ASP.NET, Javascript tips: Encrypt /Sign /Verify signed message using Capicom ActiveX

This demonstrates possibilities on encrypting, signing, verifying message using the Capicom ActiveX and javascript in a webbrowser. An ASP.NET developers can take note of this technique when you want to invoke to capicom dll to implement PKI infastructure using a browser. I know .NET SmartClient would have been another option where you can use the .NET Framework Libraries to deal with X509Certificates, but you might want to know this technique too:

Source Blog: http://www.feed-squirrel.com/index.cfm?evt=viewItem&ID=36269

• Use a Memory store and in a web page signs and verifies the sign
• Create an VB ActiveX with the following code and register it. Also, the CAPICOM dll must be registered. Both activeX could be downloaded from a web site)
• This code imports a PKCS#12 issued by a subordinader CA. If you want to get it contact me.

Function sign(text As String, P12Path As String, P12Password As String) As String

   ' This function imports a PKCS#12 container (private key and certificate to a
   ' memory store

    Dim store As store
    Dim signedData As signedData
    Dim signer As signer

    Set signer = New signer
    Set signedData = New signedData
    Set store = New store

    store.Open CAPICOM_MEMORY_STORE, "My", CAPICOM_STORE_OPEN_READ_WRITE
    store.Load P12Path, P12Password, CAPICOM_KEY_STORAGE_DEFAULT

    signedData.Content = text
    signer.Certificate = store.Certificates.Item(1)

    szSignedData = signedData.sign(signer, True, CAPICOM_ENCODE_BASE64)
    sign = szSignedData
End Function

• Create a Web Page with the following javascript functions, invoking those from buttons

function btnSignedData_OnClick()
  {
    var SignedData = new ActiveXObject("AutomaticSign.ASign");

  try
  {
   txtSignedData.value = SignedData.Sign(txtPlainText.value,"c:\\c.p12","1111");
  }
  catch (e)
  {
   alert("An error occurred when attempting to sign the content);
   return false;
  }
  }
  function btnVerifyData_OnClick()
   {
    var CAPICOM_CERT_INFO_SUBJECT_SIMPLE_NAME = 0;
    var CAPICOM_CERT_INFO_ISSUER_SIMPLE_NAME = 1; 
    var CAPICOM_VERIFY_SIGNATURE_ONLY = 0;
   // instantiate the CAPICOM objects
   var certificate = new ActiveXObject('CAPICOM.Certificate');
   var SignedData = new ActiveXObject('CAPICOM.SignedData');
   try
   {
    SignedData.Content=txtPlainText.value;
   SignedData.Verify(txtSignedData.value, true, CAPICOM_VERIFY_SIGNATURE_ONLY);
   certificate=SignedData.Certificates(2);
    txtSignerData.value="Certificate :" + certificate.GetInfo(CAPICOM_CERT_INFO_SUBJECT_SIMPLE_NAME) + "\n";
    txtSignerData.value+= "Issuer     :" + certificate.GetInfo(CAPICOM_CERT_INFO_ISSUER_SIMPLE_NAME);
   }
   catch (e)
   {
    alert(e.description);
    return false;
   }
  alert("Signature verified");
 }