diff options
| author | Carl Hetherington <cth@carlh.net> | 2022-12-22 20:54:47 +0100 |
|---|---|---|
| committer | Carl Hetherington <cth@carlh.net> | 2022-12-22 20:54:47 +0100 |
| commit | 1d168b8a94d2c3ae14f52fea222fa7bbdf5c1058 (patch) | |
| tree | fa4983eec45991091e2d9be79258ed2e3ab2eeda /src | |
| parent | 4cf7fe0818a71435545237012b45ccd443906189 (diff) | |
Store not_valid_{before,after} when reading encrypted KDMs.
Diffstat (limited to 'src')
| -rw-r--r-- | src/decrypted_kdm.cc | 19 | ||||
| -rw-r--r-- | src/exceptions.cc | 7 | ||||
| -rw-r--r-- | src/exceptions.h | 6 |
3 files changed, 32 insertions, 0 deletions
diff --git a/src/decrypted_kdm.cc b/src/decrypted_kdm.cc index 592ab717..bdf7ec9d 100644 --- a/src/decrypted_kdm.cc +++ b/src/decrypted_kdm.cc @@ -156,6 +156,8 @@ DecryptedKDM::DecryptedKDM (EncryptedKDM const & kdm, string private_key) /* Use the private key to decrypt the keys */ + bool first = true; + for (auto const& i: kdm.keys()) { /* Decode the base-64-encoded cipher value from the KDM */ unsigned char cipher_value[256]; @@ -173,6 +175,9 @@ DecryptedKDM::DecryptedKDM (EncryptedKDM const & kdm, string private_key) #endif } + dcp::LocalTime not_valid_before; + dcp::LocalTime not_valid_after; + unsigned char* p = decrypted; switch (decrypted_len) { case 134: @@ -187,8 +192,10 @@ DecryptedKDM::DecryptedKDM (EncryptedKDM const & kdm, string private_key) /* 52 is key id [16 bytes] */ string const key_id = get_uuid (&p); /* 68 is not-valid-before (a string) [25 bytes] */ + not_valid_before = dcp::LocalTime(std::string(reinterpret_cast<char*>(p), 25)); p += 25; /* 93 is not-valid-after (a string) [25 bytes] */ + not_valid_after = dcp::LocalTime(std::string(reinterpret_cast<char*>(p), 25)); p += 25; /* 118 is the key [ASDCP::KeyLen bytes] */ add_key (optional<string>(), key_id, Key(p), cpl_id, Standard::INTEROP); @@ -209,8 +216,10 @@ DecryptedKDM::DecryptedKDM (EncryptedKDM const & kdm, string private_key) /* 56 is key id [16 bytes] */ string const key_id = get_uuid (&p); /* 72 is not-valid-before (a string) [25 bytes] */ + not_valid_before = dcp::LocalTime(std::string(reinterpret_cast<char*>(p), 25)); p += 25; /* 97 is not-valid-after (a string) [25 bytes] */ + not_valid_after = dcp::LocalTime(std::string(reinterpret_cast<char*>(p), 25)); p += 25; /* 112 is the key [ASDCP::KeyLen bytes] */ add_key (key_type, key_id, Key(p), cpl_id, Standard::SMPTE); @@ -221,6 +230,16 @@ DecryptedKDM::DecryptedKDM (EncryptedKDM const & kdm, string private_key) } delete[] decrypted; + + if (first) { + _not_valid_before = not_valid_before; + _not_valid_after = not_valid_after; + first = false; + } else { + if (not_valid_before != _not_valid_before || not_valid_after != _not_valid_after) { + throw InconsistentValidityPeriodError(); + } + } } RSA_free (rsa); diff --git a/src/exceptions.cc b/src/exceptions.cc index 00627de8..96a9a696 100644 --- a/src/exceptions.cc +++ b/src/exceptions.cc @@ -198,3 +198,10 @@ MissingAssetmapError::MissingAssetmapError (boost::filesystem::path dir) } + +InconsistentValidityPeriodError::InconsistentValidityPeriodError() + : runtime_error("KDM contains keys with different validity periods") +{ + +} + diff --git a/src/exceptions.h b/src/exceptions.h index 78d0943e..99e55b28 100644 --- a/src/exceptions.h +++ b/src/exceptions.h @@ -317,6 +317,12 @@ public: }; +class InconsistentValidityPeriodError : public std::runtime_error +{ +public: + InconsistentValidityPeriodError(); +}; + } |