internal static int DRMCreateRight(
string rightName,
SystemTime timeFrom,
SystemTime timeUntil,
uint countExtendedInfo,
string[] extendedInfoNames,
string[] extendedInfoValues,
out SafeRightsManagementPubHandle rightHandle)
{
SecurityHelper.DemandRightsManagementPermission();
int res = UnsafeNativeMethods.DRMCreateRight(
rightName,
timeFrom,
timeUntil,
countExtendedInfo,
extendedInfoNames,
extendedInfoValues,
out rightHandle);
// on some platforms in the failure cases the out parameter is being created with the value 0
// in order to simplify error handling and Disposing of those handles we will just close them as
// soon as we detect such case
if ((rightHandle != null) && rightHandle.IsInvalid)
{
rightHandle.Dispose();
rightHandle = null;
}
return(res);
}
/// <summary>
/// This constructor accepts XrML Publish License template as a parameter. It parses the XrRML document
/// and initializes class based on that.
/// </summary>
public UnsignedPublishLicense(string publishLicenseTemplate) : this()
{
SecurityHelper.DemandRightsManagementPermission();
if (publishLicenseTemplate == null)
{
throw new ArgumentNullException("publishLicenseTemplate");
}
using (IssuanceLicense issuanceLicense = new IssuanceLicense(
DateTime.MinValue, // validFrom, - default
DateTime.MaxValue, // validUntil, - default
null, // referralInfoName,
null, // referralInfoUrl,
null, // owner,
publishLicenseTemplate,
SafeRightsManagementHandle.InvalidHandle, // boundLicenseHandle,
_contentId, // contentId,
null, // grantCollection
null, // Localized Name Description pairs collection
null, // Application Specific Data Dictionary
0, // validity interval days
null)) // revocation point info
{
// update our instance data based on the parsed information
issuanceLicense.UpdateUnsignedPublishLicense(this);
}
}
internal static int DRMGetRevocationPoint(
SafeRightsManagementPubHandle issuanceLicenseHandle,
ref uint idLength,
StringBuilder id,
ref uint idTypeLength,
StringBuilder idType,
ref uint urlLength,
StringBuilder url,
SystemTime frequency,
ref uint nameLength,
StringBuilder name,
ref uint publicKeyLength,
StringBuilder publicKey)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMGetRevocationPoint(
issuanceLicenseHandle,
ref idLength,
id,
ref idTypeLength,
idType,
ref urlLength,
url,
frequency,
ref nameLength,
name,
ref publicKeyLength,
publicKey));
}
/// <summary>
/// This constructor builds an empty Publish License.
/// </summary>
public UnsignedPublishLicense()
{
SecurityHelper.DemandRightsManagementPermission();
_grantCollection = new Collection <ContentGrant>();
_contentId = Guid.NewGuid();
}
internal static int DRMCreateLicenseStorageSession(
SafeRightsManagementEnvironmentHandle hEnv,
SafeRightsManagementHandle hDefLib,
SafeRightsManagementSessionHandle hClientSession,
uint uFlags,
string IssuanceLicense,
out SafeRightsManagementSessionHandle phLicenseStorageSession)
{
SecurityHelper.DemandRightsManagementPermission();
int res = UnsafeNativeMethods.DRMCreateLicenseStorageSession(
hEnv,
hDefLib,
hClientSession,
uFlags,
IssuanceLicense,
out phLicenseStorageSession);
// on some platforms in the failure cases the out parameter is being created with the value 0
// in order to simplify error handling and Disposing of those handles we will just close them as
// soon as we detect such case
if ((phLicenseStorageSession != null) && phLicenseStorageSession.IsInvalid)
{
phLicenseStorageSession.Dispose();
phLicenseStorageSession = null;
}
return(res);
}
internal static int DRMGetIssuanceLicenseInfo(
SafeRightsManagementPubHandle issuanceLicenseHandle,
SystemTime timeFrom,
SystemTime timeUntil,
uint flags,
ref uint distributionPointNameLength,
StringBuilder DistributionPointName,
ref uint distributionPointUriLength,
StringBuilder DistributionPointUri,
out SafeRightsManagementPubHandle ownerHandle,
out bool officialFlag)
{
SecurityHelper.DemandRightsManagementPermission();
int res = UnsafeNativeMethods.DRMGetIssuanceLicenseInfo(
issuanceLicenseHandle,
timeFrom,
timeUntil,
flags,
ref distributionPointNameLength,
DistributionPointName,
ref distributionPointUriLength,
DistributionPointUri,
out ownerHandle,
out officialFlag);
// on some platforms in the failure cases the out parameter is being created with the value 0
// in order to simplify error handling and Disposing of those handles we will just close them as
// soon as we detect such case
if ((ownerHandle != null) && ownerHandle.IsInvalid)
{
ownerHandle.Dispose();
ownerHandle = null;
}
return(res);
}
internal static int DRMGetSignedIssuanceLicense(
SafeRightsManagementEnvironmentHandle environmentHandle,
SafeRightsManagementPubHandle issuanceLicenseHandle,
uint flags,
byte[] symmetricKey,
uint symmetricKeyByteCount,
string symmetricKeyType,
string clientLicensorCertificate,
CallbackDelegate pfnCallback,
string Url,
uint context)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMGetSignedIssuanceLicense(
environmentHandle,
issuanceLicenseHandle,
flags,
symmetricKey,
symmetricKeyByteCount,
symmetricKeyType,
clientLicensorCertificate,
pfnCallback,
Url,
context));
}
/// <summary>
/// This method is responsible for tearing down secure environment that was built as a result of Init call.
