How to get Extended Policy pairs with AD RMS SDK 2 RRS feed

  • Question

  • Using the new SDK, how does one get the Extended Policy Information key value pairs?  It appears to me that this information is not part of the license encrypted with the document and it only available if you create a template from an id and then ask for the values.  Is this right or is there another way to get it from the protected file your application is opening?

    Friday, January 25, 2013 11:06 PM


  • The following has been reposted from RMS developer FAQ activity that originated on the Microsoft Connect site and addresseses this question.

    Posted by DuncanB on 2/1/2013 at 11:51 AM
    Are you talking about IPC_LI_APP_SPECIFIC_DATA or IPC_LI_APP_SPECIFIC_DATA_NO_ENCRYPTION?   Both are part of the license, although only IPC_LI_APP_SPECIFIC_DATA_NO_ENCRYPTION will be visible to you (the other property is encrypted, and only available after you get a decryption key).

     Posted by kbowen on 2/4/2013 at 12:02 PM                                       
     Are you saying that the template values from the extended policy tab of the template  can be found with IPC_LI_APP_SPECIFIC_DATA_NO_ENCRYPTION? I can get the values from a template by doing this: hr = IpcCreateLicenseFromTemplateID(bstrTemplateId, 0, NULL, &hLicense); PIPC_NAME_VALUE_LIST pIpcNameValueList = NULL ; PIPC_NAME_VALUE_LIST* ppIpcNameValueList = &pIpcNameValueList; hr = IpcGetLicenseProperty(hLicense,IPC_LI_APP_SPECIFIC_DATA,0,(LPVOID *)ppIpcNameValueList); But if I have a serialized license it does not appear that the app specific values from the template are serialized into the license. So the following code: hr = IpcGetSerializedLicenseProperty(pvLicense, IPC_LI_APP_SPECIFIC_DATA, hKey, 0, (LPVOID *)&pIpcNameValueList); will get values that I have inserted using  hr = IpcSetLicenseProperty(hLicense, false, IPC_LI_APP_SPECIFIC_DATA, pIpcNameValueList); but will not retrieve the values that are on the extended policy tab of the template.

    Posted by DuncanB on 2/5/2013 at 1:21 PM
    This information is helpful, thanks.   What you described *should* have worked.  I'll sync with our test team and see whether there's a bug here, or whether we need more information from you.                                        

    Posted by DuncanB on 2/6/2013 at 10:24 AM
    Update. The behavior you observed is expected.  When you set the APP_SPECIFIC_DATA explicitly, you're:   * overriding the APP_SPECIFIC_DATA in the template  * generating a policy that's no longer affinitized to a template You can get the union of template app-specific data and your app-specific data by:   * querying the app-specific data  * creating a name value list containing both the results of this query, and your own name/value pairs  * setting the resultant list to the policy The downside is that if you wanted the resulting policy to act as a template, it won't -- you've effectively converted it into a "from scratch" license.  IPC_LI_APP_SPECIFIC_DATA_NO_ENCRYPTION can be used to add attributes to template-based policy; depending on your scenario this may be better suited to your needs.  LMK if you've got more questions.                                                                               

    Brad Mahugh
    Microsoft Corporation
    This post is provided "AS IS" and confers no promises of current or future technical support for a specific support issue. Please use Microsoft product support if you need a service commitment for your current support case or issue.

    Tuesday, April 2, 2013 8:24 PM