diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/decrypted_kdm.cc | 31 | ||||
| -rw-r--r-- | src/decrypted_kdm.h | 2 | ||||
| -rw-r--r-- | src/decrypted_kdm_key.cc | 6 | ||||
| -rw-r--r-- | src/decrypted_kdm_key.h | 14 | ||||
| -rw-r--r-- | src/encrypted_kdm.cc | 6 | ||||
| -rw-r--r-- | src/encrypted_kdm.h | 5 |
6 files changed, 45 insertions, 19 deletions
diff --git a/src/decrypted_kdm.cc b/src/decrypted_kdm.cc index 8355e1c8..72070fe7 100644 --- a/src/decrypted_kdm.cc +++ b/src/decrypted_kdm.cc @@ -58,8 +58,12 @@ using std::hex; using std::pair; using std::map; using boost::shared_ptr; +using boost::optional; using namespace dcp; +/* Magic value specified by SMPTE S430-1-2006 */ +static uint8_t smpte_structure_id[] = { 0xf1, 0xdc, 0x12, 0x44, 0x60, 0x16, 0x9a, 0x0e, 0x85, 0xbc, 0x30, 0x06, 0x42, 0xf8, 0x66, 0xab }; + static void put (uint8_t ** d, string s) { @@ -166,13 +170,14 @@ DecryptedKDM::DecryptedKDM (EncryptedKDM const & kdm, string private_key) /* 93 is not-valid-after (a string) [25 bytes] */ p += 25; /* 118 is the key [ASDCP::KeyLen bytes] */ - add_key ("", key_id, Key (p), cpl_id); + add_key (optional<string>(), key_id, Key (p), cpl_id, INTEROP); break; } case 138: { /* SMPTE */ /* 0 is structure id (fixed sequence specified by standard) [16 bytes] */ + DCP_ASSERT (memcmp (p, smpte_structure_id, 16) == 0); p += 16; /* 16 is is signer thumbprint [20 bytes] */ p += 20; @@ -187,7 +192,7 @@ DecryptedKDM::DecryptedKDM (EncryptedKDM const & kdm, string private_key) /* 97 is not-valid-after (a string) [25 bytes] */ p += 25; /* 112 is the key [ASDCP::KeyLen bytes] */ - add_key (key_type, key_id, Key (p), cpl_id); + add_key (key_type, key_id, Key (p), cpl_id, SMPTE); break; } default: @@ -237,7 +242,7 @@ DecryptedKDM::DecryptedKDM ( , _issue_date (issue_date) { for (map<shared_ptr<const ReelMXF>, Key>::const_iterator i = keys.begin(); i != keys.end(); ++i) { - add_key (i->first->key_type(), i->first->key_id().get(), i->second, cpl_id); + add_key (i->first->key_type(), i->first->key_id().get(), i->second, cpl_id, SMPTE); } } @@ -261,7 +266,7 @@ DecryptedKDM::DecryptedKDM ( BOOST_FOREACH(shared_ptr<const ReelAsset> i, cpl->reel_assets ()) { shared_ptr<const ReelMXF> mxf = boost::dynamic_pointer_cast<const ReelMXF> (i); if (mxf && mxf->key_id ()) { - add_key (mxf->key_type(), mxf->key_id().get(), key, cpl->id ()); + add_key (mxf->key_type(), mxf->key_id().get(), key, cpl->id(), SMPTE); did_one = true; } } @@ -277,9 +282,9 @@ DecryptedKDM::DecryptedKDM ( * @param cpl_id ID of CPL that the key is for. */ void -DecryptedKDM::add_key (string type, string key_id, Key key, string cpl_id) +DecryptedKDM::add_key (optional<string> type, string key_id, Key key, string cpl_id, Standard standard) { - _keys.push_back (DecryptedKDMKey (type, key_id, key, cpl_id)); + _keys.push_back (DecryptedKDMKey (type, key_id, key, cpl_id, standard)); } void @@ -289,26 +294,28 @@ DecryptedKDM::add_key (DecryptedKDMKey key) } EncryptedKDM -DecryptedKDM::encrypt (shared_ptr<const CertificateChain> signer, Certificate recipient, vector<Certificate> trusted_devices, Formulation formulation) const +DecryptedKDM::encrypt ( + shared_ptr<const CertificateChain> signer, Certificate recipient, vector<Certificate> trusted_devices, Formulation formulation + ) const { list<pair<string, string> > key_ids; list<string> keys; BOOST_FOREACH (DecryptedKDMKey const & i, _keys) { - key_ids.push_back (make_pair (i.type(), i.id ())); + /* We're making SMPTE keys so we must have a type for each one */ + DCP_ASSERT (i.type()); + key_ids.push_back (make_pair (i.type().get(), i.id ())); /* XXX: SMPTE only */ uint8_t