Cleanup: extract encrypt() call from Film::make_kdm().

author: Carl Hetherington <cth@carlh.net> 2023-01-29 00:07:10 +0100
committer: Carl Hetherington <cth@carlh.net> 2023-02-11 22:26:38 +0100
commit: e18630852de1ac02c23c74cbe7643845b6f4bd17 (patch)
tree: 9860c35db04509b5edf818d4ad6667b0c59651de /src
parent: 6ca8f63ff524330bf58877ffe963466495e46758 (diff)
5 files changed, 37 insertions, 73 deletions
diff --git a/src/lib/dkdm_recipient.cc b/src/lib/dkdm_recipient.cc
index f25934083..c73379bed 100644
--- a/src/lib/dkdm_recipient.cc
+++ b/src/lib/dkdm_recipient.cc
@@ -19,6 +19,7 @@
 */
 
 
+#include "config.h"
 #include "dkdm_recipient.h"
 #include "film.h"
 #include "kdm_with_metadata.h"
@@ -75,16 +76,13 @@ kdm_for_dkdm_recipient (
 	dcp::LocalTime const begin(valid_from, dcp::UTCOffset(recipient->utc_offset_hour, recipient->utc_offset_minute));
 	dcp::LocalTime const end  (valid_to,   dcp::UTCOffset(recipient->utc_offset_hour, recipient->utc_offset_minute));
 
-	auto const kdm = film->make_kdm (
-			recipient->recipient.get(),
-			vector<string>(),
-			cpl,
-			begin,
-			end,
-			dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-			true,
-			0
-			);
+	auto signer = Config::instance()->signer_chain();
+	if (!signer->valid()) {
+		throw InvalidSignerError();
+	}
+
+	auto const decrypted_kdm = film->make_kdm(cpl, begin, end);
+	auto const kdm = decrypted_kdm.encrypt(signer, recipient->recipient.get(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
 	dcp::NameFormat::Map name_values;
 	name_values['f'] = kdm.content_title_text();
diff --git a/src/lib/film.cc b/src/lib/film.cc
index e0aa08a77..8e409fc69 100644
--- a/src/lib/film.cc
+++ b/src/lib/film.cc
@@ -1634,37 +1634,18 @@ Film::active_area () const
 }
 
 
-/** @param recipient KDM recipient certificate.
- *  @param trusted_devices Certificate thumbprints of other trusted devices (can be empty).
- *  @param cpl_file CPL filename.
+/*  @param cpl_file CPL filename.
  *  @param from KDM from time expressed as a local time with an offset from UTC.
  *  @param until KDM to time expressed as a local time with an offset from UTC.
- *  @param formulation KDM formulation to use.
- *  @param disable_forensic_marking_picture true to disable forensic marking of picture.
- *  @param disable_forensic_marking_audio if not set, don't disable forensic marking of audio.  If set to 0,
- *  disable all forensic marking; if set above 0, disable forensic marking above that channel.
  */
-dcp::EncryptedKDM
-Film::make_kdm (
-	dcp::Certificate recipient,
-	vector<string> trusted_devices,
-	boost::filesystem::path cpl_file,
-	dcp::LocalTime from,
-	dcp::LocalTime until,
-	dcp::Formulation formulation,
-	bool disable_forensic_marking_picture,
-	optional<int> disable_forensic_marking_audio
-	) const
+dcp::DecryptedKDM
+Film::make_kdm(boost::filesystem::path cpl_file, dcp::LocalTime from, dcp::LocalTime until) const
 {
 	if (!_encrypted) {
 		throw runtime_error (_("Cannot make a KDM as this project is not encrypted."));
 	}
 
 	auto cpl = make_shared<dcp::CPL>(cpl_file);
-	auto signer = Config::instance()->signer_chain();
-	if (!signer->valid ()) {
-		throw InvalidSignerError ();
-	}
 
 	/* Find keys that have been added to imported, encrypted DCP content */
 	list<dcp::DecryptedKDMKey> imported_keys;
@@ -1703,7 +1684,7 @@ Film::make_kdm (
 
 	return dcp::DecryptedKDM (
 		cpl->id(), keys, from, until, cpl->content_title_text(), cpl->content_title_text(), dcp::LocalTime().as_string()
-		).encrypt (signer, recipient, trusted_devices, formulation, disable_forensic_marking_picture, disable_forensic_marking_audio);
+		);
 }
 
 
diff --git a/src/lib/film.h b/src/lib/film.h
index babc14a29..d059099ee 100644
--- a/src/lib/film.h
+++ b/src/lib/film.h
@@ -167,16 +167,7 @@ public:
 	FrameRateChange active_frame_rate_change (dcpomatic::DCPTime) const;
 	std::pair<double, double> speed_up_range (int dcp_frame_rate) const;
 
