1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
/*
Copyright (C) 2012-2022 Carl Hetherington <cth@carlh.net>
This file is part of libdcp.
libdcp is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
libdcp is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with libdcp. If not, see <http://www.gnu.org/licenses/>.
*/
/* If you are using an installed libdcp, these #includes would need to be changed to
#include <dcp/decrypted_kdm.h>
... etc. ...
*/
#include "certificate_chain.h"
#include "decrypted_kdm.h"
#include "encrypted_kdm.h"
#include "key.h"
#include "util.h"
constexpr char recipient_certificate[] = "-----BEGIN CERTIFICATE-----\n"
"MIIEaTCCA1GgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBhTEWMBQGA1UEChMNZGNw\n"
"b21hdGljLmNvbTEWMBQGA1UECxMNZGNwb21hdGljLmNvbTEsMCoGA1UEAxMjLmRj\n"
"cG9tYXRpYy5zbXB0ZS00MzAtMi5JTlRFUk1FRElBVEUxJTAjBgNVBC4THEJyRE1x\n"
"TjF4bytQcy9ZZTdLTmVhNzRHdlI5Yz0wHhcNMjIwOTIwMTk1MTQxWhcNMzIwOTIy\n"
"MTk1MTQxWjB/MRYwFAYDVQQKEw1kY3BvbWF0aWMuY29tMRYwFAYDVQQLEw1kY3Bv\n"
"bWF0aWMuY29tMSYwJAYDVQQDEx1DUy5kY3BvbWF0aWMuc21wdGUtNDMwLTIuTEVB\n"
"RjElMCMGA1UELhMcSmR4aEVZdURUR05RQlh2TFpsWEZReVVGSzdZPTCCASIwDQYJ\n"
"KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOWq+41uCQbcwQ8+Sh3kVUiG7b9SjU5k\n"
"L8my4IEW2ajjUSDff/a2AM7W+BBAzuAWXpZe2+x+/UdAKOIBLFuyWFKbKLMgh0i0\n"
"WuukOqeEdr+ZD09PgvHriEk9pXcYDhGxp3OmLVR7kmK0mn+SwLfNZ2LUGJSItGra\n"
"ciOPcJgbj/2jyqIkFOz6oZk4xPNdhhM1q41ledTQY/DjesoQqCVZv+lJlAOhc7Sy\n"
"vynk6WXF+PtRYjTqMFuHKAjZaNjKBFu60gYp3xVdmAyOmD/7DHFtum9HgTr0GM9l\n"
"NfBuU7tFjwl7uylB8/Eff2OLo1cSOH+O2uvzaat1ceYETlCLDeyneY8CAwEAAaOB\n"
"6DCB5TAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIFoDAdBgNVHQ4EFgQUJdxhEYuD\n"
"TGNQBXvLZlXFQyUFK7YwgagGA1UdIwSBoDCBnYAUBrDMqN1xo+Ps/Ye7KNea74Gv\n"
"R9ehgYGkfzB9MRYwFAYDVQQKEw1kY3BvbWF0aWMuY29tMRYwFAYDVQQLEw1kY3Bv\n"
"bWF0aWMuY29tMSQwIgYDVQQDExsuZGNwb21hdGljLnNtcHRlLTQzMC0yLlJPT1Qx\n"
"JTAjBgNVBC4THFc4YnBZTXkyVlF2WllDcGhOVWRqUVhLcGVNYz2CAQYwDQYJKoZI\n"
"hvcNAQELBQADggEBAHNocvxiWHwh0JKgf5cS1x7NHjnL9V5NSKRFH6qKZkSEWOdk\n"
"05+n99zxDzjh600DAAp8QIQ8FgC93TXsBg/owrKyZhVpDaRt5ZmUaLmmJUFBtEkJ\n"
"qmlXmZGu213zTCT1coMFNXiEImhUt/vd5JOmNsGydCyzEipr7vt8aDr/xCCJdcUo\n"
"y2Q5MfrD5wC4PgPBampSsbIu6IrTfx5kbrKIg/4X2VGFzyNDHz8N4+wfPGBuo4Ra\n"
"6YWAd58LUb1Wp7dP27HkQH74QRPvrVNOC4vcjnHnBtlWmFzGOi+1e4stWupL7IYd\n"
"Apivqyi9TqCUHkjLyuZPjEU30borxqrl918Z/Co=\n"
"-----END CERTIFICATE-----\n";
int main()
{
/* The parameter to this call specifies where resources can be found, i.e.
* the tags and schema directories.
*/
dcp::init(boost::filesystem::path("."));
/* Make a KDM to hold one or more asset keys */
dcp::DecryptedKDM decrypted_kdm(
// valid from time
dcp::LocalTime("2023-01-20T09:30:00"),
// valid to time
dcp::LocalTime("2023-11-01T09:30:00"),
// annotation text
"KDM annotation",
// content title text
"KDM content title",
// issue date; using dcp::LocalTime() gives the time when the code is run
dcp::LocalTime().as_string()
);
/* Add a key which can decrypt an asset; you should do this for each encrypted asset
* that the KDM must unlock.
*/
decrypted_kdm.add_key(
// key type (MDIK is for image MXFs)
std::string{"MDIK"},
// key ID
"01234567-89ab-cdef-0123-456789abcdef",
// key
dcp::Key("00112233445566778899aabbccddeeff"),
// CPL ID
"fedcba98-7654-3210-fedc-ba9876543210",
// Standard for KDM (interop/SMPTE)
dcp::Standard::SMPTE
);
/* Make a certificate chain to sign the KDM */
auto signer = std::make_shared<dcp::CertificateChain>("/usr/bin/openssl", 365);
/* Certificate of the recipient projector/media block */
dcp::Certificate recipient(recipient_certificate);
/* Encrypt the KDM */
auto encrypted_kdm = decrypted_kdm.encrypt(
signer,
recipient,
{},
dcp::Formulation::MODIFIED_TRANSITIONAL_1,
false,
{}
);
/* Dump the XML to the console */
std::cout << encrypted_kdm.as_xml();
return 0;
}
|
