MSDN Magazine The Microsoft journal for Developers

Windows Media Technologies: Using Windows Media Rights Manager to Protect and Distribute Digital Media

Andrea Pruneda

 

This article assumes you're familiar with VBScript and ASP

Level of Difficulty    1   2   3 

Download the code for this article: DRM.exe (40KB)

SUMMARY Media distributors have been looking for a way to prevent users from getting saleable content for free ever since independent distributors and peer-to-peer systems began distributing files without licensing them. Windows Media Services addresses these concerns by providing encryption, licensing, and management capabilities. One of its components, Windows Media Rights Manager, allows companies to issue licenses that consumers must pay for before their media files will play. This article explains this and other components of Windows Media Services so you can begin protecting your media files today.


With technologies that are widely available today, consumers have online access to music, films, books, images, and any other type of content that can be distributed in a digital format. Digital media has become extremely popular and has gained wide acceptance because of its ease of use and immediacy; consumers can get digital goods right away from the Internet, at any time. New consumer electronic devices are being developed to expand access to digital media so that it doesn't matter whether you're at home, at the office, or on the road.

In the past, the quality and availability of digital media has been limited because content owners, artists, and publishers have been concerned about protecting their copyrighted material. In response, Microsoft has developed digital rights management (DRM) based on Windows Media™ Technologies, which can be built into your applications and Web sites. The DRM features work in combination with other Windows Media-based tools and services that you use to encode, protect, and distribute digital media.

DRM allows content owners to package their Windows Media-based files by encrypting the content with a key (a piece of data that locks and unlocks the content). To play the packaged file, a consumer needs to obtain a license that contains this key. The license, which is separate from the content, enables content owners to set up business rules (also called rights) that determine how consumers can use the packaged file. The license can be issued at different points in the consumer transaction, depending on the content owner's business model. Regardless of how the protected digital media is distributed, the content remains secure and content owners retain control over the way their media properties are used.

In this article, I will first provide a broad overview of Windows Media Technologies in order to give you an idea of how Windows Media-based digital media is created and distributed. Then, I'll follow with a closer look at digital rights management, what you need to use it, and how you can implement a DRM solution in your own online digital media applications.

Windows Media Basics

Any number of business scenarios can take advantage of Windows Media Technologies for delivering content to users securely. For example, companies can stream live or prerecorded presentations over a corporate intranet for corporate communications or training purposes. Radio stations can broadcast a live signal over the Web, or provide access to prerecorded shows. Online retailers can deliver music directly to consumers in downloadable, digital formats, all secured by DRM.

Windows Media Technologies provides a set of components that allow you to take your raw digital content (such as music, movies, and other audio or video content), encode it into Windows Media Format, protect it, deliver it to your audience, and create a satisfying experience for the user. You can use all the components, or only those you need for your business model.

The key components of Windows Media Technologies include the following:

  • Windows Media Encoder 7
  • Windows Media Services
  • Windows Media Player 7
  • Windows Media SDK

All of these components enable you to either create, edit, distribute, or view files in Windows Media Format. This extensible file format is implemented on a file container known as the Advanced Streaming Format (ASF). Windows Media files typically use .wma (for audio) or .wmv (for audio and video) file extensions, although you'll sometimes come across files using the older .asf extension (for both audio and video).

Windows Media Format uses state-of-the-art audio compression technology that is more efficient than other audio and video compression technologies. A song encoded in Windows Media Format can be as small as half the file size of an MP3 file with the same playback quality. Windows Media Format also supports metadata (for example, information like the title or author of the content), as well as captions and synchronization with still images or Microsoft PowerPoint® slides.

Windows Media Encoder 7 is a powerful production tool for converting both live and prerecorded audio and video to Windows Media Format. With Windows Media Encoder, you can deliver live content in real time to client computers or to a file for later use. Real-time sources of audio and video content include anything that you can plug into your audio or video card, including a CD player, microphone, VCR, or video camera. Windows Media Encoder can also use existing audio or video files, in a variety of formats, as source material.

Windows Media Services is designed for streaming media and is typically hosted on servers running Windows NT® or Windows® 2000 with a broadband network connection. It controls the quality of the audio and video streams being sent to each client computer that is connected to the server. You can stream content from a Web server, but then you will not be able to take full advantage of features built into Windows Media Services, such as broadcasting live content and intelligent streaming. Intelligent streaming adjusts the bit rate of a stream dynamically to compensate for bandwidth problems and to maintain a high-quality user experience.

Windows Media Player is the client software that decodes digital media for playback. In addition, Windows Media Player allows users to manage digital media on their computers by creating playlists, copying tracks from CDs, listening to radio stations on the Internet, and transferring digital media files to portable devices. The player also provides built-in functionality to take advantage of the intelligent streaming and DRM features of Windows Media Technologies.

The Windows Media SDK enables you to develop your own solutions and applications incorporating Windows Media Technologies. For example, you can create an application that encodes and protects files. The Windows Media SDK includes the components listed in Figure 1.

