sign.h

/*****************************************************************************
*
* File: Sign.h
*
* Description:
* This sample is a simple application that might be used as a starting-point
* for an application that uses the Packaging API. This sample demonstrates
* signature generation and validation using a sample signing policy described
* in Sign.h
*
* ------------------------------------
*
*  This file is part of the Microsoft Windows SDK Code Samples.
* 
*  Copyright (C) Microsoft Corporation.  All rights reserved.
* 
* This source code is intended only as a supplement to Microsoft
* Development Tools and/or on-line documentation.  See these other
* materials for detailed information regarding Microsoft code samples.
* 
* THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY
* KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
* PARTICULAR PURPOSE.
* 
****************************************************************************/

#pragma once

//  ============================= Signing Policy ==================================
//
//  A signing policy defines which and how parts and relationships should be signed
//  for a package to ensure compliance with a custom package format. The OPC
//  enables users to build custom package formats; it does not define a signing
//  policy. Users of the Packaging Digital Signature APIs must define the signing
//  policy for their custom package formats.
//
//  The signing policy for the sample package format called a media bundle is as
//  follows: 
//
//      Parts that need to be signed:    
//  ---------------------------------------------
//  Part                Canonicalization Method
//  ---------------------------------------------
//  Album art part      OPC_CANONICALIZATION_NONE
//  Tracklist part      OPC_CANONICALIZATION_NONE
//  Track part          OPC_CANONICALIZATION_NONE
//  Lyric part          OPC_CANONICALIZATION_NONE
//
//  Note: Because none of these parts contain XML markup, no canonicalization
//  method (OPC_CANONICALIZATION_NONE) can be applied to part content. If the parts
//  to be signed contain XML, then either C14N canonicalization method
//  (OPC_CANONICALIZATION_C14N or OPC_CANONICALIZATION_C14N_WITH_COMMENTS) may be
//  applied.
//
//      Relationships that need to be signed:
//  ---------------------------------------------
//  Relationship Source        Relationship Type
//  ---------------------------------------------
//  Package root            https://schemas.openxmlformats.org/package/2006/relationships/metadata/thumbnail
//  Package root            http://schemas.example.com/package/2008/relationships/media-bundle/album-website
//  Package root            http://schemas.example.com/package/2008/relationships/media-bundle/tracklist
//  Tracklist part          http://schemas.example.com/package/2008/relationships/media-bundle/playlist-song
//  Track part              http://schemas.example.com/package/2008/relationships/media-bundle/song-lryic
//  Signature Origin part   https://schemas.openxmlformats.org/package/2006/relationships/digital-signature/signature
//
//  Relationships of the signature type that have the Signature Origin part as their source
//  must be signed in order to prevent signatures being added to an already signed music
//  bundle (no countersignature is allowed in this policy). To allow new signature(s) to be
//  added to a package that has already been signed package (countersignature), do not sign
//  these signature relationships in your format's signing policy.
//
//  ==========================================================================================

// The file path of the signed music bundle
extern const WCHAR g_signedFilePath[];

// Sign a music bundle.
HRESULT
SignMusicBundle(
    IOpcFactory* opcFactory
    );

Music Bundle Signature Sample