Owner License XML Example
[The AD RMS SDK leveraging functionality exposed by the client in Msdrm.dll is available for use in Windows Server 2008, Windows Vista, Windows Server 2008 R2, Windows 7, Windows Server 2012, and Windows 8. It may be altered or unavailable in subsequent versions. Instead, use Active Directory Rights Management Services SDK 2.1, which leverages functionality exposed by the client in Msipc.dll.]
The following example shows an XrML owner license. To see an actual license, compile and run the Encrypting Content Code Example, navigate to the Owner License Store, and open the appropriate license. The license name has the format EUL-{content ID}-SKUid-{GUID}.drm. There will be two owner licenses in the store. The license copied to the store last is the one that is bound to the OWNER right and is associated with the content ID in the issuance license.
- <XrML version="1.2" xmlns="" purpose="Content-License">
- <BODY type="LICENSE" version="3.0">
<ISSUEDTIME>2008-04-15T15:44</ISSUEDTIME>
- <DESCRIPTOR>
- <OBJECT type="Content-License">
<ID type="MS-GUID">
{7BE321C5-C958-4621-8CDA-6AAC4F008679}
</ID>
</OBJECT>
</DESCRIPTOR>
- <ISSUER>
- <OBJECT type="Group-Identity">
<ID type="Windows">
S-1-5-21-1226287486-3652005974-3671177567-1114
</ID>
<NAME>someone@example.com</NAME>
</OBJECT>
- <PUBLICKEY>
<ALGORITHM>RSA</ALGORITHM>
- <PARAMETER name="public-exponent">
<VALUE encoding="integer32">65537</VALUE>
</PARAMETER>
- <PARAMETER name="modulus">
<VALUE encoding="base64" size="1024">
+c2vFTX+D22+8yj5tgGh5P3LQBS0yzX9DiNi+KQG/vrScigJvezj
V8lUFdcbQuOHPrEp4jAbxy7zax3RIN1pfO/qN634mvi92/yy7iIA
4EoSztLRPA/ba2o1u8sUMnuycPo6W3mtV8p32c9cFITGTRUeEypN
/a+JFYGQSwTm+58=</VALUE>
</PARAMETER>
</PUBLICKEY>
</ISSUER>
- <ISSUEDPRINCIPALS>
- <PRINCIPAL internal-id="1">
- <OBJECT type="Group-Identity">
<ID type="Windows">
S-1-5-21-1226287486-3652005974-3671177567-1114</ID>
<NAME>someone@example.com</NAME>
</OBJECT>
- <PUBLICKEY>
<ALGORITHM>RSA</ALGORITHM>
- <PARAMETER name="public-exponent">
<VALUE encoding="integer32">65537</VALUE>
</PARAMETER>
- <PARAMETER name="modulus">
<VALUE encoding="base64" size="1024">
raMBBHBY7UbNE0bHh1Mc2G2LjBQfI/x/scBACTAm6Y12K+xQlv
e3pNlcnFcuPrfguSpNrXq3bdk+zdONH92zzxSlwqvVXqubwNin
LESusHsnpcVPGkPLV3PqxZ/JHOiEWKoLPkigNHGfatrBbnofCq
RQhiG6it7FbHvNMRAgxbE=
</VALUE>
</PARAMETER>
</PUBLICKEY>
<SECURITYLEVEL>
name="Group-Identity-Credential-Type"
value="Persistent"
</SECURITYLEVEL>
<SECURITYLEVEL>
name="Group-Identity-Policy"
value="Group-Identity-Credential"
</SECURITYLEVEL>
<SECURITYLEVEL
name="Group-Identity-Type"
value="Group"
</SECURITYLEVEL>
</PRINCIPAL>
</ISSUEDPRINCIPALS>
- <WORK>
- <OBJECT type="ContentType">
<ID type="MS-GUID">
{1E1BC364-517E-4800-AB79-17B7BF68BC8C}
</ID>
<NAME>ContentName</NAME>
</OBJECT>
- <METADATA>
<SKU type="SKUIdType">SKUId</SKU>
</METADATA>
- <RIGHTSGROUP name="Main-Rights">
- <RIGHTSLIST>
- <RIGHT name="OWNER">
- <ACCESS>
- <PRINCIPAL internal-id="1">
- <ENABLINGBITS type="sealed-key">
<VALUE encoding="base64" size="1536">
ECuGmm4MuXTqjJR95C7yUpMRCwrUQsXFMoOI7ONszrSI
2yRYO/ETnY5E633NL/DAJGGpMNfIqPS7vNgRJSlp5FG2
jSwCTcaUnfmT6sJEmqLiNchJao3npGBGW4OcMbkroEkr
j6FRY2baMPjGBGi0JiSAvsH/7NjVHZUfKSzZRzK4yujQ
3dJgFjYYQMss/AaWBpTVG1yH5qyxJ+vQw3OVGUEwYIAM
Vy/+6xdhsgcpsUwB+W7RVubY1MpIYjr2JL35
</VALUE>
</ENABLINGBITS>
</PRINCIPAL>
</ACCESS>
</RIGHT>
</RIGHTSLIST>
</RIGHTSGROUP>
</WORK>
- <CONDITIONLIST>
- <REFRESH>
- <DISTRIBUTIONPOINT>
- <OBJECT type="Revocation">
<ID type="ascii-tag">Irrevocable</ID>
</OBJECT>
</DISTRIBUTIONPOINT>
<INTERVALTIME/>
</REFRESH>
</CONDITIONLIST>
<AUTHENTICATEDDATA id="APPSPECIFIC" name="SomeName">
SomeValue
</AUTHENTICATEDDATA>
</BODY>
- <SIGNATURE>
<ALGORITHM>RSA PKCS#1-V1.5</ALGORITHM>
- <DIGEST>
<ALGORITHM>SHA1</ALGORITHM>
- <PARAMETER name="codingtype">
<VALUE encoding="string">surface-coding</VALUE>
</PARAMETER>
<VALUE encoding="base64" size="160">
Zoyi33eUygGb9xHvepZuB2L9iEY=
</VALUE>
</DIGEST>
<VALUE encoding="base64" size="1024">
BBTGrwwXnHeIEek5vKLQw+k+o8aa7+qzMX+MI42xXCZ1aERrw7zh3AM1oW3
Y60hoZvID8ghlbpW5LVQrc0nsnJZNzgu/4STajhtXa7sz73j0IdDF25acZz
hbJEEpcP1zLvMnolOiXnTQmRLDdvVjm2E57ucf6cY39SqJespmKCU=
</VALUE>
</SIGNATURE>
</XrML>
Related topics