OfflineSigning_GetCLC.cpp
[The AD RMS SDK leveraging functionality exposed by the client in Msdrm.dll is available for use in Windows Server 2008, Windows Vista, Windows Server 2008 R2, Windows 7, Windows Server 2012, and Windows 8. It may be altered or unavailable in subsequent versions. Instead, use Active Directory Rights Management Services SDK 2.1, which leverages functionality exposed by the client in Msipc.dll.]
If the client licensor certificate has not already been downloaded into the local store, you must retrieve it from the licensing service on an Active Directory Rights Management (AD RMS) server. The following example shows how to:
- Retrieve the service URL. This has the form http(s)://ServerName/_wmcs/licensing where ServerName identifies the AD RMS server.
- Call DRMAcquireLicense to download the client licensor certificate.
- Retrieve the downloaded certificate from the store.
#include "OfflineILSigning.h"
/*===================================================================
File: OfflineSigning_GetCLC.cpp
THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
PARTICULAR PURPOSE.
Copyright (C) Microsoft. All rights reserved.
===================================================================*/
/////////////////////////////////////////////////////////////////////
// The GetCLCFromSvc function retrieves a client licensor certificate
// (CLC) from an AD RMS licensing service in the enterprise.
//
HRESULT GetCLCFromSvc(DRMHSESSION hClient,
PWSTR* ppwszCLC)
{
HRESULT hr = E_FAIL; // HRESULT return code
UINT uiURLLength = 0; // Licensing URL length
BOOL fShared = false; // Certificate sharing
const DWORD DW_WAIT_TIME = 60000; // Maximum wait for signal
DWORD dwWaitResult = 0; // Actual signal duration
PWSTR pwszServiceURL = NULL; // Licensing service URL
DRM_CONTEXT context; // Callback context
wprintf(L"\r\nEntering GetCLCFromSvc.\r\n");
// Initialize the callback context.
SecureZeroMemory(&context, sizeof(context));
// Use service discovery to find the URL of the licensing service
// that can issue a client licensor certificate.
hr = GetServiceURL(
hClient, // Client handle
DRM_SERVICE_TYPE_CLIENTLICENSOR, // Type of service
DRM_SERVICE_LOCATION_ENTERPRISE, // Location of service
&pwszServiceURL); // Service URL
if (FAILED(hr)) goto e_Exit;
wprintf(L"GetServiceURL: pwszServiceURL = %s \r\n", pwszServiceURL);
// Create an event to signal when the license has been created.
context.hEvent = CreateEvent(
NULL, // No attributes
FALSE, // Automatic reset
FALSE, // Initial state not signaled
NULL); // Event object not named
if(NULL == context.hEvent) goto e_Exit;
// Create the client licensor certificate.
hr = DRMAcquireLicense(
hClient, // Client handle
0, // Flags
NULL, // Rights account certificate
NULL, // Reserved
NULL, // Application specific data
pwszServiceURL, // Licensing URL
(void*)&context); // Callback context
if (FAILED(hr)) goto e_Exit;
// Wait for the callback to return.
dwWaitResult = WaitForSingleObject(context.hEvent, DW_WAIT_TIME);
if(WAIT_TIMEOUT == dwWaitResult || FAILED(context.hr)) goto e_Exit;
// Set any error returned by the callback function.
if (FAILED(context.hr))
{
hr = context.hr;
goto e_Exit;
}
// Retrieve the client licensor certificate from the store.
hr = GetCertificate(
hClient, // Client handle
DRM_EL_SPECIFIED_CLIENTLICENSOR, // Certificate type
ppwszCLC); // Signing certificate
e_Exit:
if (NULL != context.hEvent)
{
CloseHandle(context.hEvent);
context.hEvent = NULL;
}
if (NULL != pwszServiceURL)
{
delete [] pwszServiceURL;
pwszServiceURL = NULL;
}
wprintf(L"Leaving GetCLCFromSvc: hr = %x\r\n", hr);
return hr;
}
Related topics