Home · All Classes · Grouped Classes · Annotated · Functions

DRM
Functional Description

When the Qtopia stack is released a DRM compliance statement is made as part of the release. The Qtopia software as integrated into a final ROM image must implement compliance with DRM standards as per the compliance statement.

In OMA DRM compliance, compliance with later-listed compliance points requires compliance with all previous levels as well. When reading the listings of compliance levels, bear in mind that each level includes, rather than supersedes the previous levels. The only exception is for devices that support Forward Lock only; these must discard messages which contain a rights object. This requirement is absent under higher levels and so to be compliant, those rights objects must be handled appropriately. Under OMA DRM v1 devices which only comply with Forward Lock provisions can still be said to be standards compliant - these are the only provisions with the MUST keyword, the others are MAY. Forward Lock does not use any rights object and thus is the simplest to implement.

Features

OMA v1 Forward Lock

OMA DRM v1 Forward Lock (FL) compliance is enabled and initial integration of a 3rd party DRM solution completed. In line with OMA DRM v1 FL content is encrypted by the 3rd party agent if saved onto device storage.

Files and content subject to Digital Rights Management are able to be transparently (to the user) browsed, launched, moved, deleted and examined for their properties in the same way as other files.

File operations such as copy, move, rename are handled via the QContent API and follow OMA DRM standards for DRM controlled files. Access to DRM protected files is available in the server (backgrounds) and media player.

DCF encrypted files cannot be directly queried (/etc/magic) or file.extension checked for mime-type, the DRM agent must be asked for this information. Thumbnails of protected images are available without decrementing rights through the QContent API. Thumbnails for images with current access rights are available with usage restricting rights (count, unstarted intervals) watermarked and the number of available uses superimposed in the top right corner.

DRM status is maintained in meta-information and can be viewed in the properties of a file. DRM is integrated into the content browser with DRM status shown in different iconization.

DRM-type:

not subject to DRM - normal icon for that mimetype
DRM valid rights (able to view/render) - as normal, with DRM indication (key superimposed)
DRM invalid rights (not able to view/render) - show grayed out with key

The DRM agent functionality is provided by BeepScience DRM Agent and this is the Qtopia reference integration.

OMA DRM v1 Separate Delivery

Separate delivery rights objects are delivered through a WAP push in response to any number of stimuli. Where the receipt of a rights object cannot be tied to a recent user action (i.e. downloading a file in a WAP browser) and the rights object belongs to a known file the user is notified of the arrival of the rights and asked if they wish to view the content.

OMA DRM v2

ROAP Triggers

ROAP triggers are the primary method of acquiring rights in OMA DRM v2 and are received either through a download from a web page or in a WAP push, in both case the DRM agent will perform all the actual processing of the trigger once received.

Embedded Preview

DCF files may contain an embedded preview object; an unprotected and likely reduced quality version of the actual content. Where rights are not available for an item of content this preview is in its place. Before rendering a preview object the user is given the option to activate the full version of the content, if they decline they are then notified that the preview version will be rendered.

Preview Rights

DCF files may contain a URL where preview rights are available. The user is prompted to download these rights when trying to access locked content, or if a global option to download without prompting is enabled they will automatically be downloaded.

Silent Rights Object

DCF files may contain a URL from which rights are downloaded automatically provided a global automatic download option is selected.

Domains

Some licenses belong to domains, when trying access content bound to a domain the device does not belong to, the user is prompted to join the domain, or upgrade the domain if the device belongs to a different version of the domain.

OMA DRM v1 (OMA-Download-DRM-V1) Conformance

Item	Function	Reference	M/O	Requirement	Qtopia Version
DRM-GEN-C-001	Forward-lock method	5.3	M		4.1
DRM-GEN-C-002	Combined delivery method	5.3	O	DRM-GEN-C-005 AND DRMREL: MCF	4.1
DRM-GEN-C-003	Separate delivery method	5.4	O	DRM-GEN-C-002 AND DRM-GEN-C-009 AND DRM-GEN-C-010 AND DRMREL: MCF DRMREL-GEN-001 AND DRMCF: MCF AND PushOTA: MCF	4.2
DRM-GEN-C-004	DRM message that contains one media object and no rights object	6	M		4.1
DRM-GEN-C-005	DRM message that contains one media object and one rights object	6	O		4.1
DRM-GEN-C-007	"base64" Content-Transfer-Encoding for DRM message body parts	6	O		4.1?
DRM-GEN-C-008	Content-ID header in DRM message body parts	6	M		4.1
DRM-GEN-C-009	Separate delivery indication	5.5.1	O		4.2?
DRM-GEN-C-010	Superdistribution	5.5.2	O	WAE: MCF	4.2
DRM-GEN-C-011	Identify Content-Transfer-Encoding "binary" for DRM message body parts	6	M		4.1