SDK Description
Windows Media Encoder 7 Lets you automate the operation of Windows Media Encoder
Windows Media Rights Manager 7 Enables you to protect content and issue licenses using DRM technology
Windows Media Services 4.1 Provides functionality to configure, manage, and administer Windows Media Services
Windows Media Format 7 Enables software to read, write, edit, and transfer files in Windows Media Format
Windows Media 7 Embedded Product Adds Windows Media playback to portable
Adaptation Kit (EPAK) digital music players, Internet appliances, and other embedded systems
Windows Media Player 7 Lets you create custom skins and visualizations, and embed player functionality into programs and Web pages

Figure 1 Windows Media SDKs

The functionality of Windows Media Rights Manager is available in two of these SDKs. Using the Windows Media Format 7 SDK, developers can enable client-side applications to acquire licenses and play packaged files on desktop computers and portable devices. Using the Windows Media Rights Manager 7 SDK, developers can create server-side applications that package Windows Media-based files and issue licenses for them. Most relevant to this discussion is the Windows Media Rights Manager 7 SDK. (See the sidebar "Supporting Windows Media Rights Manager 1 ")


Supporting Windows Media Rights Manager 1

Player applications that only support Windows Media Rights Manager 1, which was released in the summer of 1999, cannot interpret Version 7 content headers or licenses. These player applications include those based on the Windows Media Format 1 SDK, and any player application for Apple Macintosh computers. So, content packagers who want to support Version 1 players can add information to a packaged file so that a Version 1 license can be generated for it. However, there is a security trade-off when you choose this alternative because you cannot take advantage of the latest security features and rights management, such as individualization, secure audio path, counted plays, and so forth. Information about supporting Windows Media Rights Manager 1 can be found in the MSDN Online Library at https://msdn.microsoft.com/library/en-us/dnwmt/html/wmrm7migration.asp.


DRM Security

Windows Media Rights Manager holds security as the highest priority. A DRM system is different from traditional security models in that the consumer is both your user and the one you want to protect your content from. Because of this, and because DRM adds extra steps to the process of content distribution, consumers do not want DRM. Usability is a trade-off for security, and it is up to the content owner to establish a balance.

Attackers can be thought of as belonging to one of three categories: naïve, skilled, and professional. A naïve attacker is not actively trying to break a DRM system, but will copy files and install broken (hacked) applications. The goal is to stop the naïve attacker from bypassing the DRM system. A skilled attacker knows computers and software, but has no commercial motivation to break a DRM system. The goal is to make it more difficult and costly for a skilled attacker to compromise a DRM system. A professional attacker is commercially motivated to break a DRM system with funds to mount attacks, hire other hackers, and reverse-engineer applications. The goal in this case is to minimize the scope of breaks and limit the commercial opportunities.

Windows Media Rights Manager uses three different features—revocation, individualization, and Secure Audio Path—to address these security objectives. Applications that are based on the Windows Media Format SDK to play packaged files must have a certificate (issued by Microsoft as part of the process of getting the SDK). Revocation is a process that identifies the certificates for broken or hacked applications, and prevents these applications from playing packaged files. Every license that is issued by a server running Windows Media Rights Manager contains a revocation list. Revocation helps to prevent a global break in a DRM system, and limits the commercial opportunity for a professional attacker by forcing consumers to upgrade compromised software to play new digital media.

Individualization is a process that makes one instance of rights management software unique from all other versions of the software—for example, individualization makes the rights management software installed on one user's computer different from that on all other users' computers. The result is that if an individualized application is hacked or broken, only that version of the application is affected, thereby eliminating global breaks to the application and making attacks more difficult and costly for the attacker.
Content owners can use this feature by requiring consumers to use individualized player software for playing their packaged files, or player software can incorporate individualization as a step during installation. In whatever way this process is initiated, the player software sends a request to the Microsoft Individualization Service over the Internet. The service generates a unique DLL that is obfuscated and digitally signed, then binds it to the requesting client computer using its hardware ID. This process does not violate consumer privacy in any way, and the exchanged information cannot be traced.

Secure Audio Path, which is currently only supported on Windows Me, provides a kernel-level infrastructure for maintaining copyright protection by helping to ensure that audio data reaches the sound card on a computer and is not diverted to an unauthorized program. Secure Audio Path is planned to be a feature of future Microsoft operating systems. Content owners use this feature by requiring Secure Audio Path for their packaged files, while controlling usage of Secure Audio Path through the license for the packaged file.

Secure Audio Path works by creating a secure channel between the DRM component of the player software and the DRM component of the kernel. The content owner can require components that receive the decrypted audio signal to be certified by Windows Hardware Quality Labs. Noise is added to the signal, and then removed before reaching the output device. Digital output on this device can be disabled if the content owner requires it.

Standard cryptographic techniques are used to authenticate components and to guard against attackers tampering with code and data. Authentication of DRM-enabled components is achieved using digital signatures and public key certificates. Elliptic Curve and RSA algorithms are used to authenticate components using digital signatures and to perform key exchange operations for establishing secure channels between components.

