Compound Files
The Rights Management Add-on for Internet Explorer reads an open file format called the compound file. Compound files are files that can store multiple files in a kind of folder and file structure, where folders are called storage objects, and files are called streams. The add-on expects to find an encrypted file as well as an issuance license (and possibly a use license) at specific locations (streams) within the compound file. Any application can put an encrypted file inside a compound file (in a specific location) and put any licenses in specific locations, and the add-on should be able to handle Active Directory Rights Management Services (AD RMS) license processing.
The encrypted files must be stored in MIME Encapsulation of Aggregate HTML Documents (MHTML) format before encryption for the add-on to read them. All Microsoft Office documents can be saved as .mht files by using the Save As dialog box. This is an open standard. For more information, see MIME Encapsulation of Aggregate HTML Documents (MHTML). The add-on displays the encrypted file by using Internet Explorer. MHTML files support all HTML features, including images, scripting and hyperlinks, so your encrypted Web pages should behave normally. Linked objects are pulled into the MHT file when it is created.
In addition to raw data, such as licenses or encrypted data, compound files hold transforms, which take in a stream of bits, perform some action such as compression or AD RMS protection, and send out the modified stream. These transforms allow the add-on to process AD RMS-protected files. A transform is instantiated as a COM class that is specified by a CLSID. The add-on includes a transform that handles Rights Management licenses. For more information about the compound file format that is used in AD RMS protection, read the Rights-Managed HTML SDK for the add-on. The sample application shows how to properly store encrypted MHT files in container files.
For the add-on to read your AD RMS-protected content, your compound file must conform to a specific data structure. The following diagram shows the storage and stream structure that the add-on expects. This diagram shows storage objects as folders and stream objects as files. You must use the names given, with the following guidelines:
- Stream and storage names are not case-sensitive.
- The \006 and \009 values are actually ASCII values for nonprinting characters, not string values.
- The GUID in EUL-GUID represents a unique value, not an actual GUID (which is too long for an allowable stream name). You can use any unique value here. The maximum stream name length is 32 WCHAR characters, so if an actual 128-bit GUID is used, it must be encoded, typically by using base32 or base64 encoding.
The structure of each item and the information it holds are given later in this topic. This structure does not exist naturally; an application must build it by using the IStream and IStorage COM interface functions.
.gif)
Strings are sequences of Unicode characters that are not preceded by a byte-order mark and that are not null terminated. Fields that follow strings are DWORD-aligned, so you need to add padding bytes.
| Stream name | Description |
|---|---|
| Version | This stream holds specific versioning information that describes this version of the add-on. |
| DataSpaceMap | This stream maps streams to their associated data spaces. |
| \009DRMDataSpace | A data space describes the structure of streams and storages within a compound file. It maps AD RMS transforms applied to streams (in the \009DRMViewerContent stream). |
| \006Primary | This stream holds the signed issuance license, information about the transform class, such as its CLSID (C73DFACD-061F-43B0-8B64-0C620D2A8B50), and a text identifier (for example, Microsoft.Metadata.DRMTransform). |
| EUL-GUID | This stream holds the use license. You can store zero or more use license streams in a container file, each holding one use license. If you do not include any, the add-on will attempt to acquire one by using the provided issuance license. If you do include use licenses, name the streams "EUL-", plus a base32 encoded GUID. |
| \009DRMViewerContent | This stream holds the encrypted file. This file can be a maximum of four gigabytes in size. |
Note The compound file structures and functions are defined in Objbase.h; you must include this file if you use compound files. This header is included in Atlenc.h, so if you include this file, you do not need to include Objbase.h. These header files are included with Visual Studio 2005.
See Also
Adding the Issuance License to the Compound File
Adding the Use License to the Compound File
Building a Publishing Application Without Using a Lockbox
Creating a Compound File and Adding Content
Send comments about this topic to Microsoft
Build date: 3/13/2008