Digitally Signing Data in InfoPath Forms

  • Article

Digital Signatures Defined

Digital signatures can be defined as an electronic, encryption-based, secure stamp of authentication on a macro or document. A valid digital signature confirms that the data originated from the signer and has not been altered since it was signed. When documents or certain data in the documents are signed, the signature is computed and added to the document. This way, the signatures will always travel with the signed data.

In order to sign their data, users need to request a certificate from a certificate authority, then use it to create digital signatures. The certificate authority will manage the lifecycle of the certificates and keys (public or private) needed to encrypt data and create the signature.

Subsequent users of the document will have to verify existing signatures, and according to the result of the verification, may add their own contribution and sign. For accurate verification results, the verifier needs to trust the certificate authority who issued the certificate used to originally sign the document.

XML digital signatures are designed for transactions that involve XML documents and data. The power of XML signatures stays in the ability to sign only specific data in an XML document.

Types of Digital Signatures in InfoPath Forms

Microsoft Office InfoPath 2007 implements digital signatures to secure data in InfoPath forms. Two types of digital signatures are featured in InfoPath: digital signatures that ensure the data integrity and authenticity of the form template (.xsn file), and digital signatures that ensure the integrity, authenticity, and support for non-repudiation related to data in XML forms. While the first category of signatures is targeting the form template (.xsn file), the second one targets the actual user-entered data in InfoPath form files (.xml files), where the form designer can enable users to create digital signatures for the entire form or for sections of the form. There are fundamental differences between a signed template and a signed form. While this document will have some references to signed templates (as an alternate way to create a form that will run as fully trusted without running the RegForm tool or creating a custom .MSI installation package), it will not provide details about this type of signing. For more information about signing form templates, see Deploying Signed Form Templates. The focus in this document will be onsigned InfoPath XML forms.

Bb250992.vs_note(en-us,office.12).gif  Note
Digital signatures created by InfoPath to sign data in XML forms conform to W3C XML Digital Signatures specifications.

Digital Signatures Features

InfoPath offers an extended digital signatures feature, with template developers being able to design flexible forms that enable digital signatures either for the entire form or for specific data in the form. While digitally signing the entire form will always create counter-signatures for the form as an entity, signing parts of InfoPath forms allows more flexibility in choosing the type of relationship between signatures added to the same set of data: there can be cosignatures, counter-signatures, or only one signature allowed.

With the signature, InfoPath will also add by default some non-repudiation information to identify the data users have seen in the current view, as well as the time and other environment settings as they were set when the signature was created. The non-repudiation information can be customized, but only the data in default non-repudiation nodes will be displayed in the non-repudiation dialog.

In order to add a signature, users have to pick up the set of data that will be signed. The set of data that can be signed, referred to as the "set of signable data," is defined by the form template designer and used to sign the data when filling out the form. For each signature, users will have to follow a digital signature wizard for selecting the set of signable data, selecting a certificate, adding comments, and approving and committing the signature to the form.

All controls bound to signed data will display, on mouse-hover, a visual indication that the data is signed and cannot be changed. Form template designers can choose to have the signatures displayed in the view with the signed data so users can take advantage of easy access to the non-repudiation information.

Programmatic Support for Digital Signatures

The InfoPath object model includes support for digital signatures, allowing developers programmatic access to the sets of signable data defined in the form through the SignedDataBlocks collection, to the signatures assigned to each set of signed data through the Signatures collection, and to the certificate used to create a signature through the **Certificate**object. Additionally, the OnSign event handler is customizable in fully trusted forms, offering support for advanced processing of digital signatures in InfoPath forms.

Interoperability

The infrastructure for digital signatures in InfoPath was designed using the digital signatures support in MSXML5, so InfoPath digital signatures have full interoperability with MSXML5 digital signatures.

Signed InfoPath forms and digital signatures created by InfoPath will also provide full interoperability with Microsoft .NET 1.1 and 2.0 Framework digital signatures. Signatures created by InfoPath can be verified by applications that use .NET Framework signature verification classes. Signatures created for data hosted in InfoPath forms by applications designed using .NET Framework digital signatures classes are successfully verified by InfoPath’s digital signatures mechanism.