Encryption and decryption processes use a symmetric cipher based on the RC4 and DES encryption standards, as published in EuroCrypt 98. The algorithm is fast; it can encrypt and decrypt streamed data units at a rate of 10MB per second. The algorithm is fault-tolerant, meaning that loss of a streamed data unit does not prevent decryption of subsequent data units.

The DRM System in Action

The basic process in a DRM system is as follows. A content owner encodes raw content into Windows Media-based files using an application such as Windows Media Encoder, shown in Figure 2.

Figure 2 Windows Media Encoder

Then, the content owner packages these files using an application created from the Windows Media Rights Manager 7 SDK. This application can be very simple, consisting of a few ASP pages, or it can be a more complex Windows-based application; it just depends on how you choose to implement it. A very simple ASP solution that gets the job done is shown in Figure 3.

Figure 3 Packaging a File

The resulting packaged files are distributed to consumers just as any other file can be distributed—packaged files can be placed on a Web server for download, streamed from a Windows Media-based server, or distributed via e-mail or on a CD. At this point, what happens depends entirely on how the system has been set up. Different scenarios are discussed in greater detail later, but for now let's look at how you can download a protected song from the Windows Media Rights Manager demo page.

Figure 4 Download Page

From this page (shown in Figure 4), you select a file to download; in this case, a song by The Shusterbabies. This site is promotional so you are not required to pay for the song, but an e-mail address, ZIP code, and country are requested (see Figure 5).

Figure 5 Registration

After this page is optionally filled out, the download process begins. While the file is being downloaded, a license is issued that allows the file to be played twice. It's good practice to inform the consumer about the terms of the license before they download the file. Then you click the Play button to begin playing the song. When Windows Media Player plays packaged files, the status line indicates the content has been protected (see Figure 6).

Figure 6 Protected Content

Let's say you decide to share this song with a friend and e-mail the file OhNo_2ndMix1.wma to her. When your friend tries to play the file, the player can't find a license on her computer, so the player displays a default page (the license acquisition URL) asking her to register (see Figure 5). This is the same page you saw when you acquired a license to play the file. Once your friend fills out this page, a unique license is issued to her computer.

This page demonstrates the DRM system in action. Even though your friend was able to get a protected file, she couldn't play it without the license. However, the system doesn't prevent her from getting her own license. Rather, it shows her how to get one, and at the same time acquires a new customer for the content owner.

How It Works

The process of distributing protected digital media with Windows Media Rights Manager can be broken down into five areas:

  • Creating digital content and then encoding the content into Windows Media Format
  • Packaging your Windows Media-based files
  • Distributing the packaged files to consumers
  • Generating and issuing licenses
  • Playing packaged files and managing licenses

Figure 7 Distributing Files

Figure 7 illustrates the process. Each of these areas can be managed by different people or organizations. For example, a record label, online retailer, and license clearinghouse work together to sell music online, and the license clearinghouse could be working with other distributors as well. The system is flexible, and depends entirely on your business model.

Packaging Media Files

Creating and encoding digital content is actually outside of the scope of Windows Media Rights Manager, but it is the first step in the process. Content owners must first capture audio or video content into a digital format, and then encode it into Windows Media Format using a tool such as Windows Media Encoder. For security reasons, only DMO codecs are supported; packaged files created with ACM codecs cannot be played. For a list of the most current authorized codecs, see the Codecs Supported by Windows Media DRM page.

Once Windows Media files have been created, the next step is to package them. Packaging a file entails creating a key and content header, then encrypting the file with the key. Windows Media Rights Manager uses full-strength encryption algorithms and runtime integrity checks. The process is fast—over 540,000 bytes per second. All payload packages are encrypted individually, but the increase is minimal. Also packaged files are resilient to packet loss.

A key is generated by an algorithm that uses a key ID and a license key seed. The key ID is a value that is usually generated separately for each piece of content. The license key seed is a value used by one organization to package all of their files. For example, to package 100 songs, a record label creates 100 key IDs, then uses the license key seed to generate 100 keys.

Sometimes one key can be used for multiple files (just as one key can unlock more than one door). So files that share a key also share a license. For example, one license could be used for 10 different songs from one album. However, security is greater and licensing schemes are more flexible when a different key is used for each packaged file.

The content header contains information about the packaged file, including key ID, content ID, license acquisition URL, individualization version number, and attributes. The key ID is the string used to generate the key. Later, the license issuer will use this key ID to regenerate the key to include in the license. The content ID is a unique value that identifies each packaged file. For example, this value can be stored in a database as the primary key along with the corresponding key ID and metadata.
A license acquisition URL points to the Web page that is the beginning of the license acquisition process. When a valid license isn't found for a file, the player software opens this URL. For example, this page would inform consumers that they need a license, along with other information (such as how much it costs or what the license allows them to do).

