Incomplete encryption of private keys.

author: Carl Hetherington <cth@carlh.net> 2018-12-22 22:43:56 +0000
committer: Carl Hetherington <cth@carlh.net> 2018-12-23 21:04:49 +0000
commit: 5ab0c3bc04e4aa5acd883bb8126fc6b185c6c5d6 (patch)
tree: d03668797778e28f2b601f72aff30bdb093de61a /src/lib/config.cc
parent: 4f47104941f57dda9994d45bfebbcfedd3db2e84 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/src/lib/config.cc b/src/lib/config.cc
index ddb4bf25a..e61eea3a6 100644
--- a/src/lib/config.cc
+++ b/src/lib/config.cc
@@ -771,7 +771,18 @@ Config::write_config () const
 	BOOST_FOREACH (dcp::Certificate const & i, _signer_chain->unordered()) {
 		signer->add_child("Certificate")->add_child_text (i.certificate (true));
 	}
+#ifdef DCPOMATIC_SWAROOP
+	FILE* f = fopen_boost (path("private"), "wb");
+	if (!f) {
+		throw FileError ("Could not open file for writing", path("private"));
+	}
+	shared_array<uint8_t> iv = dcpomatic::random_iv ();
+	dcp::Data encrypted_key = dcpomatic::encrypt (_signer_chain->key().get(), key, iv);
+	fwrite (encrypted_key.data().get(), encrypted_key.data().size(), 1, f);
+	fclose (f);
+#else	
 	signer->add_child("PrivateKey")->add_child_text (_signer_chain->key().get ());
+#endif	
 
 	/* [XML] Decryption Certificate chain and private key to use when decrypting KDMs */
 	xmlpp::Element* decryption = root->add_child ("Decryption");
author	Carl Hetherington <cth@carlh.net>	2018-12-22 22:43:56 +0000
committer	Carl Hetherington <cth@carlh.net>	2018-12-23 21:04:49 +0000
commit	5ab0c3bc04e4aa5acd883bb8126fc6b185c6c5d6 (patch)
tree	d03668797778e28f2b601f72aff30bdb093de61a /src/lib/config.cc
parent	4f47104941f57dda9994d45bfebbcfedd3db2e84 (diff)