Overview of Windows Media DRM
[The feature associated with this page, Windows Media Format 11 SDK, is a legacy feature. It has been superseded by Source Reader and Sink Writer. Source Reader and Sink Writer have been optimized for Windows 10 and Windows 11. Microsoft strongly recommends that new code use Source Reader and Sink Writer instead of Windows Media Format 11 SDK, when possible. Microsoft suggests that existing code that uses the legacy APIs be rewritten to use the new APIs if possible.]
Windows Media Digital Rights Management (DRM) is a system for protecting the content in Windows Media files so that unauthorized users cannot access it. There are three phases to the basic DRM cycle: packaging, licensing, and reading.
Packaging Windows Media Files
Windows Media DRM is designed to work with Windows Media files. A Windows Media file is a file that conforms to the Advanced Systems Format (ASF) specification and only contains Audio and Video that has been compressed by using the Windows Media Audio and Video codecs.
When an ASF file is packaged, a DRM-specific section is added to the header. The DRM header contains a Key ID, which identifies the content for the purposes of licensing, and a license acquisition URL, which is the address of a Web page that can issue licenses to read the protected content. There is much more information that can be put in the DRM header, but it is optional. The DRM header is signed so that the packager can be verified.
The content in the ASF file is encrypted during the packing process. However, the following information in the packaged file is available even to clients that do not have a license:
- Metadata that is stored in the ASF header.
- Some metadata that is stored in the DRM header (for example, you can always get the license acquisition URL).
Licensing Protected Files
For a packaged file to be read, a license must be issued to the client computer. A license is a set of data that describes the conditions under which data in protected files can be read. Most often, a license is issued for a protected file in response to the user trying to perform some operation on the file. It is also possible, however, for a license issuer to deliver licenses to a client before it is explicitly requested. For more information about licenses, see Licenses.
Reading Data from Protected Files
When a user tries to perform an operation on a protected file (play, burn to CD, copy to a device, and so on), the application must check for licenses for the content on the client computer. If a valid license exists on the client computer, the operation can proceed. If there isn't a license for the content, or if no license for the content that is on the client computer allows the requested action, then a license must be acquired.
Related topics