The individualization version number, when specified, requires the consumer to use an individualized player application of a minimum version. If the consumer agrees, the individualization process begins; otherwise, the file cannot be played.

Attributes, which are optional name-value pairs, are used to add custom information to a packaged file, such as the content owner, artist, title, and so forth. This feature is useful when multiple parties are handling files in a Windows Media Rights Manager system by allowing them to securely communicate and track information about the file. For example, the following attribute could be used to help the license issuer determine which distributor sold the file:

WMRMHeader.Attribute("Content_Dist") = "Company X"

Once the content header has been created, it is digitally signed. This signature can be verified to find out if the content header was tampered with, making the information inside secure.

Distribution of packaged files depends entirely on the business model. For example, packaged files can be distributed by providing them on a Web server or sent to consumers on a CD. Packaged files can also be securely streamed from a Windows Media-based server. For ideas about different distribution and licensing scenarios, see the section "Planning a Windows Media Rights Manager System."

Generating and Issuing Licenses

Licenses are generated and issued by using Windows Media License Service, which is a component of Windows Media Rights Manager that runs on a server. The license is bound to the computer to which it is issued, so a packaged file can be shared, but a license cannot. Because the license is the vital element, it makes sense to tie payment and security to the license. That is, packaged files can be freely distributed, but license distribution should be more carefully controlled. For example, an online music store might allow customers to download and share packaged files, but would charge a fee for the licenses to play those files.

Licenses add more security to a Windows Media Rights Manager system. The Windows Media License Service can verify the signature of a packaged file's content header to ensure it has not been tampered with. In addition, the license uses a secure state to store information. So, for example, if a license has an expiration date, a right can be set to render the license invalid if the computer clock is changed.

A license contains the following information:

  • The key to unlock the packaged file. This key is regenerated by using the key ID from the packaged file and the license key seed. If the license issuer is not the same organization who packaged the file, the license key seed must be securely shared.
  • The rights and conditions of the license, which are defined using an XML-based event-driven rights language.
  • Priority of the license with respect to other licenses for the same Windows Media file (it's possible to issue multiple licenses for one file).
  • Custom attributes (name/value pairs) such as a description of the license.

Setting rights is one step in generating a license, and can happen in different ways depending on the business model. Rights can be set on the fly. For example, if consumers are given a choice to pay more for the right to transfer files to portable devices, the rights would be set after this choice is made. Rights can also be set according to an agreement with the content owner. The license issuer could store content IDs in a database along with the rights to give for each one. The content owner could also communicate which rights to give by including the information as a custom attribute in the content header. Figure 8

Rights Description
AllowPlayOnPC Allows the consumer to play the file on a computer
PlayCount Specifies the number of times a file can be played
AllowBurnToCD Allows the file to be copied to a CD in an unprotected format
BurnToCDCount Specifies the number of times a file can be copied to a CD
AllowBackupRestore Allows the consumer to back up licenses and restore them to the same computer or to different computers. The Microsoft License Management Service manages the restoration operation and enforces business rules that prevent a consumer from abusing content and discourages fraudulent use of licenses
BeginDate Specifies a date after which the license is valid
ExpirationDate Specifies a date after which the license is no longer valid
DeleteOnClockRollback Deletes the license if the consumer resets their computer clock to an earlier time
DisableOnClockRollback Disables the license if the consumer resets their computer clock to an earlier time, and enables the license once the clock is corrected
AllowTransferToNonSDMI Allows the consumer to transfer the file to a non-SDMI-compliant portable device
AllowTransferToSDMI Allows the consumer to transfer the file to an SDMI-compliant portable device. When using this right, you must follow the SDMI specification located on the Secure Digital Music Initiative Web site (https://www. sdmi.org)
TransferCount Specifies the number of times a consumer can transfer a file to a portable device
PMRights Specifies the rights to give with portable licenses for this file. A portable license is a new license that accompanies a file when it is transferred
PMExpirationDate Specifies a date when a portable license expires
MinimumAppSecurity Specifies the minimum security level that is required of a player application
PMAppSecurity Specifies the minimum security level that is required of a portable device

Figure 8 Rights for Packaged Files

Licenses can be delivered to consumers in different ways and at different points in the transaction, depending on the business model. The method used for issuing licenses should accommodate different situations, such as when consumers are using outdated player software or players that do not support silent license acquisition. Consumers can also acquire packaged Windows Media files from friends, so the model should handle the case when a consumer tries to play a packaged file without a license.

License delivery can be initiated by the license issuer or by the consumer's player application. A license can be issued before the consumer tries to play the packaged file, usually before the packaged file is downloaded, or at the same time. When the consumer plays the file, the license is already on the consumer's computer and the file can be played immediately, without a connection to the Internet. This method (known as predelivery) is preferred because it is easiest for the consumer.

For example, say a consumer visits a music retailer Web site and selects two songs to purchase. After making payment, two licenses are issued (quickly and unknown to the consumer), then the consumer is directed to a location to download the songs. When the consumer tries to play a packaged file without a license, the player software opens the license acquisition URL and sends a request for a license. This request contains the content header, client information, and the rights the player software is requesting.

