X-Git-Url: https://git.carlh.net/gitweb/?a=blobdiff_plain;f=src%2Flib%2Fconfig.cc;h=114fc5c274c7753cdc0f2e0f721603ecaf47cd12;hb=5dc2dbdb6639f8d617a40209ad603d2a38f9df2a;hp=67abc63c2e8df4207ea339b3c909b1f69ffdf1b5;hpb=bbb2a4b7ccec953900d13e7bcdad229028bc7795;p=dcpomatic.git

diff --git a/src/lib/config.cc b/src/lib/config.cc
index 67abc63c2..114fc5c27 100644
--- a/src/lib/config.cc
+++ b/src/lib/config.cc
@@ -22,8 +22,10 @@
 #include <glib.h>
 #include <boost/filesystem.hpp>
 #include <boost/algorithm/string.hpp>
-#include <libdcp/colour_matrix.h>
-#include <libdcp/raw_convert.h>
+#include <dcp/colour_matrix.h>
+#include <dcp/raw_convert.h>
+#include <dcp/signer.h>
+#include <dcp/certificate_chain.h>
 #include <libcxml/cxml.h>
 #include "config.h"
 #include "server.h"
@@ -31,10 +33,11 @@
 #include "filter.h"
 #include "ratio.h"
 #include "dcp_content_type.h"
-#include "sound_processor.h"
+#include "cinema_sound_processor.h"
 #include "colour_conversion.h"
 #include "cinema.h"
 #include "util.h"
+#include "cross.h"
 
 #include "i18n.h"
 
@@ -51,7 +54,7 @@ using boost::shared_ptr;
 using boost::optional;
 using boost::algorithm::is_any_of;
 using boost::algorithm::split;
-using libdcp::raw_convert;
+using dcp::raw_convert;
 
 Config* Config::_instance = 0;
 
@@ -61,10 +64,10 @@ Config::Config ()
 	, _server_port_base (6192)
 	, _use_any_servers (true)
 	, _tms_path (".")
-	, _sound_processor (SoundProcessor::from_id (N_("dolby_cp750")))
+	, _cinema_sound_processor (CinemaSoundProcessor::from_id (N_("dolby_cp750")))
 	, _allow_any_dcp_frame_rate (false)
 	, _default_still_length (10)
-	, _default_scale (Ratio::from_id ("185"))
+	, _default_scale (VideoContentScale (Ratio::from_id ("185")))
 	, _default_container (Ratio::from_id ("185"))
 	, _default_dcp_content_type (DCPContentType::from_isdcf_name ("TST"))
 	, _default_j2k_bandwidth (100000000)
@@ -81,9 +84,9 @@ Config::Config ()
 	_allowed_dcp_frame_rates.push_back (50);
 	_allowed_dcp_frame_rates.push_back (60);
 
-	_colour_conversions.push_back (PresetColourConversion (_("sRGB"), 2.4, true, libdcp::colour_matrix::srgb_to_xyz, 2.6));
-	_colour_conversions.push_back (PresetColourConversion (_("sRGB non-linearised"), 2.4, false, libdcp::colour_matrix::srgb_to_xyz, 2.6));
-	_colour_conversions.push_back (PresetColourConversion (_("Rec. 709"), 2.2, false, libdcp::colour_matrix::rec709_to_xyz, 2.6));
+	_colour_conversions.push_back (PresetColourConversion (_("sRGB"), 2.4, true, dcp::colour_matrix::srgb_to_xyz, 2.6));
+	_colour_conversions.push_back (PresetColourConversion (_("sRGB non-linearised"), 2.4, false, dcp::colour_matrix::srgb_to_xyz, 2.6));
+	_colour_conversions.push_back (PresetColourConversion (_("Rec. 709"), 2.2, false, dcp::colour_matrix::rec709_to_xyz, 2.6));
 
 	reset_kdm_email ();
 }
@@ -92,7 +95,10 @@ void
 Config::read ()
 {
 	if (!boost::filesystem::exists (file (false))) {
-		read_old_metadata ();
+		/* Make a new set of signing certificates and key */
+		_signer.reset (new dcp::Signer (openssl_path ()));
+		/* And decryption keys */
+		make_decryption_keys ();
 		return;
 	}
 
