1. DS: signaturetype
2,Xenc: encryptedkeytype
3. Other algorithms
4. Security Mechanisms
A. Confidentiality([. K branch NFI. Den branch I 'privacy liti], confidential)
This aims to prevent data from being read by unauthorized clients. In DRM, the DRM content is encrypted. The password CEK "is wraped with rek in rights", and the rek exists in <rights>. enckey.
B. Authentication([Signature:. θ enti'kei limit N], proof)
The purpose is to prove that the data is sent by the sender. I guess it should be implemented through signature. Signature's algorithm is negotiated, the default value is the RSA-PSS, see 3.
C. Integrity([IN 'tegriti], complete)
This aims to prevent data from being illegally changed. I guess it should be implemented through DS: signaturetype.
5. Key
Kmac, krek, and kmek are each 128-bit long keys generated randomly by the sender.
KD is a 128-bit long AES key generated randomly by the sender.
6. Summary
DS: signaturetypeThe DRM appears in three places. The two ensure ingegrity, And the other TMD does not specify what to do.
Xenc: encryptedkeytypeIn DRM, three of them are encrypted rek or domain key, and the other two provide keys for the adjacent DS: signaturetype.
Xenc: encrypteddataOnly appears in meteringreportreq to protect the report.
7. Domain
Whether the rights of a DCF belongs to the domain, expressed by whether the roacquisitiontrigger contains the domainid item;
If it belongs to a domain, joindomain is first used to obtain the domain key;
Then, set its domainid item during rorequest; The roresponse received later contains "rek wraped with domainkey in AES-WRAP algorithm", so the rek will be obtained;
After obtaining the rek, you can get the CEK in rights to parse the DCF.
From the above, domain is for Ro; it is only related to ROAP, And it is irrelevant to rights and DCF. This is a preliminary conclusion. We need to make a final conclusion after chapter 8 of <DRM>.
8. Group ID