These licenses can be issued in different ways: silently, nonsilently, or based on the consumer's platform. When a license is issued silently, it is issued without the consumer being aware of the transaction. This method is useful when you don't need information from the consumer or you want to hide the license acquisition process. From the consumer's point of view, there was a small pause before the file was played.

A license can be issued nonsilently by redirecting the user to a Web page that requests input from the consumer, such as an e-mail address or payment information. This method is useful when you want to make sure the consumer sees information such as the terms of the license. Players based on the Windows Media Format 7 SDK and above can host this Web page within the application; otherwise, the player must open the license acquisition URL in a separate Web browser window.

Each license request from a player includes platform information. Certain platforms—such as Windows Me or Windows XP—provide built-in security mechanisms, so you can issue different licenses based on the consumer's platform. You can also decide not to issue licenses at all to certain platforms.

Playing Packaged Files and Managing Licenses

To play a packaged Windows Media file, consumers use Windows Media Player 7 or later, or custom player software based on the Windows Media Format 7 SDK. The player software checks for a valid license first. If one is not found, the license acquisition process is initiated. If a valid license is found, the consumer can play the file according to the terms in the license.

Depending on the rights included in licenses, consumers can do a number of things, including playing packaged files on a personal computer. The DRM technology also enables consumers to transfer packaged files to a portable player and play them, or copy packaged files to portable media, then play them on a another computer or portable player.

Planning a DRM System

A Windows Media Rights Manager-based DRM system can be set up for a variety of different business models. Typically, multiple organizations are involved in the system. For example, a content owner encodes and packages digital media files in Windows Media Format. Vendors distribute and sell the files to consumers. A license clearinghouse issues licenses for the files and tracks which vendors were responsible for each sale.

When planning a system, remember the following points. Packaged files can be streamed or downloaded. Custom attributes are useful for tracking information in a packaged file's content header, and the content header can be modified without affecting the rest of the file. Also remember that a feature is provided to allow consumers to recover licenses (backup and restore). However, a custom process for recovering licenses can be created, for example, by tracking which licenses (key IDs) are issued to a consumer. In addition, you should separate the tasks of the system for optimal performance. Use separate computers for the content servers and licensing servers.
Because the Windows Media Rights Manager is completely flexible, the way you set it up is your choice. But to help you get an idea of how to plan a system, the following topics provide some examples and guidelines on how to set up different types of systems for streaming, super distribution, and subscription services.

Streaming Media

Streaming digital media is a good choice when you want to make content available, but you don't want to give copies of it away. Streaming also forces consumers to play digital media from your Web site, which is a way to make sure that consumers see branding, advertisements, and other information on your site.

Packaged files remain secure even when streamed. Several programs are currently available that allow a consumer to capture an audio or video stream and save it to a file on their computer, despite the wishes of the content owners. If the content is unprotected, consumers can play the saved streams and share them with others. But if the content has been packaged, it remains protected; that is, the consumer and others who copy the file need a license to play the saved stream.

When setting up a streaming model, you should predeliver a license after a file has been selected, but before it has been streamed. You also need to grant at least the right to play the file. If you don't want consumers to play saved streams of your digital media, limit the number of times the file can be played. For example, if you allow only a single play, when the consumer tries to play the saved stream, the license won't allow it.

Specify a license acquisition URL to match your policy. If you want to allow local copies of your digital media to be played, the license acquisition URL should point to the license acquisition process. The saved stream is as secure as a downloaded packaged file. If you don't want to allow local copies of your digital media to be played, set the license acquisition URL to a page that is worded specifically to cover undesired stream captures. For example, you can display a page with information that tells the consumer that they cannot play a local copy of the stream and must instead play it from your Web site, then redirect the consumer to a location from which the file can be streamed again.

Super Distribution

Super distribution is a process by which consumers help increase the distribution and sales of packaged files by sharing them with other consumers. The friends who receive these packaged files are required by the Windows Media Rights Manager technology to acquire their own licenses before they can play the files. These new consumers are directed back to the original retailer, who gets credit for the resulting sales.

The key to super distribution is tracking retailers who are responsible for the original sales. The way to accomplish this is by adding information as a custom attribute to the content header of a packaged file—for example, by adding an attribute named Retailer with a retailer's unique ID as the value, like so:

WMRMHeader.Attribute("Retailer") = "Retailer123"

The content owner can add this attribute when packaging files, and would package a separate set of files for each retailer. Or, the retailer can add the attribute after receiving the files from the content owner, modifying only the content header. The license issuer can then use the Retailer ID to find out who is responsible for the sales of each file.

For example, say the retailer sells a song to a consumer, and the license clearinghouse issues him a license. If the consumer gives a copy of the song to a friend and the friend tries to play the song, she will be directed to the license clearinghouse to acquire her own license. When the license clearinghouse checks the Retailer ID, it determines who the retailer is, and can then either handle the transaction on behalf of the retailer or can redirect the new consumer to the retailer's Web site to complete the transaction.