-	dcp::EncryptedKDM make_kdm (
-		dcp::Certificate recipient,
-		std::vector<std::string> trusted_devices,
-		boost::filesystem::path cpl_file,
-		dcp::LocalTime from,
-		dcp::LocalTime until,
-		dcp::Formulation formulation,
-		bool disable_forensic_marking_picture,
-		boost::optional<int> disable_forensic_marking_audio
-		) const;
+	dcp::DecryptedKDM make_kdm(boost::filesystem::path cpl_file, dcp::LocalTime from, dcp::LocalTime until) const;
 
 	int state_version () const {
 		return _state_version;
diff --git a/src/lib/screen.cc b/src/lib/screen.cc
index 453a833d7..5ef007214 100644
--- a/src/lib/screen.cc
+++ b/src/lib/screen.cc
@@ -20,6 +20,7 @@
 
 
 #include "cinema.h"
+#include "config.h"
 #include "film.h"
 #include "kdm_util.h"
 #include "kdm_with_metadata.h"
@@ -95,16 +96,13 @@ kdm_for_screen (
 
 	period_checks.push_back(check_kdm_and_certificate_validity_periods(screen->recipient.get(), begin, end));
 
-	auto const kdm = film->make_kdm (
-			screen->recipient.get(),
-			screen->trusted_device_thumbprints(),
-			cpl,
-			begin,
-			end,
-			formulation,
-			disable_forensic_marking_picture,
-			disable_forensic_marking_audio
-			);
+	auto signer = Config::instance()->signer_chain();
+	if (!signer->valid()) {
+		throw InvalidSignerError();
+	}
+
+	auto const decrypted_kdm = film->make_kdm(cpl, begin, end);
+	auto kdm = decrypted_kdm.encrypt(signer, screen->recipient.get(), screen->trusted_device_thumbprints(), formulation, disable_forensic_marking_picture, disable_forensic_marking_audio);
 
 	dcp::NameFormat::Map name_values;
 	if (cinema) {
diff --git a/src/tools/dcpomatic.cc b/src/tools/dcpomatic.cc
index deaa15afd..1923a12a3 100644
--- a/src/tools/dcpomatic.cc
+++ b/src/tools/dcpomatic.cc
@@ -944,34 +944,30 @@ private:
 		dcp::LocalTime to (Config::instance()->signer_chain()->leaf().not_after());
 		to.add_days (-1);
 
-		optional<dcp::EncryptedKDM> kdm;
-		try {
-			kdm = _film->make_kdm (
-				Config::instance()->decryption_chain()->leaf(),
-				vector<string>(),
-				dialog.cpl(),
-				from, to,
-				dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-				true,
-				0
-				);
-		} catch (dcp::NotEncryptedError& e) {
-			error_dialog (this, _("CPL's content is not encrypted."));
-		} catch (exception& e) {
-			error_dialog (this, e.what ());
-		} catch (...) {
-			error_dialog (this, _("An unknown exception occurred."));
+		auto signer = Config::instance()->signer_chain();
+		if (!signer->valid()) {
+			error_dialog(this, _("The certificate chain for signing is invalid"));
+			return;
 		}
 
-		if (kdm) {
+		optional<dcp::EncryptedKDM> kdm;
+		try {
+			auto const decrypted_kdm = _film->make_kdm(dialog.cpl(), from, to);
+			auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 			if (dialog.internal()) {
 				auto dkdms = Config::instance()->dkdms();
-				dkdms->add (make_shared<DKDM>(kdm.get()));
+				dkdms->add(make_shared<DKDM>(kdm));
 				Config::instance()->changed ();
 			} else {
 				auto path = dialog.directory() / (_film->dcp_name(false) + "_DKDM.xml");
-				kdm->as_xml (path);
+				kdm.as_xml(path);
 			}
+		} catch (dcp::NotEncryptedError& e) {
+			error_dialog (this, _("CPL's content is not encrypted."));
+		} catch (exception& e) {
+			error_dialog (this, e.what ());
+		} catch (...) {
+			error_dialog (this, _("An unknown exception occurred."));
 		}
 	}
author	Carl Hetherington <cth@carlh.net>	2023-01-29 00:07:10 +0100
committer	Carl Hetherington <cth@carlh.net>	2023-02-11 22:26:38 +0100
commit	e18630852de1ac02c23c74cbe7643845b6f4bd17 (patch)
tree	9860c35db04509b5edf818d4ad6667b0c59651de /src
parent	6ca8f63ff524330bf58877ffe963466495e46758 (diff)