Chapter 12 of the Open Packaging Conventions (OPC) standard (ECMA 376-2 1st edition, 2006) defines the functionality and operation of “digital signatures” for signing content stored in OPC-based file formats.  Windows 7 incorporates built-in native-code support for accessing OPC-based files along with support to both signing and validating stored content using digital signatures.  This blog provides links to information about digital signatures and how to use the OPC digital signature APIs.

OPC digital signatures are based on the W3C XML Signature Syntax and Processing specification (aka, “XML DigSig”).  As background to understand OPC digital signatures, it’s helpful to first read the XML DigSig specification. The MSDN Packaging API Overview provides a starting point for learning about the Windows 7 Packaging APIs and associated digital signature APIs.

After reading the Packaging API Overview then you can continue with the MSDN Digital Signatures Overview to familiarize yourself with Packaging digital signature APIs.

Of course, seeing actual working sample code is a great way to understand a new set of APIs.  The Music Bundle Signature Sample is very useful in showing how the APIs actually operate. This sample shows how you can use OPC digital signature APIs to sign content stored in a package and then later validate the signature along with the associated signed content.