Merge branch 'master' of ssh://git.carlh.net/home/carl/git/libdcp

5 files changed, 49 insertions, 1 deletions

diff --git a/src/certificate.cc b/src/certificate.cc
index a83d800d..6edf4f4c 100644
--- a/src/certificate.cc
+++ b/src/certificate.cc
@@ -337,6 +337,40 @@ Certificate::subject_organizational_unit_name () const
 	return get_name_part (X509_get_subject_name (_certificate), NID_organizationalUnitName);
 }
 
+static
+struct tm
+convert_time (ASN1_TIME const * time)
+{
+	struct tm t;
+	char const * s = (char const *) time->data;
+
+	if (time->type == V_ASN1_UTCTIME) {
+		sscanf(s, "%2d%2d%2d%2d%2d%2d", &t.tm_year, &t.tm_mon, &t.tm_mday, &t.tm_hour, &t.tm_min, &t.tm_sec);
+		if (t.tm_year < 70) {
+			t.tm_year += 100;
+		}
+	} else if (time->type == V_ASN1_GENERALIZEDTIME) {
+		sscanf(s, "%4d%2d%2d%2d%2d%2d", &t.tm_year, &t.tm_mon, &t.tm_mday, &t.tm_hour, &t.tm_min, &t.tm_sec);
+		t.tm_year -= 1900;
+	}
+
+	return t;
+}
+
+struct tm
+Certificate::not_before () const
+{
+	DCP_ASSERT (_certificate);
+	return convert_time(X509_get0_notBefore(_certificate));
+}
+
+struct tm
+Certificate::not_after () const
+{
+	DCP_ASSERT (_certificate);
+	return convert_time(X509_get0_notAfter(_certificate));
+}
+
 string
 Certificate::serial () const
 {
diff --git a/src/certificate.h b/src/certificate.h
index 0d333f1e..4be673cc 100644
--- a/src/certificate.h
+++ b/src/certificate.h
@@ -81,6 +81,8 @@ public:
 	std::string subject_common_name () const;
 	std::string subject_organization_name () const;
 	std::string subject_organizational_unit_name () const;
+	struct tm not_before () const;
+	struct tm not_after () const;
 
 	X509* x509 () const {
 		return _certificate;
diff --git a/src/encrypted_kdm.cc b/src/encrypted_kdm.cc
index 996708ad..071bf870 100644
--- a/src/encrypted_kdm.cc
+++ b/src/encrypted_kdm.cc
@@ -772,6 +772,17 @@ EncryptedKDM::recipient_x509_subject_name () const
 	return _data->authenticated_public.required_extensions.kdm_required_extensions.recipient.x509_subject_name;
 }
 
+CertificateChain
+EncryptedKDM::signer_certificate_chain () const
+{
+	CertificateChain chain;
+	BOOST_FOREACH (data::X509Data const & i, _data->signature.x509_data) {
+		string s = "-----BEGIN CERTIFICATE-----\n" + i.x509_certificate + "\n-----END CERTIFICATE-----";
+		chain.add (Certificate(s));
+	}
+	return chain;
+}
+
 bool
 dcp::operator== (EncryptedKDM const & a, EncryptedKDM const & b)
 {
diff --git a/src/encrypted_kdm.h b/src/encrypted_kdm.h
index e52fa0a1..ddc0273a 100644
--- a/src/encrypted_kdm.h
+++ b/src/encrypted_kdm.h
@@ -94,6 +94,7 @@ public:
 	LocalTime not_valid_before () const;
 	LocalTime not_valid_after () const;
 	std::string recipient_x509_subject_name () const;
+	CertificateChain signer_certificate_chain () const;
 
 private:
 
diff --git a/src/smpte_subtitle_asset.cc b/src/smpte_subtitle_asset.cc
index ae473071..3a712e03 100644
--- a/src/smpte_subtitle_asset.cc
+++ b/src/smpte_subtitle_asset.cc
@@ -197,7 +197,7 @@ SMPTESubtitleAsset::read_mxf_descriptor (shared_ptr<ASDCP::TimedText::MXFReader>
 	ASDCP::TimedText::TimedTextDescriptor descriptor;
 	reader->FillTimedTextDescriptor (descriptor);
 
-	/* Load fonts */
+	/* Load fonts and images */
 
 	for (
 		ASDCP::TimedText::ResourceList_t::const_iterator i = descriptor.ResourceList.begin();