X-Git-Url: https://git.carlh.net/gitweb/?a=blobdiff_plain;ds=sidebyside;f=src%2Flib%2Fconfig.cc;h=172890dcfbc34610a83a1d5b26ec64cdd0a6108f;hb=3526252ff2fd80a459c72ab1c55ea5a6ee61aa2f;hp=e61eea3a6f89f7cd916be30b9cb8a54aa595dc95;hpb=a65efe6bd00fbba4f075c4c666dafafb8a5eed4d;p=dcpomatic.git diff --git a/src/lib/config.cc b/src/lib/config.cc index e61eea3a6..172890dcf 100644 --- a/src/lib/config.cc +++ b/src/lib/config.cc @@ -32,6 +32,7 @@ #include "film.h" #include "dkdm_wrapper.h" #include "compose.hpp" +#include "crypto.h" #include #include #include @@ -61,6 +62,7 @@ using boost::shared_ptr; using boost::optional; using boost::dynamic_pointer_cast; using boost::algorithm::trim; +using boost::shared_array; using dcp::raw_convert; Config* Config::_instance = 0; @@ -435,7 +437,19 @@ try BOOST_FOREACH (cxml::NodePtr i, decryption->node_children ("Certificate")) { c->add (dcp::Certificate (i->content ())); } - c->set_key (decryption->string_child ("PrivateKey")); + optional key = decryption->optional_string_child ("PrivateKey"); +#ifdef DCPOMATIC_VARIANT_SWAROOP + if (key) { + c->set_key (*key); + } else { + dcp::Data encrypted_key (path("private")); + dcp::Data iv (path("iv")); + c->set_key (dcpomatic::decrypt (encrypted_key, key_from_uuid(), iv)); + } +#else + DCPOMATIC_ASSERT (key); + c->set_key (*key); +#endif _decryption_chain = c; } else { _decryption_chain = create_certificate_chain (); @@ -599,6 +613,19 @@ Config::write () const write_cinemas (); } +#ifdef DCPOMATIC_VARIANT_SWAROOP +/* Make up a key from the machine UUID */ +dcp::Data +Config::key_from_uuid () const +{ + dcp::Data key (dcpomatic::crypto_key_length()); + memset (key.data().get(), 0, key.size()); + string const magic = command_and_read ("dcpomatic2_uuid"); + strncpy ((char *) key.data().get(), magic.c_str(), dcpomatic::crypto_key_length()); + return key; +} +#endif + void Config::write_config () const { @@ -771,18 +798,7 @@ Config::write_config () const BOOST_FOREACH (dcp::Certificate const & i, _signer_chain->unordered()) { signer->add_child("Certificate")->add_child_text (i.certificate (true)); } -#ifdef DCPOMATIC_SWAROOP - FILE* f = fopen_boost (path("private"), "wb"); - if (!f) { - throw FileError ("Could not open file for writing", path("private")); - } - shared_array iv = dcpomatic::random_iv (); - dcp::Data encrypted_key = dcpomatic::encrypt (_signer_chain->key().get(), key, iv); - fwrite (encrypted_key.data().get(), encrypted_key.data().size(), 1, f); - fclose (f); -#else signer->add_child("PrivateKey")->add_child_text (_signer_chain->key().get ()); -#endif /* [XML] Decryption Certificate chain and private key to use when decrypting KDMs */ xmlpp::Element* decryption = root->add_child ("Decryption"); @@ -790,7 +806,14 @@ Config::write_config () const BOOST_FOREACH (dcp::Certificate const & i, _decryption_chain->unordered()) { decryption->add_child("Certificate")->add_child_text (i.certificate (true)); } +#ifdef DCPOMATIC_VARIANT_SWAROOP + dcp::Data iv = dcpomatic::random_iv (); + dcp::Data encrypted_key = dcpomatic::encrypt (_decryption_chain->key().get(), key_from_uuid(), iv); + encrypted_key.write (path("private")); + iv.write (path("iv")); +#else decryption->add_child("PrivateKey")->add_child_text (_decryption_chain->key().get ()); +#endif /* [XML] History Filename of DCP to present in the File menu of the GUI; there can be more than one of these tags.