/// </summary>
public void Dispose()
{
SecurityHelper.DemandRightsManagementPermission();
Dispose(true);
GC.SuppressFinalize(this);
}
/// <summary>
/// This static Method builds a new instance of a SecureEnvironment for a given user that is already
/// activated. If this method called with a user that isn't activated, and exception will be thrown.
/// The user that is passed into the function must have a well defined authentication type
/// AuthenticationType.Windows or AuthenticationType.Passport, all other Authentication
/// types(AuthenticationType.WindowsPassport or AuthenticationType.Internal) are not allowed.
/// </summary>
public static SecureEnvironment Create(string applicationManifest,
ContentUser user)
{
SecurityHelper.DemandRightsManagementPermission();
return(CriticalCreate(applicationManifest, user));
}
/// <summary>
/// This constructor creates a user that will be granted a right. Or used in other related scenarios like
/// initializing secure environment for the user, or enumerating rights granted to various users.
/// </summary>
public ContentUser(string name, AuthenticationType authenticationType)
{
SecurityHelper.DemandRightsManagementPermission();
if (name == null)
{
throw new ArgumentNullException("name");
}
if (name.Trim().Length == 0)
{
throw new ArgumentOutOfRangeException("name");
}
if ((authenticationType != AuthenticationType.Windows) &&
(authenticationType != AuthenticationType.Passport) &&
(authenticationType != AuthenticationType.WindowsPassport) &&
(authenticationType != AuthenticationType.Internal))
{
throw new ArgumentOutOfRangeException("authenticationType");
}
// We only support Anyone for the internal mode at the moment
if (authenticationType == AuthenticationType.Internal)
{
if (!CompareToAnyone(name) && !CompareToOwner(name))
{
// we only support Anyone as internal user
throw new ArgumentOutOfRangeException("name");
}
}
_name = name;
_authenticationType = authenticationType;
}
internal static int DRMCreateClientSession(
CallbackDelegate pfnCallback,
uint uCallbackVersion,
string GroupIDProviderType,
string GroupID,
out SafeRightsManagementSessionHandle phSession)
{
SecurityHelper.DemandRightsManagementPermission();
int res = UnsafeNativeMethods.DRMCreateClientSession(
pfnCallback,
uCallbackVersion,
GroupIDProviderType,
GroupID,
out phSession);
// on some platforms in the failure cases the out parameter is being created with the value 0
// in order to simplify error handling and Disposing of those handles we will just close them as
// soon as we detect such case
if ((phSession != null) && phSession.IsInvalid)
{
phSession.Dispose();
phSession = null;
}
return(res);
}
internal static int DRMCreateIssuanceLicense(
SystemTime timeFrom,
SystemTime timeUntil,
string referralInfoName,
string referralInfoUrl,
SafeRightsManagementPubHandle ownerUserHandle,
string issuanceLicense,
SafeRightsManagementHandle boundLicenseHandle,
out SafeRightsManagementPubHandle issuanceLicenseHandle)
{
SecurityHelper.DemandRightsManagementPermission();
int res = UnsafeNativeMethods.DRMCreateIssuanceLicense(
timeFrom,
timeUntil,
referralInfoName,
referralInfoUrl,
ownerUserHandle,
issuanceLicense,
boundLicenseHandle,
out issuanceLicenseHandle);
// on some platforms in the failure cases the out parameter is being created with the value 0
// in order to simplify error handling and Disposing of those handles we will just close them as
// soon as we detect such case
if ((issuanceLicenseHandle != null) && issuanceLicenseHandle.IsInvalid)
{
issuanceLicenseHandle.Dispose();
issuanceLicenseHandle = null;
}
return(res);
}
internal static int DRMCreateEnablingBitsEncryptor(
SafeRightsManagementHandle boundLicenseHandle,
string right,
uint auxLibrary,
string auxPlugin,
out SafeRightsManagementHandle encryptorHandle)
{
SecurityHelper.DemandRightsManagementPermission();
int res = UnsafeNativeMethods.DRMCreateEnablingBitsEncryptor(
boundLicenseHandle,
right,
auxLibrary,
auxPlugin,
out encryptorHandle);
// on some platforms in the failure cases the out parameter is being created with the value 0
