diff options
| author | Carl Hetherington <cth@carlh.net> | 2013-09-24 18:54:09 +0100 |
|---|---|---|
| committer | Carl Hetherington <cth@carlh.net> | 2013-09-24 18:54:09 +0100 |
| commit | 725c1f0ead60e73e9dbc17337c416ac4d2720c55 (patch) | |
| tree | 132b82fbdb44320e74289ee6400c4a39d162439e /src/cpl.cc | |
| parent | b0b83d69f38a8239f3df1e2872b6cfebf9f84af8 (diff) | |
Various KDM work.
Diffstat (limited to 'src/cpl.cc')
| -rw-r--r-- | src/cpl.cc | 160 |
1 files changed, 0 insertions, 160 deletions
@@ -344,166 +344,6 @@ CPL::equals (CPL const & other, EqualityOptions opt, boost::function<void (NoteT return true; } -shared_ptr<xmlpp::Document> -CPL::make_kdm ( - shared_ptr<const Signer> signer, - shared_ptr<const Certificate> recipient_cert, - boost::posix_time::ptime from, - boost::posix_time::ptime until, - bool interop, - MXFMetadata const & mxf_metadata, - XMLMetadata const & xml_metadata - ) const -{ - assert (recipient_cert); - - shared_ptr<xmlpp::Document> doc (new xmlpp::Document); - xmlpp::Element* root = doc->create_root_node ("DCinemaSecurityMessage"); - root->set_namespace_declaration ("http://www.smpte-ra.org/schemas/430-3/2006/ETM", ""); - root->set_namespace_declaration ("http://www.w3.org/2000/09/xmldsig#", "ds"); - root->set_namespace_declaration ("http://www.w3.org/2001/04/xmlenc#", "enc"); - - { - xmlpp::Element* authenticated_public = root->add_child("AuthenticatedPublic"); - authenticated_public->set_attribute("Id", "ID_AuthenticatedPublic"); - xmlAddID (0, doc->cobj(), (const xmlChar *) "ID_AuthenticatedPublic", authenticated_public->get_attribute("Id")->cobj()); - - authenticated_public->add_child("MessageId")->add_child_text ("urn:uuid:" + make_uuid()); - /* XXX: this should probably be different if interop == true */ - authenticated_public->add_child("MessageType")->add_child_text ("http://www.smpte-ra.org/430-1/2006/KDM#kdm-key-type"); - authenticated_public->add_child("AnnotationText")->add_child_text (mxf_metadata.product_name); - authenticated_public->add_child("IssueDate")->add_child_text (xml_metadata.issue_date); - - { - xmlpp::Element* xml_signer = authenticated_public->add_child("Signer"); - xml_signer->add_child("X509IssuerName", "ds")->add_child_text (signer->certificates().leaf()->issuer()); - xml_signer->add_child("X509SerialNumber", "ds")->add_child_text (signer->certificates().leaf()->serial()); - } - - { - xmlpp::Element* required_extensions = authenticated_public->add_child("RequiredExtensions"); - - { - xmlpp::Element* kdm_required_extensions = required_extensions->add_child("KDMRequiredExtensions"); - kdm_required_extensions->set_namespace_declaration ("http://www.smpte-ra.org/schemas/430-1/2006/KDM"); - { - xmlpp::Element* recipient = kdm_required_extensions->add_child("Recipient"); - { - xmlpp::Element* serial_element = recipient->add_child("X509IssuerSerial"); - serial_element->add_child("X509IssuerName", "ds")->add_child_text (recipient_cert->issuer()); - serial_element->add_child("X509SerialNumber", "ds")->add_child_text (recipient_cert->serial()); - } - - recipient->add_child("X509SubjectName")->add_child_text (recipient_cert->subject()); - } - - kdm_required_extensions->add_child("CompositionPlaylistId")->add_child_text("urn:uuid:" + _id); - kdm_required_extensions->add_child("ContentTitleText")->add_child_text(_name); - kdm_required_extensions->add_child("ContentAuthenticator")->add_child_text(signer->certificates().leaf()->thumbprint()); - kdm_required_extensions->add_child("ContentKeysNotValidBefore")->add_child_text(ptime_to_string (from)); - kdm_required_extensions->add_child("ContentKeysNotValidAfter")->add_child_text(ptime_to_string (until)); - - { - xmlpp::Element* authorized_device_info = kdm_required_extensions->add_child("AuthorizedDeviceInfo"); - authorized_device_info->add_child("DeviceListIdentifier")->add_child_text("urn:uuid:" + make_uuid()); - authorized_device_info->add_child("DeviceListDescription")->add_child_text(recipient_cert->subject()); - { - xmlpp::Element* device_list = authorized_device_info->add_child("DeviceList"); - device_list->add_child("CertificateThumbprint")->add_child_text(recipient_cert->thumbprint()); - } - } - - { - xmlpp::Element* key_id_list = kdm_required_extensions->add_child("KeyIdList"); - list<shared_ptr<const Asset> > a = assets(); - for (list<shared_ptr<const Asset> >::iterator i = a.begin(); i != a.end(); ++i) { - /* XXX: non-MXF assets? */ - shared_ptr<const MXFAsset> mxf = boost::dynamic_pointer_cast<const MXFAsset> (*i); - if (mxf) { - mxf->add_typed_key_id (key_id_list); - } - } - } - - { - xmlpp::Element* forensic_mark_flag_list = kdm_required_extensions->add_child("ForensicMarkFlagList"); - forensic_mark_flag_list->add_child("ForensicMarkFlag")->add_child_text ( - "http://www.smpte-ra.org/430-1/2006/KDM#mrkflg-picture-disable" - ); - forensic_mark_flag_list->add_child("ForensicMarkFlag")->add_child_text ( - "http://www.smpte-ra.org/430-1/2006/KDM#mrkflg-audio-disable" - ); - } - } - } - - authenticated_public->add_child("NonCriticalExtensions"); - } - - { - xmlpp::Element* authenticated_private = root->add_child("AuthenticatedPrivate"); - authenticated_private->set_attribute ("Id", "ID_AuthenticatedPrivate"); - xmlAddID (0, doc->cobj(), (const xmlChar *) "ID_AuthenticatedPrivate", authenticated_private->get_attribute("Id")->cobj()); - - list<shared_ptr<const Asset> > a = assets(); - for (list<shared_ptr<const Asset> >::iterator i = a.begin(); i != a.end(); ++i) { - /* XXX: non-MXF assets? */ - shared_ptr<const MXFAsset> mxf = boost::dynamic_pointer_cast<const MXFAsset> (*i); - if (!mxf) { - continue; - } - - xmlpp::Element* encrypted_key = authenticated_private->add_child ("EncryptedKey", "enc"); - xmlpp::Element* encryption_method = encrypted_key->add_child ("EncryptionMethod", "enc"); - encryption_method->set_attribute ("Algorithm", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"); - encryption_method->add_child("DigestMethod", "ds")->set_attribute("Algorithm", "http://www.w3.org/2000/09/xmldsig#sha1"); - xmlpp::Element* cipher_data = encrypted_key->add_child ("CipherData", "enc"); - - KDMKey kkey (signer, _id, mxf->key_id (), from, until, mxf->key ()); - cipher_data->add_child("CipherValue", "enc")->add_child_text (kkey.base64 ()); - } - } - - { - xmlpp::Element* signature = root->add_child("Signature", "ds"); - - { - xmlpp::Element* signed_info = signature->add_child("SignedInfo", "ds"); - signed_info->add_child("CanonicalizationMethod", "ds")->set_attribute( - "Algorithm", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" - ); - - if (interop) { - signed_info->add_child("SignatureMethod", "ds")->set_attribute( - "Algorithm", "http://www.w3.org/2000/09/xmldsig#rsa-sha1" - ); - } else { - signed_info->add_child("SignatureMethod", "ds")->set_attribute( - "Algorithm", "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" - ); - } - - { - xmlpp::Element* reference = signed_info->add_child("Reference", "ds"); - reference->set_attribute("URI", "#ID_AuthenticatedPublic"); - reference->add_child("DigestMethod", "ds")->set_attribute("Algorithm", "http://www.w3.org/2001/04/xmlenc#sha256"); - reference->add_child("DigestValue", "ds"); - } - - { - xmlpp::Element* reference = signed_info->add_child("Reference", "ds"); - reference->set_attribute("URI", "#ID_AuthenticatedPrivate"); - reference->add_child("DigestMethod", "ds")->set_attribute("Algorithm", "http://www.w3.org/2001/04/xmlenc#sha256"); - reference->add_child("DigestValue", "ds"); - } - } - - signer->add_signature_value (signature, "ds"); - } - - return doc; -} - /** @return true if we have any encrypted content */ bool CPL::encrypted () const |