Digitally Signing Data in InfoPath Forms [InfoPath 2003 SDK Documentation]
Applies to:
Microsoft Office InfoPath 2003 Service Pack 1
In the modern world, the development of business documents features and exchange needs proved that existing technologies related to deployment and security were not sufficient to provide users with a secure and flexible enough environment with the ability to protect valuable information exchanged through documents. The exchange of information as supported by current technologies revealed the need for features that can provide additional information about who created the document, and who, when, and how it was signed off for certain information provided by the document to future readers and contributors. This information can reveal how the document was modified during its lifetime and how people who saved the document can certify their own contributions.
Such needs could be achieved by ensuring the integrity of data, its authenticity and confidentiality, as well as strong support for non-repudiation provided for business documents.
The worldwide recognized method that can create such secure documents or secure data only for specific parts of documents to satisfy all these requirements is to use digital signatures to lock the tampering-sensitive information into a signed document. The digital signature will use a digital certificate to enable the encryption of the protected information.
Digital Signatures Defined
Digital signatures can be defined as an electronic, encryption-based, secure stamp of authentication on a macro or document. A valid digital signature confirms that the data originated from the signer and has not been altered since it was signed. When documents or certain data in the documents are signed, the signature is computed and added to the document. This way, the signatures will always travel with the signed data.
In order to sign their data, users need to request a certificate from a certificate authority, then use it to create digital signatures. The certificate authority will manage the lifecycle of the certificates and keys (public or private) needed to encrypt data and create the signature.
Future users of the document will have to verify existing signatures, and according to the result of the verification, they may add their own contribution and sign. For accurate verification results, the verifier needs to trust the certificate authority who issued the certificate used to sign.
XML digital signatures are designed for transactions that involve XML documents and data. The power of XML signatures stays in the ability to sign only specific data in an XML document.
Types of Digital Signatures in InfoPath Forms
Microsoft Office InfoPath 2003 Service Pack 1 implements digital signatures to secure data in InfoPath forms. Two types of digital signatures are featured in InfoPath: digital signatures that ensure the data integrity and authenticity of the form template (.xsn file), and digital signatures that ensure the integrity, authenticity, and support for non-repudiation related to data in XML forms. While the first category of signatures is targeting the packaged form template (.xsn file) as an entity, the second one will target the data in InfoPath XML form files (.xml files), being able to design and create digital signatures for the entire form or for parts of the form. There are fundamental differences between a signed template and a signed form. While this document will have some references to signed templates (as an alternate way to create a form that will run as fully trusted without running RegForm tool), it will not give a lot of details about this type of signing. The focus in this document will be on XML InfoPath signed forms. From now own, this document will call the signatures in XML InfoPath forms simply as "digital signatures."
Digital signatures created by InfoPath to sign data in forms follow W3C XML Digital Signatures Standard specifications.
Digital Signatures Features
InfoPath offers an extended digital signatures feature, with template developers being able to design flexible forms that enable digital signatures either for the entire form or for specific data in the form. While digitally signing the entire form will always create counter-signatures for the form as an entity, signing parts of InfoPath forms allows more flexibility in choosing the type of relationship between signatures added to the same set of data: there can be cosignatures, counter-signatures, or only one signature allowed.
With the signature, InfoPath will also add by default some non-repudiation information to identify the data users have seen in the current view, as well as the time and other environment settings as they were set when the signature was created. The non-repudiation information can be customized, but only the data in default non-repudiation nodes will be displayed in the non-repudiation dialog.
In order to add a signature, users have to pick up the set of data that will be signed. The set of data that can be signed, referred to as the "set of signable data," has to be previously defined by the form template developer and will be used when filling out the form to sign the data. For each signature, users will have to follow a digital signatures wizard for selecting the set of signable data (if not programmatically selected), picking up a certificate, adding some comments, and finally approving and committing to adding the signature to the form.
All basic controls bound to signed data will display, on hover, an edit-time visual indicating that the data is signed and cannot be changed.
Template developers can choose to have the signatures displayed in the view with the signed data, so users can take advantage of easy access to the non-repudiation information.
InfoPath offers also a lot of support for programmability of digital signatures, allowing access to the sets of signable data defined in the form, to the signatures assigned to each set of signed data, and to the certificates used to create the signatures. The OnSign event handler is customizable in fully trusted forms, offering support for advanced processing of the digital signatures in InfoPath forms.
InfoPath infrastructure for digital signatures was designed using MSXML5 digital signatures support. InfoPath digital signatures have full interoperability with MSXML5 digital signatures.
Signed InfoPath forms and digital signatures created by InfoPath will provide full interoperability with Microsoft .NET 1.1 and 2.0 Framework digital signatures. Signatures created by InfoPath can be verified by applications that use .NET Framework signature verification classes. Signatures created for data hosted in InfoPath forms by applications designed using .NET Framework digital signatures classes are successfully verified by InfoPath's digital signatures mechanism.
For a complete discussion of digital signature capabilities in InfoPath forms, see the technical article, "Digitally Signing Data in Microsoft Office InfoPath 2003 Service Pack 1," on the InfoPath page of the Microsoft Office Developer Center Web site.