// in order to simplify error handling and Disposing of those handles we will just close them as
// soon as we detect such case
if ((encryptorHandle != null) && encryptorHandle.IsInvalid)
{
encryptorHandle.Dispose();
encryptorHandle = null;
}
return(res);
}
internal static int DRMCreateBoundLicense(
SafeRightsManagementEnvironmentHandle environmentHandle,
BoundLicenseParams boundLicenseParams,
string licenseChain,
out SafeRightsManagementHandle boundLicenseHandle,
out uint errorLogHandle)
{
SecurityHelper.DemandRightsManagementPermission();
int res = UnsafeNativeMethods.DRMCreateBoundLicense(
environmentHandle,
boundLicenseParams,
licenseChain,
out boundLicenseHandle,
out errorLogHandle);
// on some platforms in the failure cases the out parameter is being created with the value 0
// in order to simplify error handling and Disposing of those handles we will just close them as
// soon as we detect such case
if ((boundLicenseHandle != null) && boundLicenseHandle.IsInvalid)
{
boundLicenseHandle.Dispose();
boundLicenseHandle = null;
}
return(res);
}
// we can not use safe handle in the DrmClose... function
// as the SafeHandle implementation marks this instance as an invalid by the time
// ReleaseHandle is called. After that marshalling code doesn't let the current instance
// of the Safe*Handle sub-class to cross managed/unmanaged boundary.
internal static int DRMCloseQueryHandle(
uint queryHandle)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMCloseQueryHandle(
queryHandle));
}
internal static int DRMInitEnvironment(
uint eSecurityProviderType,
uint eSpecification,
string securityProvider,
string manifestCredentials,
string machineCredentials,
out SafeRightsManagementEnvironmentHandle environmentHandle,
out SafeRightsManagementHandle defaultLibrary)
{
SecurityHelper.DemandRightsManagementPermission();
int res = UnsafeNativeMethods.DRMInitEnvironment(
eSecurityProviderType,
eSpecification,
securityProvider,
manifestCredentials,
machineCredentials,
out environmentHandle,
out defaultLibrary);
// on some platforms in the failure cases the out parameter is being created with the value 0
// in order to simplify error handling and Disposing of those handles we will just close them as
// soon as we detect such case
if ((environmentHandle != null) && environmentHandle.IsInvalid)
{
environmentHandle.Dispose();
environmentHandle = null;
}
if ((defaultLibrary != null) && defaultLibrary.IsInvalid)
{
defaultLibrary.Dispose();
defaultLibrary = null;
}
return(res);
}
// we can not use safe handle in the DrmClose... function
// as the SafeHandle implementation marks this instance as an invalid by the time
// ReleaseHandle is called. After that marshalling code doesn't let the current instance
// of the Safe*Handle sub-class to cross managed/unmanaged boundary.
internal static int DRMCloseEnvironmentHandle(
uint envHandle)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMCloseEnvironmentHandle(
envHandle));
}
internal static int DRMDeleteLicense(
SafeRightsManagementSessionHandle hSession,
string wszLicenseId)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMDeleteLicense(
hSession,
wszLicenseId));
}
internal static int DRMSetIntervalTime(
SafeRightsManagementPubHandle issuanceLicenseHandle,
uint days)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMSetIntervalTime(
issuanceLicenseHandle,
days));
}
/// <summary>
/// This static method activates a user and creates a new instance of SecureEnvironment.
/// The authentication type determines the type of user identity that will be activated.
/// If Permanent Windows activation is requested then the default currently logged on
/// Windows Account identity will be activated. If Temporary Windows activation requested
/// then user will be prompted for Windows Domain credentials through a dialog, and the
/// user identified through those credentials will be activated.
/// In case of Passport authentication, a Passport authentication dialog will always
/// appear regardless of temporary or permanent activation mode. The user that authenticatd
/// through that Passport Authentication dialog will be activated.
