OfflineSigning_GetCertificate.cpp

[The AD RMS SDK leveraging functionality exposed by the client in Msdrm.dll is available for use in Windows Server 2008, Windows Vista, Windows Server 2008 R2, Windows 7, Windows Server 2012, and Windows 8. It may be altered or unavailable in subsequent versions. Instead, use Active Directory Rights Management Services SDK 2.1, which leverages functionality exposed by the client in Msipc.dll.]

The following example code shows how to retrieve a certificate from the local certificate store. To sign an issuance license offline, you must retrieve the machine and client licensor certificates.

#include "OfflineILSigning.h"

/*===================================================================
File:      OfflineSigning_GetCertificate.cpp

THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF
ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A
PARTICULAR PURPOSE.

Copyright (C) Microsoft.  All rights reserved.
===================================================================*/

/////////////////////////////////////////////////////////////////////
// The GetCertificate function retrieves a UNICODE string that
// contains the requested certificate from the local store.
//
HRESULT GetCertificate(DRMHSESSION hSession, 
                       UINT uFlags, 
                       PWSTR *ppwszCertificate)
{
  HRESULT   hr              = S_OK;     // HRESULT return code
  BOOL      fShared         = false;    // Certificate sharing
  UINT      uiCertLength    = 0;        // Length, in characters

  wprintf(L"\r\nEntering GetCertificate.\r\n");

  // Call DRMEnumerateLicense once to determine the number of
  // characters, including the terminating null character, in
  // the certificate.
  hr = DRMEnumerateLicense( 
            hSession,               // Session handle.
            uFlags,                 // Certificate or license type.
            0,                      // Start at index zero.
            &fShared,               // Certificate not shared.
            &uiCertLength,          // Return the length.
            NULL);                  // NULL to obtain length.
  if(FAILED(hr)) return hr;

  // Allocate memory for the certificate. The caller must delete.
  *ppwszCertificate = new WCHAR[uiCertLength];
  if(NULL == *ppwszCertificate)
  {
    hr = E_OUTOFMEMORY;
    return hr;
  }

  // Call DRMEnumerateLicense again to retrieve the certificate.
  hr = DRMEnumerateLicense( 
            hSession,               // Session handle.
            uFlags,                 // Certificate or license type.
            0,                      // Start at index zero.
            &fShared,               // Certificate not shared. 
            &uiCertLength,          // Specify the length. 
            *ppwszCertificate );    // Return the certificate.

  wprintf(L"Leaving GetCertificate: hr = %x \r\n", hr);
  return hr;
}

Related topics

Creating and Using Issuance Licenses

Offline Signing Code Example