Subscription Service

Setting up a subscription service is a good way to give consumers access to a large collection of digital media. You could require consumers to pay a monthly fee to access songs on a music Web site, giving them access to download songs and receive licenses that expire after one month. New licenses are issued when consumers renew their subscriptions.

When you're setting up a subscription service, predelivering licenses is usually the least obtrusive method. First, set an expiration date, such as at the end of each month. The expiration date might also allow a few extra days for late payment. Allow or disallow transfer to portable devices, depending on how strictly you want to restrict playback of files. If you do allow transfer, you can restrict the number of transfers that are allowed. Do not allow files to be copied to CD, because packaged files that are copied to a CD are no longer secure. Do not allow the backup and restoration of licenses—this feature is not intended for a subscription model, so use a different method to reissue licenses to those consumers who lose their licenses.

Carefully consider the use of the license acquisition page. For example, this Web page might explain how the consumer can subscribe to your site, renew a subscription, or request new licenses. The page should accommodate all situations when the license acquisition URL would be displayed.

When subscriptions expire, it is important to continue your service without inconvenience to the consumer. For example, reissue new licenses for only the files a consumer downloaded, or reissue licenses for all files on the site. You might reissue licenses at the time of payment; otherwise, the consumer cannot play the files from the previous subscription period without connecting to the Internet to reacquire licenses.

Implementing Windows Media Rights Manager

Using Windows Media Rights Manager to package and license digital media files requires the use of the Windows Media Rights Manager 7 SDK. Developers who want to create player applications that can read and play packaged files must use the Windows Media Format 7 SDK to implement DRM functionality.

This section describes the basic steps needed to install and set up the Windows Media Rights Manager 7 SDK, then provides code samples to show you how to set up a basic Windows Media Rights Manager-based system. However, these sample pages should just be used to understand the process flow; this article does not explain how to configure your servers and implement security for a working production system. These steps assume you will perform the packaging and licensing, so steps to coordinate these responsibilities among multiple organizations are not included.

You'll need to obtain a license agreement to get the Windows Media Rights Manager 7 SDK. The licensing form is located at https://wmlicense.smdisp.net/licenserequest/. Then you can install it on the servers on which you plan to package and license digital media files. For example, a typical configuration is to have dedicated servers for different tasks, such as packaging digital media, distributing content (Web servers and streaming servers), and licensing. Windows Media Rights Manager would be installed on only the packaging and licensing servers.

For each server on which you run Windows Media License Service (the component that is used for issuing licenses), you must get a certificate, client verification keys, and a revocation list. The certificate allows the server to issue licenses, and because this certificate is valid for one year, you'll have to renew your certificate at the end of that period. The revocation list prevents licenses from being issued to players that are known to be broken or corrupted. You should get an updated list frequently, maybe as often as once a week. Complete this process on one computer before starting the process on another if you are running the Windows Media License Service on more than one computer.

To get a certificate, client verification keys, and a revocation list, you'll have to do the following on each computer running Windows Media License Service: first, go to https://licenseserver.windowsmedia.com, click "Enroll to get a new certificate," and follow the instructions to begin the enrollment process. You will receive an e-mail message containing the token you need to complete the enrollment. Next, return to https://licenseserver.windowsmedia.com, click "Complete the enrollment with your e-mail confirmation", and then follow the instructions. Finally, return to https://licenseserver.windowsmedia.com and download the latest license service information to install the latest revocation list and client verification keys (these items are already installed by the time the Web page is displayed).

Creating Key Values

Next, you need to create a value for your license key seed, and create values for a public key and private key for your content server. The private key is used for signing the content header during the package process. The public key is used later to verify that that signature has not been tampered with. This verification can take place when a request for a license is received, or if the BindToPubKey method was used, each time that packaged file is used.

To create these values, you need to create and run the script shown in Figure 9. Three text files (Seed.txt, Pubkey.txt, and Privkey.txt) which contain values are created in the same folder as the script file.

Dim WSHShell

Set WSHShell = WScript.CreateObject("WScript.Shell")

dim keysobjs

dim privkey

dim pubkey

dim seed

Set keysobj = CreateObject("wmrmobjs.WMRMKeys")

keysobj.GenerateSigningKeys privkey, pubkey

seed = keysobj.GenerateSeed()

Dim cmd

'Write the private key to privkey.txt.

cmd = "command.com /C echo " + privkey + " > privkey.txt" 

WSHShell.Run cmd

'Write the public key to pubkey.txt.

cmd = "command.com /C echo " + pubkey + " > pubkey.txt"

WSHShell.Run cmd

'Write the license key seed to seed.txt.

cmd = "command.com /C echo " + seed + " > seed.txt"

WSHShell.Run cmd

Figure 9 WMRMKey.vbs

Packaging Files

When you package a digital media file, you'll need several pieces of information, including your license key seed, license acquisition URL, input file (the file you want to package), and a name for the output file (the packaged file). You can also specify a required individualization version, as well as information for players that only support Version 1 licenses.

