+ if (d->ShowModal() == wxID_OK) {
+ try {
+ dcp::Certificate c (dcp::file_to_string (wx_to_std (d->GetPath ())));
+ _chain->add (c);
+ _set (_chain);
+ update_certificate_list ();
+ } catch (dcp::MiscError& e) {
+ error_dialog (this, wxString::Format (_("Could not read certificate file (%s)"), e.what ()));
+ }
+ }
+
+ d->Destroy ();
+
+ update_sensitivity ();
+ }
+
+ void remove_certificate ()
+ {
+ int i = _certificates->GetNextItem (-1, wxLIST_NEXT_ALL, wxLIST_STATE_SELECTED);
+ if (i == -1) {
+ return;
+ }
+
+ _certificates->DeleteItem (i);
+ _chain->remove (i);
+ _set (_chain);
+
+ update_sensitivity ();
+ }
+
+ void export_certificate ()
+ {
+ int i = _certificates->GetNextItem (-1, wxLIST_NEXT_ALL, wxLIST_STATE_SELECTED);
+ if (i == -1) {
+ return;
+ }
+
+ wxFileDialog* d = new wxFileDialog (
+ this, _("Select Certificate File"), wxEmptyString, wxEmptyString, wxT ("PEM files (*.pem)|*.pem"),
+ wxFD_SAVE | wxFD_OVERWRITE_PROMPT
+ );
+
+ dcp::CertificateChain::List all = _chain->root_to_leaf ();
+ dcp::CertificateChain::List::iterator j = all.begin ();
+ for (int k = 0; k < i; ++k) {
+ ++j;
+ }
+
+ if (d->ShowModal () == wxID_OK) {
+ FILE* f = fopen_boost (wx_to_std (d->GetPath ()), "w");
+ if (!f) {
+ throw OpenFileError (wx_to_std (d->GetPath ()));
+ }
+
+ string const s = j->certificate (true);
+ fwrite (s.c_str(), 1, s.length(), f);
+ fclose (f);
+ }
+ d->Destroy ();
+ }
+
+ void update_certificate_list ()
+ {
+ _certificates->DeleteAllItems ();
+ size_t n = 0;
+ dcp::CertificateChain::List certs = _chain->root_to_leaf ();
+ BOOST_FOREACH (dcp::Certificate const & i, certs) {
+ wxListItem item;
+ item.SetId (n);
+ _certificates->InsertItem (item);
+ _certificates->SetItem (n, 1, std_to_wx (i.thumbprint ()));
+
+ if (n == 0) {
+ _certificates->SetItem (n, 0, _("Root"));
+ } else if (n == (certs.size() - 1)) {
+ _certificates->SetItem (n, 0, _("Leaf"));
+ } else {
+ _certificates->SetItem (n, 0, _("Intermediate"));
+ }
+
+ ++n;
+ }
+ }
+
+ void remake_certificates ()
+ {
+ shared_ptr<const dcp::CertificateChain> chain = _get ();
+
+ string subject_organization_name;
+ string subject_organizational_unit_name;
+ string root_common_name;
+ string intermediate_common_name;
+ string leaf_common_name;
+
+ dcp::CertificateChain::List all = chain->root_to_leaf ();
+
+ if (all.size() >= 1) {
+ /* Have a root */
+ subject_organization_name = chain->root().subject_organization_name ();
+ subject_organizational_unit_name = chain->root().subject_organizational_unit_name ();
+ root_common_name = chain->root().subject_common_name ();
+ }
+
+ if (all.size() >= 2) {
+ /* Have a leaf */
+ leaf_common_name = chain->leaf().subject_common_name ();
+ }
+
+ if (all.size() >= 3) {
+ /* Have an intermediate */
+ dcp::CertificateChain::List::iterator i = all.begin ();
+ ++i;
+ intermediate_common_name = i->subject_common_name ();
+ }
+
+ MakeChainDialog* d = new MakeChainDialog (
+ this,
+ subject_organization_name,
+ subject_organizational_unit_name,
+ root_common_name,
+ intermediate_common_name,
+ leaf_common_name
+ );
+
+ if (d->ShowModal () == wxID_OK) {
+ _chain.reset (
+ new dcp::CertificateChain (
+ openssl_path (),
+ d->organisation (),
+ d->organisational_unit (),
+ d->root_common_name (),
+ d->intermediate_common_name (),
+ d->leaf_common_name ()
+ )
+ );
+
+ _set (_chain);
+ update_certificate_list ();
+ update_private_key ();
+ }
+
+ d->Destroy ();
+ }
+
+ void update_sensitivity ()
+ {
+ _remove_certificate->Enable (_certificates->GetNextItem (-1, wxLIST_NEXT_ALL, wxLIST_STATE_SELECTED) != -1);
+ _export_certificate->Enable (_certificates->GetNextItem (-1, wxLIST_NEXT_ALL, wxLIST_STATE_SELECTED) != -1);
+ }
+
+ void update_private_key ()
+ {
+ checked_set (_private_key, dcp::private_key_fingerprint (_chain->key().get ()));
+ _sizer->Layout ();
+ }
