2.2.2.1 DRM Version 1 License Request
The DRM Version 1 License Request packet is used by the client to request a license for content. This packet is transmitted to the server via a URI parameter "challenge" as a Digital Rights Management (DRM) base64-encoded value. The URI parameter DRMVer is also sent to the server with this license request and MUST appear after the "challenge" URI parameter. For a version 1 client, the value of DRMVer MUST be 1.3. For a client that supports version 7 and higher, this value MUST be 1.4. This value is ignored by the server.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Version |
|||||||||||||||||||||||||||||||
|
EncRandNum (80 bytes) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
pkcert (84 bytes) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
KeyID (25 bytes) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
... |
Rights |
||||||||||||||||||||||||||||||
|
... |
AppSec |
||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
Version (4 bytes): The request version. MUST be {0x00, 0x01, 0x00, 0x01}.
EncRandNum (80 bytes): A one-time used, previously 20-byte random number that is encrypted using ECC1 with the public server cryptographic key (KS). Before encryption, this buffer contains the following byte values:
bytes 0 – 6: Used as the initialization vector (IV) to create an RC4 key (KR)
bytes 7 – 19: Not used
pkcert (84 bytes): An RC4-encrypted PKCERT that contains a signed copy of KMpub.
KeyID (25 bytes): An RC4-encrypted content key identifier. The content key ID is generated by the server and stored in the header of a protected content stream. Only the first 25 bytes of this field are used. The KeyID can come from any source available to the client, but is typically extracted from a content header.
Rights (4 bytes): An RC4-encrypted request for playback rights, which can be any combination of the values in the following table. The values used in the challenge are typically provided by the DRM-enabled application, but could be any combination implemented by the client.
-
Byte Array
Meaning
RIGHT_PLAY_ON_PC
0x01000000
The right to play back content. This is also known as RIGHT_PLAY_ON_PC.
RIGHT_COPY_TO_NONSDMI_DEVICE
0x02000000
The right to copy licensed content to a device that is not compliant with the Secure Digital Music Initiative (SDMI). This is also known as RIGHT_COPY_TO_NONSDMI_DEVICE.
RIGHT_BURN_TO_CD
0x08000000
The right to copy licensed content to a CD. This is also known as RIGHT_BURN_TO_CD.
RIGHT_COPY_TO_SDMI_DEVICE
0x10000000
The right to copy licensed content to an SDMI device. This is also known as RIGHT_COPY_TO_SDMI_DEVICE.
AppSec (4 bytes): An RC4-encrypted security level of the application that makes the request. The security level MUST be equal to the security level in the client application certificate (CA).
-
Cryptographic sequence:
pkcert.pk = KMpub
pkcert.sign = [pkcert.pk]KC
{EncRandNum}KS
KR {pkcert}
KR {KeyID}
KR {Rights}
KR {AppSec}