block[138]; uint8_t* p = block; - /* Magic value specified by SMPTE S430-1-2006 */ - uint8_t structure_id[] = { 0xf1, 0xdc, 0x12, 0x44, 0x60, 0x16, 0x9a, 0x0e, 0x85, 0xbc, 0x30, 0x06, 0x42, 0xf8, 0x66, 0xab }; - put (&p, structure_id, 16); + put (&p, smpte_structure_id, 16); base64_decode (signer->leaf().thumbprint (), p, 20); p += 20; put_uuid (&p, i.cpl_id ()); - put (&p, i.type ()); + put (&p, i.type().get()); put_uuid (&p, i.id ()); put (&p, _not_valid_before.as_string ()); put (&p, _not_valid_after.as_string ()); diff --git a/src/decrypted_kdm.h b/src/decrypted_kdm.h index 752ced04..56529b5d 100644 --- a/src/decrypted_kdm.h +++ b/src/decrypted_kdm.h @@ -133,7 +133,7 @@ public: Formulation formulation ) const; - void add_key (std::string type, std::string key_id, Key key, std::string cpl_id); + void add_key (boost::optional<std::string> type, std::string key_id, Key key, std::string cpl_id, Standard standard); void add_key (DecryptedKDMKey key); /** @return This KDM's (decrypted) keys, which could be used to decrypt assets. */ diff --git a/src/decrypted_kdm_key.cc b/src/decrypted_kdm_key.cc index 02042d4e..e5adc3c6 100644 --- a/src/decrypted_kdm_key.cc +++ b/src/decrypted_kdm_key.cc @@ -38,5 +38,9 @@ using namespace dcp; bool dcp::operator== (dcp::DecryptedKDMKey const & a, dcp::DecryptedKDMKey const & b) { - return a.type() == b.type() && a.id() == b.id() && a.key() == b.key() && a.cpl_id() == b.cpl_id(); + return a.type() == b.type() + && a.id() == b.id() + && a.key() == b.key() + && a.cpl_id() == b.cpl_id() + && a.standard() == b.standard(); } diff --git a/src/decrypted_kdm_key.h b/src/decrypted_kdm_key.h index 95ffccb8..3fee9a68 100644 --- a/src/decrypted_kdm_key.h +++ b/src/decrypted_kdm_key.h @@ -39,6 +39,8 @@ #define LIBDCP_DECRYPTED_KDM_KEY_H #include "key.h" +#include "types.h" +#include <boost/optional.hpp> namespace dcp { @@ -48,14 +50,15 @@ namespace dcp { class DecryptedKDMKey { public: - DecryptedKDMKey (std::string type, std::string id, Key key, std::string cpl_id) + DecryptedKDMKey (boost::optional<std::string> type, std::string id, Key key, std::string cpl_id, Standard standard) : _type (type) , _id (id) , _key (key) , _cpl_id (cpl_id) + , _standard (standard) {} - std::string type () const { + boost::optional<std::string> type () const { return _type; } @@ -71,11 +74,16 @@ public: return _cpl_id; } + Standard standard () const { + return _standard; + } + private: - std::string _type; + boost::optional<std::string> _type; std::string _id; Key _key; std::string _cpl_id; + Standard _standard; }; bool operator== (DecryptedKDMKey const &, DecryptedKDMKey const &); diff --git a/src/encrypted_kdm.cc b/src/encrypted_kdm.cc index 80c5e2ef..8251007b 100644 --- a/src/encrypted_kdm.cc +++ b/src/encrypted_kdm.cc @@ -688,6 +688,12 @@ EncryptedKDM::not_valid_after () const return _data->authenticated_public.required_extensions.kdm_required_extensions.not_valid_after; } +string +EncryptedKDM::recipient_x509_subject_name () const +{ + return _data->authenticated_public.required_extensions.kdm_required_extensions.recipient.x509_subject_name; +} + bool dcp::operator== (EncryptedKDM const & a, EncryptedKDM const & b) { diff --git a/src/encrypted_kdm.h b/src/encrypted_kdm.h index edbf5192..1605d911 100644 --- a/src/encrypted_kdm.h +++ b/src/encrypted_kdm.h @@ -90,8 +90,9 @@ public: std::string content_title_text () const; std::string issue_date () const; std::string cpl_id () const; - LocalTime not_valid_before() const; - LocalTime not_valid_after() const; + LocalTime not_valid_before () const; + LocalTime not_valid_after () const; + std::string recipient_x509_subject_name () const; private: |