Saving Edited Data
If content has been modified and the user has OWNER or EDIT rights, the user can then save the edited data back with the same key used to encrypt the content. The content keys are never exposed to the application, so this is the only way to re-encrypt data to a key in the license. Similar to decryption, encryption requires the creation of an AD RMS encrypting object, which is used to encrypt data.
The following example demonstrates re-encrypting content by a user who has been granted the EDIT right; 16 bytes are encrypted in this sample.
// Proper way to initialize a DRMHANDLE.
DRMHANDLE hDecryptor = DRMHANDLE_INVALID;
// Get the encryptor.
UINT cEncryptedContentSize = 0;
hr = DRMCreateEnablingBitsEncryptor(
hBoundLicense,
"EDIT", // The right to bind to.
NULL, // No auxiliary library.
NULL, // No auxiliary plug-in.
&hDecryptor ); // Created encryptor.
if(FAILED(hr))
{// Could not make an encryptor; handle error. }
// Check the size of buffer needed for encrypted content.
hr = DRMEncrypt(
hEncryptor,
0, // No offset.
16, // The sample size is 16 bytes.
(BYTE *)wszPlainText, // Data to encrypt.
&cEncryptedContentSize, // Size of encrypted data [out].
NULL); // Encrypted data.
if(FAILED(hr))
{// Could not check the size; handle error. }
// Make a buffer to hold the content.
wszEncryptedContent = (PWSTR)HeapAlloc(
GetProcessHeap(),
0,
cEncryptedContentSize + 2);
if(NULL == wszEncryptedContent)
{// Could not make a buffer; handle error.}
// Get the encrypted content, encrypted with the EDIT key.
hr = DRMEncrypt( hDecryptor,
0,
16,
(BYTE *)wszPlainText,
&cEncryptedContentSize,
(BYTE *)pbEncryptedContent // Encrypted content.
);
// Now save protected content somewhere.
...
All RM consuming applications must have a manifest. For information about how to obtain a manifest, see Creating the Application Manifest.
See Also
Building a Consuming Application
Send comments about this topic to Microsoft
Build date: 3/13/2008