OMA DRM v2 (OMA-TS-DRM-DRM-V2) Conformance

Item	Function	Reference	M/O	Requirement
DRM-CLI-CMN-001	ROAP Schema parsing and processing support	5.3	M
DRM-CLI-CMN-002	General XML Schema Requirements	5.3.2	M
DRM-CLI-CMN-003	Nonce values in ROAP messages	5.3.10	M
DRM-CLI-CMN-004	Processing and responding to status codes during ROAP protocol runs	5.3.6, 5.4.2	M
DRM-CLI-CMN-005	ROAP Trigger parsing and processing	5.2.1	M
DRM-CLI-CMN-006	ProtectedRO Support	5.3.8, 5.3.9	M
DRM-CLI-CMN-007	XML Canonicalization	5.3.9,5.4	M
DRM-CLI-CMN-008	4-pass ROAP-Registration protocol	5.4.2	M
DRM-CLI-CMN-009	ROAP Extensions	5.4.2, 5.4.3, 5.4.4	O
DRM-CLI-CMN-010	Hash Algorithms: SHA-1 and associated URI	5.4.2.1.1	M
DRM-CLI-CMN-011	MAC Algorithms: HMAC-SHA-1 and associated URI	5.4.2.1.1
DRM-CLI-CMN-012	Signature Algorithms: RSA-PSS-Default and associated URI	5.4.2.1.1	M
DRM-CLI-CMN-013	Key Transport Algorithms: RSAES-KEM-KDF2-KW-AES128 and associated URI		M
DRM-CLI-CMN-014	Key Wrap Algorithms: AES-WRAP and associated URI	5.4.2.1.1	M
DRM-CLI-CMN-015	Domains Functionality	5.1.4, 5.1.5, 5.4.4, 7.2.3, 7.3, 8	O	DRM-CLI-CMN-016, DRM-CLI-CMN-032, DRM-CLI-CMN-033, DRM-CLI-CMN-034, DRM-CLI-CMN-035, DRM-CLI-CMN-042, AND DRM-CLI-CD-059, DRM-CLI-CD-060 OR DRM-CLI-UD-067, DRM-CLI-UD-068
DRM-CLI-CMN-016	Hash chains for Domain Key Management	5.4.4.1.1, 7.3, 8.8.1	O
DRM-CLI-CMN-017	DRM Agent Certificates	D.1	M
DRM-CLI-CMN-018	User Certificates for WIM Binding	D.5	O
DRM-CLI-CMN-019	RI Certificate Processing and Certificate Chain Validation	5.4.2.4, 5.4.3.2, 5.4.4.2, 6.2	M
DRM-CLI-CMN-020	RI Signature Validation	5.4.2.4, 5.4.3.2, 5.4.4.2, 6.2	M
DRM-CLI-CMN-021	OCSP Response Validation	5.4.2.4, 5.4.3.2, 5.4.4.2, 6.2, 6.3	M	OCSP-C-006 OCSP-C-007 OCSP-C-009 OCSP-C-011 OCSP-C-012 OCSP-C-013 OCSP-C-015 OCSP-C-016 OCSP-C-017 OCSP-C-019 OCSP-C-020 OCSP-C-021 OCSP-C-022 OCSP-C-022a OCSP-C-0 OCSP-C-022b OCSP-C-022c OCSP-C-023 OCSP-C-024 OCSP-C-028
DRM-CLI-CMN-022	IMSI Binding	15.1	O
DRM-CLI-CMN-032	WIM Binding	15.2	O
DRM-CLI-CMN-024	Transaction Tracking	12.3, 5.4.3.1, 5.4.3.2.1	O
DRM-CLI-CMN-025	User Consent for ROAP Triggers and associated processing	5.2.1	M
DRM-CLI-CMN-026	User Consent for Silent and Preview Headers	5.2.2	M
DRM-CLI-CMN-027	RI Certificate Caching	5.4.2.1.1	O
DRM-CLI-CMN-028	RI Certificate Verification data storage in the RI Context	5.4.2.4.1	O
DRM-CLI-CMN-029	Replay Protection for Stateful Rights Objects	9.4, 5.3.9	M
