Sony DADC User Rights Management Solution

Frequently Asked Questions

What is the format of the timestamp used in the API authentication process?

The timestamps are in plain Unix time (number of seconds elapsed since Unix Epoch (1/1/1970)

Why do I get a 404 response when I try to make an API call?

Usually the reason for the error messages is that the request statement fails to include the CGP context, which should be a part of the URL. The GCP context needs to be specified with the server name so that the CGP Server can identify the API container where the request should be directed (SDK, store, or back office).

Here is a list of possible values:

CGP context URL Description
/sdk https://{ServerName}/sdk/ Interface between CGP Server and CGP SDK
/store https://{ServerName}/store/ Interface between the CGP Server and a customer’s store
/bo https://{ServerName}/bo/ Content encryption and registration service

Here is a sample URL for content generation:

Another reason for the error message could be that the wrong HTTP method is used. If a request is supposed to be a POST request, such as to open open a packaging session, but a GET request is used instead, this also leads to a 404 response.

How does the API authentication process work?

In order to being allowed to issue an API call, such as generate/content to the CGP server, the HTTP request has to provide the apiAccessKey, timestamp, and signature as parameters. The signature is a Base64 encoded HmacSHA256 hash generated from the APIAccessKey and SignatureString. The SignatureString, in turn, consists of the resource_URL and the timestamp.

How do I get an API Access Key?

There is no automated mechanism for that. The apiAccessKey will be pre-shared and provided by the CGP server team.

How does the web store find out from the CGP server which books are available?

There are two possible scenarios.

  1. The store applies DRM on its own. In this case the web store gets the CCID directly from the CGP Server, when the content is generated.
  2. The store obtains books from a publisher/distributor that are already Marlin protected. Here the publisher must share the CCIDs with the store.

If a publisher puts a book into the server on my behalf and doesn’t tell me the CCID, is there any way to find it?

If the external ID provided by the publisher is unique (such as an ISBN number), URMS can retrieve the corresponding CCID. But there currently is no API call defined for this purpose.

Does the CGP system enforce any kind of policy that restricts the amount of loans on a book?

The CGP system does not provide any means to enforce such policies, as this kind of limitation should be freely controllable by the store (special offers, campaigns, other special logic).

What versions of the Operating Systems do the libraries target?

The URMS SDK is compatible with Android Version 15 (Android 4.0.3 | Android 4.0.4) and later, and iOS 7.1 or later.

What version of the tool chain were the libraries built with?

The libraries use android-ndk-r10d with toolchain arm-linux-androideabi-4.8, xCode 7.

Describe the library dependencies.

The ANdroid library requires the gnustl.lib file. This lib is taken from the Android NDK.

The iOS library requires:

  • libsqlite3.dylib, compatible with version 9.0.0, current version 216.7.0
  • libz.1.dylib, compatible with version 1.0.0, current version 1.2.5

What is the recommended buffer size to pass into the Read method of the decryption stream?

We recommend a buffer size of 512 KB. If your buffer is too small, less than 64 KB, the decryption will take too long.  A buffer that is too large, more than 8 MB, creates too much system overhead.  See the diagram below to compare the processing times of a 20 MB file with different buffer sizes.

Buffer Size Comparison

Can an application that uses the URMS SDK be backed up and restored?

Backup and restore mechanisms only work if the backup is restored to the original device. Note that if you try to restore a system backup to replacement hardware of the same model of the original the backup will not work.