/// Regardless of Windows or Passport Authentication, all Temporary created activation will be
/// destroyed when SecureEnvironment instance is Disposed or Finalized.
/// </summary>
public static SecureEnvironment Create(string applicationManifest,
AuthenticationType authentication,
UserActivationMode userActivationMode)
{
SecurityHelper.DemandRightsManagementPermission();
return(CriticalCreate(applicationManifest,
authentication,
userActivationMode));
}
internal static int DRMGetIssuanceLicenseTemplate(
SafeRightsManagementPubHandle issuanceLicenseHandle,
ref uint issuanceLicenseTemplateLength,
StringBuilder issuanceLicenseTemplate)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMGetIssuanceLicenseTemplate(
issuanceLicenseHandle,
ref issuanceLicenseTemplateLength,
issuanceLicenseTemplate));
}
/// <summary>
/// This function allows the Owner (or a person granted ViewRightsData right)
/// to extract the original publishing information that was encrypted during publishing process.
/// </summary>
public UnsignedPublishLicense DecryptUnsignedPublishLicense(CryptoProvider cryptoProvider)
{
SecurityHelper.DemandRightsManagementPermission();
if (cryptoProvider == null)
{
throw new ArgumentNullException("cryptoProvider");
}
return(cryptoProvider.DecryptPublishLicense(_serializedPublishLicense));
}
internal static int DRMIsActivated(
SafeRightsManagementSessionHandle hSession,
uint uFlags,
ActivationServerInfo activationServerInfo)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMIsActivated(
hSession,
uFlags,
activationServerInfo));
}
internal static int DRMGetUnboundLicenseObjectCount(
SafeRightsManagementQueryHandle queryRootHandle,
string subObjectType,
out uint objectCount)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMGetUnboundLicenseObjectCount(
queryRootHandle,
subObjectType,
out objectCount));
}
internal static int DRMGetOwnerLicense(
SafeRightsManagementPubHandle issuanceLicenseHandle,
ref uint ownerLicenseLength,
StringBuilder ownerLicense)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMGetOwnerLicense(
issuanceLicenseHandle,
ref ownerLicenseLength,
ownerLicense));
}
internal static int DRMAddRightWithUser(
SafeRightsManagementPubHandle issuanceLicenseHandle,
SafeRightsManagementPubHandle rightHandle,
SafeRightsManagementPubHandle userHandle)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMAddRightWithUser(
issuanceLicenseHandle,
rightHandle,
userHandle));
}
internal static int DRMSetApplicationSpecificData(
SafeRightsManagementPubHandle issuanceLicenseHandle,
bool flagDelete,
string name,
string value)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMSetApplicationSpecificData(
issuanceLicenseHandle,
flagDelete,
name,
value));
}
internal static int DRMDeconstructCertificateChain(
string chain,
uint index,
ref uint certificateLength,
StringBuilder certificate)
{
SecurityHelper.DemandRightsManagementPermission();
return(UnsafeNativeMethods.DRMDeconstructCertificateChain(
chain,
index,
ref certificateLength,
certificate));
}
/// <summary>
/// This function allows an application to examine or exercise the rights on a locally stored license.
/// </summary>
public CryptoProvider Bind(SecureEnvironment secureEnvironment)
{
SecurityHelper.DemandRightsManagementPermission();
if (secureEnvironment == null)
{
throw new ArgumentNullException("secureEnvironment");
}
// The SecureEnvironment constructor makes sure ClientSession cannot be null.
// Accordingly suppressing preSharp warning about having to validate ClientSession.
#pragma warning suppress 6506
return(secureEnvironment.ClientSession.TryBindUseLicenseToAllIdentites(_serializedUseLicense));
}
/// <summary>
/// This function attempts to acquire a Use License.
/// This function suppresses the Windows network authentication dialog box. If the license request is denied
/// because the user does not have permission. This function will prevent the network authentication dialog
/// box from being displayed. This is useful when attempting to handle license acquisition on a background
/// or other non-user interface thread because you can avoid potentially confusing dialog boxes. If authentication
/// does fail, the function will throw an appropriate RightsManagementException
/// </summary>
public UseLicense AcquireUseLicenseNoUI(SecureEnvironment secureEnvironment)
{
SecurityHelper.DemandRightsManagementPermission();
if (secureEnvironment == null)
{
throw new ArgumentNullException("secureEnvironment");
}
// The SecureEnvironment constructor makes sure ClientSession cannot be null.
// Accordingly suppressing preSharp warning about having to validate ClientSession.
#pragma warning suppress 6506
return(secureEnvironment.ClientSession.AcquireUseLicense(_serializedPublishLicense, true));
}