DRM-CLI-CMN-030	Maintaining state information for Stateful Rights Objects	9.4.1	M
DRM-CLI-CMN-031	Domain Name Whitelists	5.4.2.4.1	M
DRM-CLI-CMN-032	Multiple Domain Contexts	8.2	O
DRM-CLI-CMN-033	Domain Context	5.4.4.2.1,8.2	O
DRM-CLI-CMN-034	Domain Context Expiry processing	5.4.4.2.1	O
DRM-CLI-CMN-035	Installing Domain ROs	8.7.2.1, 8.7, 5.4.4.2	O
DRM-CLI-CMN-036	Multiple RI Contexts	5.4.2.4.1	M
DRM-CLI-CMN-037	RI Context	5.4.2.4.1	M
DRM-CLI-CMN-038	Use of riiID as identifiers for RI Contexts stored in the Device	5.4.2.4.1, 5.3.8, 5.2.1	M
DRM-CLI-CMN-039	RI Context Expiry processing	5.4.2.4.1	M
DRM-CLI-CMN-040	DCF Hash verification; usage in ROAP	5.4.3.1.1	O
DRM-CLI-CMN-041	Device RO Processing	9.3.1	M
DRM-CLI-CMN-042	Domain RO Processing	8.7	O
DRM-CLI-CMN-043	Mime Type for ROAP PDU, Trigger, ProtectedRO, and Rights Objects	5.3.8,10.2	M
DRM-CLI-CMN-044	Exporting to other DRM agents and Protected Links	13	O
DRM-CLI-CMN-045	Super Distribution of the DCF	12	O
DRM-CLI-CMN-046	Super Distribution of the ContentURL	13	O
DRM-CLI-CMN-047	Parent Rights Object	9.5	M
DRM-CLI-CMN-048	Off-device storage of content and Rights Objects	9.6	O
DRM-CLI-CMN-049	Capability signaling to Content Issuers and Rights Issuers	10	M
DRM-CLI-CMN-050	Processing Content Objects, Rights Objects and ROAP triggers received via WAP PUSH	11.4	M
DRM-CLI-CMN-051	DCF Integrity protection after the DCFs are downloaded to the the Device	12.4	M
DRM-CLI-CMN-052	Backwards Compatibility to OMA DRM v1	Appendix B	M
DRM-CLI-CMN-053	DRM Time	6.3,5.4	O	DRM-CLI-CD-054
DRM-CLI-CMN-054	DRM Time Synchronization	6.3, 5.4	O
DRM-CLI-CMN-055	Connectivity for Unconnected Devices via ROAP over OBEX	11.6	O	DRM-CLI-CMN-015
DRM-CLI-CMN-057	2-pass ROAP-ROAcquisition protocol	5.4.2	O
DRM-CLI-CMN-058	1-pass ROAP-ROAcquisition protocol	5.4.3.2.1	O
DRM-CLI-CMN-059	2-pass ROAP-JoinDomain protocol	5.4.4.1	O
DRM-CLI-CMN-060	2-pass ROAP-LeaveDomain protocol	5.4.4.3	O
DRM-CLI-CMN-061	HTTP Transport Mapping	11.2	O
DRM-CLI-CMN-062	Capability Signaling	10	O
DRM-CLI-CMN-063	Silent and Preview header processing in DCFs	5.2.2	O
DRM-CLI-CMN-064	Download OTA support for delivering content, ROAP Triggers, and Rights Objects	11.3	O
DRM-CLI-CMN-065	Utilize the connectivity provided by the Connected Device to conduct ROAP protocols	14	O
DRM-CLI-CMN-066	ROAP-OBEX Server	14, 11.6	O
DRM-CLI-CMN-067	2-pass ROAP JoinDomain protocol	5.4.4.1	O
DRM-CLI-CMN-068	2-pass ROAP LeaveDomain protocol	5.4.4.3	O

Trademarks

Qtopia 4.2.5

DRM Functional Description