DRMAttest function (msdrm.h)

[The AD RMS SDK leveraging functionality exposed by

the client in Msdrm.dll is available for use in Windows Server 2008, Windows Vista, Windows Server 2008 R2, Windows 7, Windows Server 2012, and Windows 8. It may be altered or

unavailable in subsequent versions. Instead, use Active Directory Rights Management Services SDK 2.1,

which leverages functionality exposed by the client in Msipc.dll.]

[The DRMAttest function is no longer supported and returns E_NOTIMPL.]

For Rights Management Services 1.0, the DRMAttest function signs arbitrary data.

Syntax

DRMEXPORT HRESULT UDAPICALL DRMAttest(
  [in]      DRMHANDLE     hEnablingPrincipal,
  [in]      PWSTR         wszData,
  [in]      DRMATTESTTYPE eType,
  [in, out] UINT          *pcAttestedBlob,
  [out]     PWSTR         wszAttestedBlob
);

Parameters

[in] hEnablingPrincipal

A handle to an enabling principal object created by using DRMCreateEnablingPrincipal.

[in] wszData

The data to encode.

[in] eType

An enumeration that determines whether to include full environment data or only a hash.

[in, out] pcAttestedBlob

Length, in characters, of the string being returned, plus one for a terminating null character.

[out] wszAttestedBlob

The signed data.

Return value

If the function succeeds, the function returns S_OK.

If the function fails, it returns an HRESULT value that indicates the error. For a list of common error codes, see Common HRESULT Values.

Remarks

This function can be used with challenge/response protocols by including the challenge in the data buffer. An output string may contain the principal's certificates, in addition to the signature.

The data is concatenated with the manifest used to initialize the RM environment. A manifest is a signed XrML blob that includes information to authenticate the program and all required DLLs, as well as a list of any prohibited DLLs. The manifest used is the one loaded when the RM environment was initialized. For information about making a manifest, see Creating an Application Manifest.

To return a value, first call this function with NULL passed into the wszAttestedBlob parameter. The value returned in pcStrLen will indicate the size of the variable the application must create to hold the encoded signature. All buffer allocation and destruction are the responsibility of the caller.

Data signed by using DRMAttest can be verified by using DRMVerify.

Requirements

Requirement Value
Target Platform Windows
Header msdrm.h
Library Msdrm.lib
DLL Msdrm.dll

See also

AD RMS Functions