Fix signing of KDMs.

4 files changed, 20 insertions, 12 deletions

diff --git a/src/kdm.cc b/src/kdm.cc
index 79dc57e1..80d64441 100644
--- a/src/kdm.cc
+++ b/src/kdm.cc
@@ -153,7 +153,6 @@ KDM::KDM (
 	shared_ptr<cxml::Node> root (new cxml::Node (doc->get_root_node ()));
 	xmlpp::Node* signature = root->node_child("Signature")->node();
 	signer->add_signature_value (signature, "ds");
-	doc->write_to_file_formatted ("/home/carl/foo.xml", "UTF-8");
 	_xml_kdm->signature = xml::Signature (shared_ptr<cxml::Node> (new cxml::Node (signature)));
 }
 
@@ -181,14 +180,20 @@ void
 KDM::as_xml (boost::filesystem::path path) const
 {
 	shared_ptr<xmlpp::Document> doc = _xml_kdm->as_xml ();
-	doc->write_to_file_formatted (path.string(), "UTF-8");
+	/* This must *not* be the _formatted version, otherwise the signature
+	   will be wrong.
+	*/
+	doc->write_to_file (path.string(), "UTF-8");
 }
 
 string
 KDM::as_xml () const
 {
 	shared_ptr<xmlpp::Document> doc = _xml_kdm->as_xml ();
-	return doc->write_to_string_formatted ("UTF-8");
+	/* This must *not* be the _formatted version, otherwise the signature
+	   will be wrong.
+	*/
+	return doc->write_to_string ("UTF-8");
 }
 
 KDMKey::KDMKey (
diff --git a/src/signer.cc b/src/signer.cc
index 9aebd39d..f15f5325 100644
--- a/src/signer.cc
+++ b/src/signer.cc
@@ -21,12 +21,14 @@
 #include <xmlsec/xmldsig.h>
 #include <xmlsec/dl.h>
 #include <xmlsec/app.h>
+#include <xmlsec/crypto.h>
 #include <libcxml/cxml.h>
 #include "signer.h"
 #include "exceptions.h"
 
 using std::string;
 using std::list;
+using std::cout;
 using boost::shared_ptr;
 using namespace libdcp;
 
diff --git a/src/util.cc b/src/util.cc
index 4bcc61fb..11052df6 100644
--- a/src/util.cc
+++ b/src/util.cc
@@ -33,6 +33,7 @@
 #include <xmlsec/xmldsig.h>
 #include <xmlsec/dl.h>
 #include <xmlsec/app.h>
+#include <xmlsec/crypto.h>
 #include "KM_util.h"
 #include "KM_fileio.h"
 #include "AS_DCP.h"
diff --git a/src/xml/kdm_smpte.h b/src/xml/kdm_smpte.h
index d26c4896..32a297f8 100644
--- a/src/xml/kdm_smpte.h
+++ b/src/xml/kdm_smpte.h
@@ -317,16 +317,12 @@ public:
 		node->done ();
 	}
 
-	void as_xml (Writer& writer, xmlpp::Element* node) const
+	void as_xml (xmlpp::Element* node) const
 	{
 		xmlpp::Element* reference = node->add_child ("Reference", "ds");
 		reference->set_attribute ("URI", uri);
 		reference->add_child("DigestMethod", "ds")->set_attribute ("Algorithm", "http://www.w3.org/2001/04/xmlenc#sha256");
 		reference->add_child("DigestValue", "ds")->add_child_text (digest_value);
-		
-		if (!uri.empty ()) {
-			xmlAddID (0, writer.document->cobj(), (const xmlChar *) uri.substr(1).c_str(), writer.references[uri.substr(1)]->cobj ());
-		}
 	}
 	
 	std::string uri;
@@ -364,14 +360,14 @@ public:
 		node->done ();
 	}
 	
-	void as_xml (Writer& writer, xmlpp::Element* node) const
+	void as_xml (xmlpp::Element* node) const
 	{
 		xmlpp::Element* si = node->add_child ("SignedInfo", "ds");
 		si->add_child ("CanonicalizationMethod", "ds")->set_attribute ("Algorithm", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments");
 		si->add_child ("SignatureMethod", "ds")->set_attribute ("Algorithm", "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
 		
-		authenticated_public.as_xml (writer, si);
-		authenticated_private.as_xml (writer, si);
+		authenticated_public.as_xml (si);
+		authenticated_private.as_xml (si);
 		
 		node->add_child("SignatureValue", "ds")->add_child_text (signature_value);
 		
@@ -413,7 +409,11 @@ public:
 		
 		authenticated_public.as_xml (writer, root->add_child ("AuthenticatedPublic"));
 		authenticated_private.as_xml (writer, root->add_child ("AuthenticatedPrivate"));
-		signature.as_xml (writer, root->add_child ("Signature", "ds"));
+		signature.as_xml (root->add_child ("Signature", "ds"));
+
+		for (std::map<std::string, xmlpp::Attribute*>::const_iterator i = writer.references.begin(); i != writer.references.end(); ++i) {
+			xmlAddID (0, writer.document->cobj(), (const xmlChar *) i->first.c_str(), i->second->cobj ());
+		}
 		
 		return writer.document;
 	}