CreaSign

Verify a Signature

To verify a signature, follow these steps:

  1. Load the XML document.
  2. Create a new XmlSignature object and attach it to the signature node that needs to be verified.
  3. If the document contains external references, attach the appropriate resolver.
  4. Call the Verify method.
' Verify the file that was specified on the command line
if WScript.Arguments.Count=0 then 
  WScript.Echo "You should specify a file to verify as command line parameter!"
  WScript.Quit
end if

fileToVerify=WScript.Arguments(0)

set doc=CreateObject("Msxml2.FreeThreadedDOMDocument.4.0")
doc.preserveWhiteSpace=true ' Important!
if not doc.load(fileToVerify) then Err.Raise 8, "" , doc.parseError.reason

' Create a signature object
set cs = CreateObject("CreaSignClientIE.XmlSignature")


' Find the first signature in the document
set SignatureNode=doc.SelectSingleNode("//*[local-name(.)='Signature' and namespace-uri(.)='http://www.w3.org/2000/09/xmldsig#']")
set cs.XmlNode=SignatureNode

' Create a file system resolver, initialize it and attach it to CreaSign
' If there are no external references, you do not need the resolver
Set r = CreateObject("CreaSignClientIE.FileSystemResolver")
rootPath = Mid(WScript.ScriptFullName,1,InStrRev(WScript.ScriptFullName,"\"))
r.RootPath = rootPath
set cs.Resolver = r

set vr=cs.Verify(0) 
PrintVerifyResult vr

The Verify method returns a XmlVerifyResult object that holds the validity of the signature, information about associated timestamps and error messages when the signature is invalid:

Sub PrintVerifyResult(vr)
        WScript.Echo "Signature valid : " & vr.ok
        if vr.OK Then 
                WScript.Echo "Signature is valid"
        else
                WScript.Echo "Signature is invalid"
                WScript.Echo "Error message: " & vr.ErrorMessage 
        End If

        if not (vr.Signer is Nothing) Then PrintSigner vr.Signer

        if vr.TimeStampResults.Count>0 then 
                WScript.Echo vbNewLine & "The signature has been timestamped "  
        	For i=0 to  vr.TimeStampResults.Count-1
               	  set ts=vr.TimeStampResults(i)
                  Wscript.Echo "Timestamp time (UTC): " & ts.Source.TimeStampTimeUtc
               	  PrintSigner ts.Signer
	        Next
          
        End If
End Sub

Sub PrintSigner(s)
  WScript.Echo "Signer:"
  WScript.Echo "  Name: " & s.DisplayName
  WScript.Echo "  Email: " & s.Email
  WScript.Echo "  Certificate issuer : " & s.IssuerName
  WScript.Echo "  Certificate is valid until " & s.ValidNotAfter
End Sub

Send comments on this topic.

(c) CREA 2002-2007 www.creasign.si