X-Git-Url: https://git.carlh.net/gitweb/?a=blobdiff_plain;f=src%2Fdecrypted_kdm.h;h=7ae1d161feaf1efefb5820985b68bbe5646371b6;hb=f2f2a2afc393dcaee747b97173d71a622d05d910;hp=4c46c74a80a4b19c07c4afb36a2c2ee2a5519a9b;hpb=1b3afa214c5286c6b6072883d11f9744bac65a75;p=libdcp.git

diff --git a/src/decrypted_kdm.h b/src/decrypted_kdm.h
index 4c46c74a..7ae1d161 100644
--- a/src/decrypted_kdm.h
+++ b/src/decrypted_kdm.h
@@ -1,20 +1,34 @@
 /*
-    Copyright (C) 2013-2014 Carl Hetherington <cth@carlh.net>
+    Copyright (C) 2013-2017 Carl Hetherington <cth@carlh.net>
 
-    This program is free software; you can redistribute it and/or modify
+    This file is part of libdcp.
+
+    libdcp is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
     the Free Software Foundation; either version 2 of the License, or
     (at your option) any later version.
 
-    This program is distributed in the hope that it will be useful,
+    libdcp is distributed in the hope that it will be useful,
     but WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     GNU General Public License for more details.
 
     You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
+    along with libdcp.  If not, see <http://www.gnu.org/licenses/>.
+
+    In addition, as a special exception, the copyright holders give
+    permission to link the code of portions of this program with the
+    OpenSSL library under certain conditions as described in each
+    individual source file, and distribute linked combinations
+    including the two.
+
+    You must obey the GNU General Public License in all respects
+    for all of the code used other than OpenSSL.  If you modify
+    file(s) with this exception, you may extend this exception to your
+    version of the file(s), but you are not obligated to do so.  If you
+    do not wish to do so, delete this exception statement from your
+    version.  If you delete this exception statement from all source
+    files in the program, then also delete it here.
 */
 
 #ifndef LIBDCP_DECRYPTED_KDM_H
@@ -28,15 +42,19 @@
 #include "local_time.h"
 #include "decrypted_kdm_key.h"
 #include "types.h"
+#include "certificate.h"
 #include <boost/filesystem.hpp>
+#include <boost/optional.hpp>
+
+class decrypted_kdm_test;
 
 namespace dcp {
 
 class DecryptedKDMKey;
 class EncryptedKDM;
-class Signer;
-class Certificate;
+class CertificateChain;
 class CPL;
+class ReelMXF;
 
 /** @class DecryptedKDM
  *  @brief A decrypted KDM.
@@ -45,7 +63,7 @@ class CPL;
  *  has been created (by some other means) ready for encryption later.
  *
  *  A DecryptedKDM object can be created either from an EncryptedKDM and private key file,
- *  or from the details of the MXFs that the KDM should protect.
+ *  or from the details of the assets that the KDM should protect.
  */
 class DecryptedKDM
 {
@@ -55,13 +73,13 @@ public:
 	 */
 	DecryptedKDM (EncryptedKDM const & kdm, std::string private_key);
 
-	/** Construct a DecryptedKDM.
-	 *  @param cpl CPL that the keys are for.
+	/** Create an empty DecryptedKDM.  After creation you must call
+	 *  add_key() to add each key that you want in the KDM.
+	 *
 	 *  @param not_valid_before Start time for the KDM.
 	 *  @param not_valid_after End time for the KDM.
 	 */
 	DecryptedKDM (
-		boost::shared_ptr<const CPL> cpl,
 		LocalTime not_valid_before,
 		LocalTime not_valid_after,
 		std::string annotation_text,
@@ -69,30 +87,87 @@ public:
 		std::string issue_date
 		);
 
-	/** Add a key to this KDM.
-	 *  @param type Key type (MDIK, MDAK etc.)
-	 *  @param id Key id.
-	 *  @param key the key itself (which has been used to encrypt a MXF).
+	/** Construct a DecryptedKDM containing a given set of keys.
+	 *  @param keys Keys to be included in the DecryptedKDM.
 	 */
-	void add_key (std::string type, std::string id, Key key);
+	DecryptedKDM (
+		std::string cpl_id,
+		std::map<boost::shared_ptr<const ReelMXF>, Key> keys,
+		LocalTime not_valid_before,
+		LocalTime not_valid_after,
+		std::string annotation_text,
+		std::string content_title_text,
+		std::string issue_date
+		);
+
+	/** Create a DecryptedKDM by taking a CPL and setting up to encrypt each of its
+	 *  assets with the same symmetric key.
+	 *
+	 *  @param cpl CPL that the keys are for.
+	 *  @param key Key that was used to encrypt the assets.
+	 *  @param not_valid_before Start time for the KDM.
+	 *  @param not_valid_after End time for the KDM.
+	 */
+	DecryptedKDM (
+		boost::shared_ptr<const CPL> cpl,
+		Key key,
+		LocalTime not_valid_before,
+		LocalTime not_valid_after,
+		std::string annotation_text,
+		std::string content_title_text,
+		std::string issue_date
+		);
 
 	/** Encrypt this KDM's keys and sign the whole KDM.
-	 *  @param signer Signer.
+	 *  @param signer Chain to sign with.
 	 *  @param recipient Certificate of the projector/server which should receive this KDM's keys.
+	 *  @param trusted_devices Extra trusted devices which should be written to the KDM (recipient will be written
+	 *  as a trusted device automatically and does not need to be included in this list).
 	 *  @param formulation Formulation to use for the encrypted KDM.
+	 *  @param disable_forensic_marking_picture true to disable forensic marking of picture.
+	 *  @param disable_forensic_marking_audio if not set, don't disable forensic marking of audio.  If set to 0,
+	 *  disable all forensic marking; if set above 0, disable forensic marking above that channel.
 	 *  @return Encrypted KDM.
 	 */
-	EncryptedKDM encrypt (boost::shared_ptr<const Signer> signer, boost::shared_ptr<const Certificate> recipient, Formulation formulation) const;
-
-	/** @return This KDM's (decrypted) keys, which could be used to decrypt MXFs. */
+	EncryptedKDM encrypt (
+		boost::shared_ptr<const CertificateChain> signer,
+		Certificate recipient,
+		std::vector<Certificate> trusted_devices,
+		Formulation formulation,
+		bool disable_forensic_marking_picture,
+		boost::optional<int> disable_forensic_marking_audio
+		) const;
+
+	void add_key (boost::optional<std::string> type, std::string key_id, Key key, std::string cpl_id, Standard standard);
+	void add_key (DecryptedKDMKey key);
+
+	/** @return This KDM's (decrypted) keys, which could be used to decrypt assets. */
 	std::list<DecryptedKDMKey> keys () const {
 		return _keys;
 	}
 
+	boost::optional<std::string> annotation_text () const {
+		return _annotation_text;
+	}
+
+	std::string content_title_text () const {
+		return _content_title_text;
+	}
+
+	std::string issue_date () const {
+		return _issue_date;
+	}
+
 private:
+
+	friend class ::decrypted_kdm_test;
+
+	static void put_uuid (uint8_t ** d, std::string id);
+	static std::string get_uuid (unsigned char ** p);
+
 	LocalTime _not_valid_before;
 	LocalTime _not_valid_after;
-	std::string _annotation_text;
+	boost::optional<std::string> _annotation_text;
 	std::string _content_title_text;
 	std::string _issue_date;
 	std::list<DecryptedKDMKey> _keys;