+
+ void load_private_key ()
+ {
+ wxFileDialog* d = new wxFileDialog (this, _("Select Key File"));
+
+ if (d->ShowModal() == wxID_OK) {
+ try {
+ boost::filesystem::path p (wx_to_std (d->GetPath ()));
+ if (boost::filesystem::file_size (p) > 1024) {
+ error_dialog (this, wxString::Format (_("Could not read key file (%s)"), std_to_wx (p.string ())));
+ return;
+ }
+
+ _chain->set_key (dcp::file_to_string (p));
+ _set (_chain);
+ update_private_key ();
+ } catch (dcp::MiscError& e) {
+ error_dialog (this, wxString::Format (_("Could not read certificate file (%s)"), e.what ()));
+ }
+ }
+
+ d->Destroy ();
+
+ update_sensitivity ();
+ }
+
+ void export_private_key ()
+ {
+ optional<string> key = _chain->key ();
+ if (!key) {
+ return;
+ }
+
+ wxFileDialog* d = new wxFileDialog (
+ this, _("Select Key File"), wxEmptyString, wxEmptyString, wxT ("PEM files (*.pem)|*.pem"),
+ wxFD_SAVE | wxFD_OVERWRITE_PROMPT
+ );
+
+ if (d->ShowModal () == wxID_OK) {
+ FILE* f = fopen_boost (wx_to_std (d->GetPath ()), "w");
+ if (!f) {
+ throw OpenFileError (wx_to_std (d->GetPath ()));
+ }
+
+ string const s = _chain->key().get ();
+ fwrite (s.c_str(), 1, s.length(), f);
+ fclose (f);
+ }
+ d->Destroy ();
+ }
+
+ wxListCtrl* _certificates;
+ wxButton* _add_certificate;
+ wxButton* _export_certificate;
+ wxButton* _remove_certificate;
+ wxButton* _remake_certificates;
+ wxStaticText* _private_key;
+ wxButton* _load_private_key;
+ wxButton* _export_private_key;
+ wxSizer* _sizer;
+ wxBoxSizer* _button_sizer;
+ shared_ptr<dcp::CertificateChain> _chain;
+ boost::function<void (shared_ptr<dcp::CertificateChain>)> _set;
+ boost::function<shared_ptr<const dcp::CertificateChain> (void)> _get;
+};
+
+class KeysPage : public StandardPage
+{
+public:
+ KeysPage (wxSize panel_size, int border)
+ : StandardPage (panel_size, border)
+ {}
+
+ wxString GetName () const
+ {
+ return _("Keys");
+ }
+
+#ifdef DCPOMATIC_OSX
+ wxBitmap GetLargeIcon () const
+ {
+ return wxBitmap ("keys", wxBITMAP_TYPE_PNG_RESOURCE);
+ }
+#endif
+
+private:
+
+ void setup ()
+ {
+ _signer = new CertificateChainEditor (
+ _panel, _("Signing DCPs and KDMs"), _border,
+ boost::bind (&Config::set_signer_chain, Config::instance (), _1),
+ boost::bind (&Config::signer_chain, Config::instance ())
+ );
+
+ _panel->GetSizer()->Add (_signer);
+
+ _decryption = new CertificateChainEditor (
+ _panel, _("Decrypting DCPs"), _border,
+ boost::bind (&Config::set_decryption_chain, Config::instance (), _1),
+ boost::bind (&Config::decryption_chain, Config::instance ())
+ );
+
+ _panel->GetSizer()->Add (_decryption);
+
+ _export_decryption_certificate = new wxButton (_decryption, wxID_ANY, _("Export DCP decryption certificate..."));
+ _decryption->add_button (_export_decryption_certificate);
+
+ _export_decryption_certificate->Bind (wxEVT_COMMAND_BUTTON_CLICKED, boost::bind (&KeysPage::export_decryption_certificate, this));
+ }
+
+ void export_decryption_certificate ()
+ {
+ wxFileDialog* d = new wxFileDialog (
+ _panel, _("Select Certificate File"), wxEmptyString, wxEmptyString, wxT ("PEM files (*.pem)|*.pem"),
+ wxFD_SAVE | wxFD_OVERWRITE_PROMPT
+ );
+
+ if (d->ShowModal () == wxID_OK) {
+ FILE* f = fopen_boost (wx_to_std (d->GetPath ()), "w");
+ if (!f) {
+ throw OpenFileError (wx_to_std (d->GetPath ()));
+ }
+
+ string const s = Config::instance()->decryption_chain()->leaf().certificate (true);
+ fwrite (s.c_str(), 1, s.length(), f);
+ fclose (f);
+ }
+ d->Destroy ();
+ }
+
+ void config_changed ()
+ {
+ _signer->config_changed ();
+ _decryption->config_changed ();
+ }
+
+ CertificateChainEditor* _signer;
+ CertificateChainEditor* _decryption;
+ wxButton* _export_decryption_certificate;
+};
+
+class TMSPage : public StandardPage
+{
+public:
+ TMSPage (wxSize panel_size, int border)
+ : StandardPage (panel_size, border)