretExtracts and returns a key handle from a base-64 encoded secret value used in the HMAC algorithm. This key handle is used to access a key that can be used for both signing and signature verification.
createKeyFromNodeCreates and returns a key handle based on the information contained in the <ds:KeyInfo> element and its descendant elements (<ds:KeyInfo> is a child of a <ds:Signature> element). The key handle is used to access the key that is used for signature verification.
createSAXProxyCreates and returns a SAX proxy object. The setReferenceData method uses this object to assign a SAX stream as the new data source of the signature object or template.
setReferenceDataAssigns a new data source to a specified <ds:Reference> element in a signature object.
signSigns data referenced in a <ds:Signature> element.
verifyVerifies the signature of data referenced in the <ds:Signature> element.


Using the IXMLDigitalSignature interface typically involves the following tasks.

  1. Create an XML DOM object, and load it with a digital signature as represented by a <ds:Signature> element belonging to the http://www.w3.org/2000/09/xmldsig# namespace.

  2. Create an IXMLDigitalSignature object, and assign the XML DOM object to its signature property.

  3. Optionally call setReferenceData, and possibly createSAXProxy, to set or replace the data source referenced in the signature object.

  4. Create a cryptographic key using one of the key creation methods. See XML Digital Signature Methods for more information.

  5. Call sign or verify on the IXMLDigitalSignature object to process the signature on the XML document or fragment.

  6. Optionally call setReferenceData to assign a different data source on the signature object, and repeat Step 5 to sign or verify the new data with the existing signature information.

The implementation of the IXMLDigitalSignature interface conforms to the XML-Signature Syntax and Processing W3C Recommendation 12 February 2002.

Implementation: msxml5.dll

Header and IDL files: msxml2.h, msxml2.idl

Version-Dependent ProgID: Msxml2.MXDigitalSignature.5.0

Version-Dependent CLSID: 88d969e5-f192-11d4-a65f-0040963251e5, "MXDigitalSignature50"

MSXML 5.0 for Microsoft Office Applications and later