If you use Adobe Primetime DRM Professional, you can pre-generate licenses and embed licenses in content. This feature can be combined with Enhanced License Chaining, such that a Leaf license is pre-generated and embedded in the content, and the client can request a Root license (bound to a machine or domain) from a license server. Alternatively, client applications can implement a workflow where the device pre-registers with a server, the server pre-generates licenses that are bound to that device, and the client retrieves its licenses from a simple HTTP web server.
If you want to pre-generate licenses, you must use
com.adobe.flashaccess.sdk.license.pregen.LicenseFactory.getInstance() to obtain an instance of
LicenseFactory. You must specify a License Server credential to sign the licenses generated by this factory. This class supports generating Leaf licenses without license chaining and Leaf and Root licenses with the Enhanced license chaining.
When you generate a Leaf license, you must specify the content metadata that applies
initContentInfo(). If the metadata includes multiple DRM policies, or if you want to use a DRM policy that has not been included in the metadata, you must use
setSelectedPolicy() to specify the DRM policy to generate a license. If you use a DRM Policy Update List to track updates to DRM policies, you can provide the DRM Policy Update List to the License Factory before you initialize the metadata with
When you generate a Root license, you must specify the content metadata as described above. Alternatively, you can generate a Root license by applying a DRM policy (
setSelectedPolicy()) and a license server URL (
setLicenseServerURL()) instead of metadata.
A License Server URL is required even if there is no Adobe Primetime DRM License Server from which the clients can request a license. In this case, the License Server URL should specify a URL identifying the license issuer.
If the DRM policy uses Enhanced License Chaining, you must specify a License Server credential to decrypt the Root Encryption Key in the DRM policy (
If the DRM policy requires a domain bound license, you must use
setDomainCAs() to specify the Domain issuers from which the license server accepts domain tokens. One or more Domain CA certificates must be provided to validate the license recipient.
If the DRM policy requires remote key delivery for iOS devices, you must provide the Key Server Certificate by applying
setKeyServerCertificate() unless a chained Leaf is being generated.
If you want to generate a license, you must invoke
generateLicense() and specify the license type (Leaf or Root) and one or more recipient certificates. The recipient certificate represents either a machine certificate or domain certificate, depending on the requirements that are specified in the DRM policy. If you generate a chained Leaf, a recipient is not required. After the license has been generated, you can override the usage rules that have been specified in the DRM policy. Finally, you need to invoke
signLicense() to sign the license and obtain an instance of
PreGeneratedLicense. The license can now be saved (use
getBytes() to retrieve the serialized license or embedded in encrypted content.
See Embedding Licenses.
com.adobe.flashaccess.samples.licensegen.GenerateLicense in the Reference Implementation Command Line Tools “samples” directory for sample code on how to demonstrate pre-generated licenses.