.gif)
WMRMKeys.GenerateSigningKeysEx
The GenerateSigningKeysEx method creates a private and public key for signing and verifying the header, including the license acquisition URL.
Syntax
WMRMKeys.GenerateSigningKeysEx(pvarPrivKey,pvarPubKey,pvarCert)
Parameters
pvarPrivKey
[in, out] Variant containing the private key for signing the header.
pvarPubKey
[in, out] Variant containing the public key for verifying the header signature.
pvarCert
[in, out] Variant containing the public key pvarPubKey signed by the licensor certificate's private key.
Return Values
This method does not return a value.
Remarks
This method is required only if you are creating a DRM profile for a user who wants to protect content using Windows Media Encoder. Extended header signing is performed automatically when generating headers using the Windows Media Rights Manager SDK.
When creating a DRM profile for a Windows Media Encoder user, the GenerateSigningKeys method call is built into the IWMDRMContentAuthor.CreateDRMProfile method.
The keys generated with the GenerateSigningKeysEx method sign a larger portion of the header than GenerateSigningKeys does, and includes the license acquisition URL (LAURL) to prevent a malicious Web site from spoofing a legitimate license provider. GenerateSigningKeys is still used to provide backward compatibility and some security for older content players that may not support this newer method.
The purpose of header signing is to prevent an unauthorized or unscrupulous person from entering a malicious URL into a Web site that might attempt to steal personal information, or insert viruses into a header, or perform other malicious actions. When a player receives a header containing a signed LAURL, the user will automatically be redirected to the license acquisition site (assuming the signature is valid). If the LAURL has not been signed, or if the signature is not valid, the player will display a message box warning that the authenticity of LAURL site has not been verified. This message box might be disconcerting to the user, even if the LAURL is authentic.
For more information on when and how to use this function as a license provider service, see Setting Up a License Provider Service in the Microsoft Windows Media Encoder 9 Series SDK.
Parameters are marked as [in, out] because an application is "passing in" a variable name to accept the value passed out.
Example Code
The following example code is an excerpt from a Visual Basic form that shows the end-to-end process of generating the certificates and signing keys, creating a DRM profile, encoding and protecting a Windows Media file, and then issuing a license for it. For more information, see Developing a License Provider Service for Windows Media Encoder on the MSDN Web site.
' Generate keys and retrieve certificates on the licensing server.
' Create a WMRM Keys object.
Set RMKeys = New WMRMKeys
' Generate the public and private signing keys, and the signed public key
' for verifying the entire header.
RMKeys.GenerateSigningKeysEx vPrivKeyTtlHdr, vPubKeyTtlHdr, vSignedPubKey
' Retrieve the licensor certificate.
sSigLSCert = RMKeys.GetCertificate("LSLicenseSigningCert")
' Retrieve the Microsoft DRM License Server Root certificate.
sSigRootCert = RMKeys.GetCertificate("LSRootCert")
Requirements
Version: Windows Media Rights Manager 9 Series SDK or later
Reference: wmrmobjs 1.0 Type Library
Library: wmrmobjs.dll
Platform: Windows Server 2003
See Also