2.2.4.1.1 MACHINECERTIFICATE
The MACHINECERTIFICATE element contains a base64-encoded copy of the machine certificate (CM). CM is a certificate in XML format.
The following is the XML schema for the MACHINECERTIFICATE XML object. Note that this schema defines several elements already defined in [RFC3275]. Specifically, this schema defines the <KeyValue>, <SignedInfo>, <SignatureValue>, and <KeyInfo> elements and their respective child elements. Their definition in this schema is intended only to assist in understanding the processing rules in section 3.2.5.3. Within an instance of the MACHINECERTIFICATE XML object, these elements are not to be prefixed with a namespace qualifier. See the example following the schema.
-
<?xml version="1.0" encoding="utf-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="CertificateCollection"> <xs:complexType> <xs:sequence> <xs:element name="Certificate" maxOccurs="unbounded"> <xs:complexType> <xs:sequence> <xs:element name="Data"> <xs:complexType> <xs:sequence> <xs:element name="SecurityLevel" type="xs:string" /> <xs:element name="PublicKey"> <xs:complexType> <xs:sequence> <xs:element name="KeyValue"> <xs:complexType> <xs:sequence> <xs:element name="Modulus" type="xs:base64Binary" /> <xs:element name="Exponent" type="xs:base64Binary" fixed="AQAB" /> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="Signature"> <xs:complexType> <xs:sequence> <xs:element name="SignedInfo"> <xs:complexType> <xs:sequence> <xs:element name="CanonicalizationMethod"> <xs:complexType> <xs:attribute name="Algorithm" type="xs:string" use="required" fixed="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> </xs:complexType> </xs:element> <xs:element name="SignatureMethod"> <xs:complexType> <xs:attribute name="Algorithm" type="xs:string" use="required" fixed="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> </xs:complexType> </xs:element> <xs:element name="Reference"> <xs:complexType> <xs:sequence> <xs:element name="Transforms"> <xs:complexType> <xs:sequence> <xs:element name="Transform" minOccurs="2" maxOccurs="2"> <xs:complexType> <xs:attribute name="Algorithm" use="required" type="TransformAlgorithm"/> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="DigestMethod"> <xs:complexType> <xs:attribute name="Algorithm" use="required" fixed="http://www.w3.org/2000/09/xmldsig#sha1" /> </xs:complexType> </xs:element> <xs:element name="DigestValue" type="xs:base64Binary" /> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="SignatureValue" type="xs:base64Binary" /> <xs:element name="KeyInfo"> <xs:complexType> <xs:sequence> <xs:element name="KeyValue"> <xs:complexType> <xs:sequence> <xs:element name="RSAKeyValue"> <xs:complexType> <xs:sequence> <xs:element name="Modulus" type="xs:base64Binary" /> <xs:element name="Exponent" type="xs:base64Binary" fixed="AQAB" /> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> <xs:element name="ManufacturerData" minOccurs="0"> <xs:complexType> <xs:sequence> <xs:element name="ManufacturerName" type="xs:string" /> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="Version" use="required" fixed="2.0" /> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="Version" use="required" fixed="2.0" /> </xs:complexType> </xs:element> <xs:simpleType name="TransformAlgorithm"> <xs:restriction base="xs:string"> <xs:enumeration value="http://www.microsoft.com/DRM/CERT/v2/Data" /> <xs:enumeration value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> </xs:restriction> </xs:simpleType> </xs:schema>
The following is an example of the MACHINECERTIFICATE XML object.
-
<?xml version="1.0" encoding="UTF-8" ?> <c:CertificateCollection xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:c="http://schemas.microsoft.com/DRM/2004/02/cert" c:Version="2.0"> <c:Certificate c:Version="2.0" xmlns:c="http://www.microsoft.com/DRM/2004/02/cert" > <c:Data xmlns:c="http://www.microsoft.com/DRM/2004/11/cert" xmlns:l="http://www.microsoft.com/DRM/2004/11/mslp" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <c:SecurityLevel>a.b.c.d</c:SecurityLevel> <c:PublicKey> <KeyValue> <RSAKeyValue> <Modulus> <!-- base64-encoded modulus value --> </Modulus> <Exponent>AQAB</Exponent> </RSAKeyValue> </KeyValue> </c:PublicKey> </c:Data> <c:Signature> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <Reference> <Transforms> <Transform Algorithm="http://www.microsoft.com/DRM/CERT/v2/Data" /> <Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue> <!-- base64-encoded digest --> </DigestValue> </Reference> </SignedInfo> <SignatureValue> <!-- base64-encoded signature --> </SignatureValue> <KeyInfo> <!-- key used to sign the SignedInfo data. --> <KeyValue> <RSAKeyValue> <Modulus> <!-- base64-encoded modulus value --> </Modulus> <Exponent>AQAB</Exponent> </RSAKeyValue> </KeyValue> </KeyInfo> </c:Signature> </c:Certificate> </c:CertificateCollection>
Certificates are listed in c:CertificateCollection from leafmost to rootmost certificate. The leafmost certificate is signed by the certificate next closer to the rootmost certificate. The rootmost certificate is signed by the Microsoft Root WMDRM Certificate, represented by the following public key:
-
pjoeWLSTLDonQG8She6QhkYbYott9fPZ8tHdB128ZETcghn5KHoyin7HkJEcPJ0Eg4UdSva0KDIYDjA3EXd69R3CN2Wp/QyOo0ZPYWYp3NXpJ700tKPgIplzo5wVd/69g7j+j8M66W7VNmDwaNs9mDc1p2+VVMsDhOsV/Au6E+E=
Follow these steps to evaluate the signature of a given certificate:
Accumulate a SHA-1 hash over <c:Data> including the <c:Data ... > and </c:Data> end tags.
Compare hash to <DigestValue>.
Verify signature over <SignedInfo> with the RSA public key using the RSA/SHA1 algorithm.
Note that the value for <Modulus> must be reversed after base64-decoding.