SIGNATURE
[The AD RMS SDK uses functionality exposed by the client in Msdrm.dll, and is available for use in Windows Server 2008, Windows Vista, Windows Server 2008 R2, Windows 7, Windows Server 2012, and Windows 8. It may be altered or unavailable in subsequent versions of Windows. Instead, use the Active Directory Rights Management Services SDK 2.1, which uses functionality exposed by the client in Msipc.dll.]
Contains a digital signature of the BODY element in an Active Directory Rights Management Services (AD RMS) license or certificate. AD RMS signs an XrML document by hashing the contents of the BODY element, and then by using a private key to encrypt the hash. This element has the following definition.
<!ELEMENT SIGNATURE (DIGEST,
ALGORITHM?,
PARAMETER*,
VALUE,
AUTHENTICATOR?)>
<!ELEMENT DIGEST (ALGORITHM?,
PARAMETER*,
VALUE?)>
<!ATTLIST DIGEST
sourcedata CDATA #IMPLIED
type CDATA #IMPLIED>
<!ELEMENT ALGORITHM (#PCDATA)>
<!ELEMENT PARAMETER (VALUE)>
<!ATTLIST PARAMETER
name CDATA #REQUIRED
characteristic (fixed | variable) "fixed">
<!ELEMENT AUTHENTICATOR (ID,
NAME?,
AUTHENTICATOR?,
AUTHENTICATIONCLASS?,
VERIFICATIONDATA*)>
<!ATTLIST AUTHENTICATOR
type CDATA #REQUIRED
internal-id CDATA #IMPLIED>
Remarks
In the SIGNATURE definition, the DIGEST and VALUE elements are required, and the ALGORITHM, PARAMETER, and AUTHENTICATOR elements are optional. For more information about the child elements of SIGNATURE, see the following topics:
-
Contains a hash of the BODY element in an Active Directory Rights Management Services (AD RMS) license or certificate.
-
Contains the name of a cryptographic algorithm.
-
Contains additional information about the object, typically a DIGEST or PUBLICKEY element, to which it is applied.
-
Identifies a principal whose private key is used to generate a signature.
Requirements
| Product |
Rights Management Services client 1.0 or later |