Typically, the static information would be stored in a database and retrieved by your application during the packaging process. Metadata (such as a title or artist name) can also be read from a database and then added to the content header in the form of attributes. Information such as a file's key ID and content ID should be added to the database during this process.

Packaging includes the following basic steps:

  1. Use the WMRMKeys object to generate a key ID. This object can also be used to generate a content ID. However, in the code sample shown in Figure 10, you supply the content ID (for example, it could be read from a database).
  2. Use the WMRMKeys object with the license key seed and key ID to generate a key.
  3. Use the WMRMHeader object with the key, key ID, content ID, and license acquisition URL to create a content header. It is recommended that you add attributes and optionally specify a required individualization version number.
  4. Sign the content header using the WMRMHeader object. Once the content header is signed, take the string from the Header property in the WMRMHeader object and set it in the Header property in the WMRMProtect object.
  5. Use the WMRMProtect object with the input file, key, and content header to produce a packaged Windows Media file.

Version 1 information (a key ID and license acquisition URL) is also added at this stage. The key ID is the same value as the one generated earlier. However, the Version 1 license acquisition URL should point to a Web page that issues Version 1 licenses. You can use the default URL by not specifying your own—the default URL points to a page where consumers can download updated players that support Version 7.

The code in Figure 10 shows a simple way to package a file. To use this code in a production setting, you should add your own error checking and database integration.

<%@ LANGUAGE="VBScript"%>

<%

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Declare variables and objects.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

Dim seed, kid, key

Dim laurl, cid, indi_version

Dim header, privatekey

Dim inputfile, v1_laurl, outputfile

Dim KeysObj, HeaderObj, ProtectObj



do



'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Replace XXX with your own values. In real practice, you would 

' retrieve these values from a database.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

seed            = XXX  'License key seed

laurl           = XXX  'Version 7 license acquisition URL

cid             = XXX  'Content ID

indi_version    = XXX  'Individualization version

privatekey      = XXX  'Private signing key for the packaging server

inputfile       = XXX  'Input file name

v1_laurl        = XXX  'Version 1 license acquisition URL

outputfile      = XXX  'Output file name



'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Create objects.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

Set KeysObj     = Server.CreateObject("WMRMobjs.WMRMKeys")

Set HeaderObj   = Server.CreateObject("WMRMobjs.WMRMHeader")

Set ProtectObj  = Server.CreateObject("WMRMobjs.WMRMProtect")



'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Set the license key seed, generate a key ID, then generate the key.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

KeysObj.seed = seed

kid = KeysObj.GenerateKeyID()

KeysObj.KeyID = kid

key = KeysObj.GenerateKey()



'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Create the header: 

' Add the Key ID, license acquisition URL, content ID, required 

' individualization version, and attributes to the Header object.

' Then, checksum the key information. 

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

HeaderObj.KeyID = kid

HeaderObj.LicenseAcqURL = laurl

HeaderObj.ContentID = cid

HeaderObj.IndividualizedVersion = indi_version

HeaderObj.Attribute("Copyright")="© 1999 The Shusterbabies,All Rights Reserved."

HeaderObj.Attribute("Content_Type") = "audio" 

HeaderObj.Attribute("Author") = "The Shusterbabies" 

HeaderObj.Attribute("Artist_URL") = "https://www.microsoft.com/windows/

    windowsmedia/en/wm7/DRM/demos.asp" 

HeaderObj.Attribute("Title") = "Oh No (2nd Mix)" 

HeaderObj.Attribute("License_Dist") = "Reciprocal" 

HeaderObj.Attribute("License_Dist_URL") = "https://license.reciprocalrights.com/

    ISIS10/Microsoft/Shusterbabies_OhNo1/license.asp" 

HeaderObj.Attribute("Content_Dist") = "Windows Media"   

HeaderObj.Attribute("Rating") = "Everyone" 

HeaderObj.Attribute("Description") = "Preview clip" 

call HeaderObj.SetCheckSum(key)



'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Sign the content header with your private key, then generate 

' the content header.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

call HeaderObj.Sign(privatekey)

header = HeaderObj.Header



'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

' Specify the input file, the output file, key, header, and version 1

' information. Then, package the file to the output file name.

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

ProtectObj.InputFile = inputfile

ProtectObj.Key = key

ProtectObj.Header = header

ProtectObj.V1LicenseAcqURL = v1_laurl

ProtectObj.V1KeyID = kid

call ProtectObj.ProtectFile(outputfile)

%>

Figure 10 Simple File Packaging

Issuing Licenses in Response to a Request

A license request is made when a player cannot find a valid license for a packaged file. This situation typically occurs when a consumer tries to play a packaged file the first time, or after an existing license has expired.

