2.2.3.1.3.4 CLIENTID (Structure)

The CLIENTID structure contains the Digital Rights Management version and security certificate of the client computer. A conforming DRM client implementation has a valid CLIENTID obtained through one of multiple means not relevant to license acquisition. The existence of a CLIENTID within the DRM client is a requirement of a valid client. No processing is done with this element, as it is only included in the payload of the protocol.

 typedef struct {
   BYTE Version[4];
   BYTE EncRandNum[80];
   PKCERT pkcert;
 } CLIENTID;

Version: The Digital Rights Management version. MUST be {0x02, 0x00, 0x00, 0x00}.

EncRandNum: One-time use random number encrypted using ECC1 with KS. The first 7 bytes (unencrypted) of EncRandNum are used as the initialization vector (IV) to create an RC4 key (KR).

pkcert: A PKCERT structure that contains the machine certificate.

Cryptographic Sequence:

  1. pkcert.pk = KMpub

  2. pkcert.sign = [pkcert.pk]KC

  3. {EncRandNum}KS

  4. KR {pkcert}