none
Embeding Digital Signature in word RRS feed

  • Question

  • I have a digital signature generated from a smart card, I have to embed that in to a word document. 

    Friday, March 30, 2012 8:32 PM

All replies

  • I have a digital signature generated by a smart card for a word document, i need to embed/add this signature to the word document programatically using either c# or c++.
    • Merged by Bruce Song Tuesday, April 3, 2012 4:44 AM duplicated
    Sunday, April 1, 2012 1:41 PM
  • Hi Vinaykumar.t,

    As far as I know, Word expose the API for us to add the digital signature. Please refer to the following threads:

    http://social.msdn.microsoft.com/Forums/en/vsto/thread/ac10f534-c0c6-42e9-9f16-0c956c7533f6

    http://social.msdn.microsoft.com/Forums/ar/worddev/thread/8b020f91-acc5-4d33-a928-bf06bef8c6a9

    Hope this can give you some hint and just feel free to follow up after you have tried.

    Best Regards,


    Bruce Song [MSFT]
    MSDN Community Support | Feedback to us

    Tuesday, April 3, 2012 4:21 AM
  • Hi Bruce Song,

    Let me first thank you for replying to my post.

    The links you provided, helps to sign a word document with a certificate stored in the user store. In my case, I have the certificate (Public part) and other certificate attributes  outside the smart card and the certificate with private key inside the smart card. So, the smart card will generate a digital signature (in binary format) if I sent the document for signing to the smart card. 

    I tried the following code snippet. (C# .Net)

    There is  a class called PackageDigitalSignatureManager, which has an option to embed digital certificate in to the signature. Below is the code snippet, through which I am able to sign a document through a certificate stored in the user certificate store. The highlighted statement below is the method “Sign”, which enforces the user to select a certificate from the user store and there is not much documentation on this method in MSDN. If we can get the details as how this “Sign” method is implemented, we can try to simulate the same using the certificate stored in the EIDA card.

    private static void SignAllParts(Package package)

            {

                if (package == null)

                    throw new ArgumentNullException("SignAllParts(package)");

               //

              // Create the DigitalSignature Manager

              //

                PackageDigitalSignatureManager dsm =

                    new PackageDigitalSignatureManager(package);

                dsm.CertificateOption =

                    CertificateEmbeddingOption.InSignaturePart;

                //

                // Create a list of all the part URIs in the package to sign

                // (GetParts() also includes PackageRelationship parts).

                //

                System.Collections.Generic.List<Uri> toSign =

                    new System.Collections.Generic.List<Uri>();

                foreach (PackagePart packagePart in package.GetParts())

                {

                    // Add all package parts to the list for signing.

                    toSign.Add(packagePart.Uri);

                }

                //

                // Add the URI for SignatureOrigin PackageRelationship part.

                // The SignatureOrigin relationship is created when Sign() is called.

                // Signing the SignatureOrigin relationship disables counter-signatures.

                //

                toSign.Add(PackUriHelper.GetRelationshipPartUri(dsm.SignatureOrigin));

                //

                // Also sign the SignatureOrigin part.

                //

                toSign.Add(dsm.SignatureOrigin);

                // Add the package relationship to the signature origin to be signed.

                toSign.Add(PackUriHelper.GetRelationshipPartUri(new Uri("/", UriKind.RelativeOrAbsolute)));

                //

                // Sign() will prompt the user to select a Certificate to sign with.

                //

                try

                {

                    dsm.Sign(toSign);

                }

                //

                // If there are no certificates or the SmartCard manager is

                // not running, catch the exception and show an error message.

                //

                catch (CryptographicException ex)

                {

                    MessageBox.Show(

                        "Cannot Sign\n" + ex.Message,

                        "No Digital Certificates Available",

                        MessageBoxButton.OK,

                        MessageBoxImage.Exclamation);

                }

            } // SignAllParts()

    Wednesday, April 4, 2012 11:44 AM
  • Hello Vinay,

    Thanks for your patience.

    In your original post you said "I have a digital signature generated by a smart card for a word document, I need to embed/add this signature to the word document programatically using either c# or c++."

    Would you share with us how you got the Certificate onto the smartcard so you can sign Word documents from your smartcard and what steps you use to manually sign the document by using the smartcard.  Thanks.

    Information about digital signatures is in the content pages accessed through the following:
    In the following article there is a link to the .Net 3.0 classes PackageDigitalSignatureManager
    The Digital Signing Framework of the Open Packaging Conventions
    http://msdn.microsoft.com/en-us/library/aa905326.aspx
    The Smart Card Cryptographic Service Provider Cookbook
    http://msdn.microsoft.com/en-us/library/ms953432.aspx
    FindCertificates Method (Smartcard) - MSDN – Explore Windows ...
    http://msdn.microsoft.com/en-us/library/windows/desktop/bb456801.aspx
    SOX080306700030 Win2008/ Certificate Services does support storing the private key on smartcard
    https://vkbexternal.partners.extranet.microsoft.com/VKBWebService/ViewContent.aspx?scid=SO;US;SOX080306700030
    SOX070324700062 The content of the smartcard that is reported by CLM is different from the actual card content
    https://vkbexternal.partners.extranet.microsoft.com/VKBWebService/ViewContent.aspx?scid=SO;US;SOX070324700062

    Looking forward to learning about signing from a SmartCard, both manually and through automation.

    Regards,
    Chris Jensen
    Senior Technical Support Lead


    Chris Jensen

    Thursday, April 19, 2012 3:38 PM
    Moderator