Issuing a license in response to a request includes these steps:

  1. The player sends a request for a license containing the content header and client information to Windows Media License Service at the license acquisition URL.
  2. The license request challenge is put into the WMRMChallenge object, and the client information and content header information are processed.
  3. The WMRMRights object generates the necessary rights to put into the license.
  4. The content header information is put into the WMRMHeader object to retrieve a key ID.
  5. The key ID and license key seed are put into the WMRMKeys object to generate the key. (This license key seed is the same as the one used to package the file.)
  6. The individualization version number and the platform information from the client are determined by using the WMRMLicGen.GetClientVersion method. If the version number and platform are acceptable, the process continues. Otherwise, a license is not issued.
  7. The client information, the rights, the key ID, and the key are put into the WMRMLicGen object to generate a license. The license is put into the WMRMResponse object to generate a response that is sent back to the requesting client and put into the license store on the consumer's computer.

In a production environment, a database would be used to store information about the licenses that are issued. If you're issuing licenses for more than one content provider, information about the content providers, packaged files, and vendors could also be stored. For example, upon receiving a license request, the license issuer could use the key ID to determine which content provider owns the file, and therefore which rights to give and which license key seed to use.

The code in Figure 11 generates the page that issues a file in response to a request (the code that issues the license is included in the code download at the link at the top of this article). To use this code in a production setting, you should add your own error checking and database integration.

<html>

<head>

<script Language="JavaScript">

function StoreV7License(hr)

{

   GetLicenseObj.StoreLicense( "<%= LicenseResponse %>" );

}

</script>

</head>

<body onload="StoreV7License()">

<object classid="clsid:A9FC132B-096D-460B-B7D5-1DB0FAE0C062" height="0"

   id="GetLicenseObj" width="0">

   <embed mayscript type="application/x-drm-v2" hidden="true">

</object>

You have received a license for this song. Click Play.

</body>

</html>

Figure 11 Nonsilent.asp

Predelivery

There are two methods you can use to predeliver licenses, depending on how you want to set up your system. First, when using the RMGetLicense.GetLicenseFromURL method, a license request is made using a background HTTP post. The Windows Media License Service returns a license to the consumer. This method is useful for silent license delivery and enables you to specify a URL from which to issue a license.

Second, when using the RMGetLicense.GetSystemInfo method, a hidden form in a Web page sends client information to the Windows Media License Service. The license service then returns a license and a new Web page to the consumer.

The code examples available for download from the link at the top of this article mentioned earlier show how to predeliver a license using both methods. Predeliver_1.asp and Confirm_1.asp correspond to the GetLicenseFromURL method, and Predeliver_2.asp and Confirm_2.asp demonstrate the GetSystemInfo method. To use these examples, open Predeliver_1.asp or Predeliver_2.asp in a Web browser and click the button to trigger license delivery. Predeliver_main.asp generates the license. For GetLicenseFromURL, Predeliver_main.asp stores the license and Confirm_1.asp confirms it. For the GetSystemInfo method, Confirm_2.asp stores the license.

Testing Your System

It is essential that you test your system before deploying it.

  • Try acquiring licenses from different platforms (Windows 98, Windows Me, Windows 2000, Windows XP, and Macintosh).
  • Try playing packaged files with and without licenses to see how the license acquisition URL works.
  • Try acquiring licenses with different settings in DRM-enabled players. For example, Windows Media Player 7 has a checkbox that lets users choose whether to try to get licenses automatically—this setting determines whether silent license acquisition is enabled.
  • Test packaged files to see if rights were correctly set up. Try transferring packaged files to portable devices for testing.

Looking Forward

The Windows Media team is continually developing the DRM technology to increase security, flexibility, and provide more robust solutions to meet the needs of content providers. The next release of Windows Media Technologies is due for release around the time this issue is published and is expected to include the following features pertaining to DRM:

  • Real-time packaging is planned to be added as a feature of Windows Media Encoder, allowing content providers to package digital media in real time. For example, a content provider will be able to encode and package a live broadcast.
  • Dynamic modification of content headers will allow content providers to modify a content header on the fly, without first writing the file to disk. For example, a vendor can add information to the content header of a packaged file he receives from a content provider, and then distribute this version of the packaged file to consumers.
  • Security features will allow application exclusion (disallowing playback on specific applications), content revocation (revoking licenses for all packaged files from a specific content provider), and server-side application revocation (refusing to issue licenses to player applications that have been revoked).

Farther into the future (most likely 2002), the Microsoft DRM technologies are expected to allow the protection of all digital media using the same DRM technology for all formats. For example, content providers will be able to issue licenses for a combination of digital media, including books, documents, and graphics, in addition to audio and video.

For related articles see:
https://www.microsoft.com/windows/windowsmedia/
For background information see:
The Windows Media Encoder
Windows Media SDK
Windows Media Services

Andrea Pruneda is a programming writer in the Digital Media Division at Microsoft. She has been a technical writer for eight years, and is currently working on Windows Media Technologies. She can be reached at andreapr@microsoft.com.


From the December 2001 issue of MSDN Magazine.
Get it at your local newsstand, or better yet, subscribe.