@@ -130,14 +136,18 @@ Config::read ()
 
 	c = f.optional_string_child ("SoundProcessor");
 	if (c) {
-		_sound_processor = SoundProcessor::from_id (c.get ());
+		_cinema_sound_processor = CinemaSoundProcessor::from_id (c.get ());
+	}
+	c = f.optional_string_child ("CinemaSoundProcessor");
+	if (c) {
+		_cinema_sound_processor = CinemaSoundProcessor::from_id (c.get ());
 	}
 
 	_language = f.optional_string_child ("Language");
 
 	c = f.optional_string_child ("DefaultScale");
 	if (c) {
-		_default_scale = Ratio::from_id (c.get ());
+		_default_scale = VideoContentScale::from_id (c.get ());
 	}
 
 	c = f.optional_string_child ("DefaultContainer");
@@ -180,7 +190,7 @@ Config::read ()
 		/* Loading version 0 (before Rec. 709 was added as a preset).
 		   Add it in.
 		*/
-		_colour_conversions.push_back (PresetColourConversion (_("Rec. 709"), 2.2, false, libdcp::colour_matrix::rec709_to_xyz, 2.6));
+		_colour_conversions.push_back (PresetColourConversion (_("Rec. 709"), 2.2, false, dcp::colour_matrix::rec709_to_xyz, 2.6));
 	}
 
 	list<cxml::NodePtr> cin = f.node_children ("Cinema");
@@ -214,68 +224,45 @@ Config::read ()
 	for (list<cxml::NodePtr>::const_iterator i = his.begin(); i != his.end(); ++i) {
 		_history.push_back ((*i)->content ());
 	}
-}
-
-void
-Config::read_old_metadata ()
-{
-	/* XXX: this won't work with non-Latin filenames */
-	ifstream f (file(true).string().c_str ());
-	string line;
 
-	while (getline (f, line)) {
-		if (line.empty ()) {
-			continue;
+	cxml::NodePtr signer = f.optional_node_child ("Signer");
+	dcp::CertificateChain signer_chain;
+	if (signer) {
+		/* Read the signing certificates and private key in from the config file */
+		list<cxml::NodePtr> certificates = signer->node_children ("Certificate");
+		for (list<cxml::NodePtr>::const_iterator i = certificates.begin(); i != certificates.end(); ++i) {
+			signer_chain.add (dcp::Certificate ((*i)->content ()));
 		}
 
-		if (line[0] == '#') {
-			continue;
-		}
+		_signer.reset (new dcp::Signer (signer_chain, signer->string_child ("PrivateKey")));
+	} else {
+		/* Make a new set of signing certificates and key */
+		_signer.reset (new dcp::Signer (openssl_path ()));
+	}
 
-		size_t const s = line.find (' ');
-		if (s == string::npos) {
-			continue;
-		}
-		
-		string const k = line.substr (0, s);
-		string const v = line.substr (s + 1);
-
-		if (k == N_("num_local_encoding_threads")) {
-			_num_local_encoding_threads = atoi (v.c_str ());
-		} else if (k == N_("default_directory")) {
-			_default_directory = v;
-		} else if (k == N_("server_port")) {
-			_server_port_base = atoi (v.c_str ());
-		} else if (k == N_("server")) {
-			vector<string> b;
-			split (b, v, is_any_of (" "));
-			if (b.size() == 2) {
-				_servers.push_back (b[0]);
-			}
-		} else if (k == N_("tms_ip")) {
-			_tms_ip = v;
-		} else if (k == N_("tms_path")) {
-			_tms_path = v;
-		} else if (k == N_("tms_user")) {
-			_tms_user = v;
-		} else if (k == N_("tms_password")) {
-			_tms_password = v;
-		} else if (k == N_("sound_processor")) {
-			_sound_processor = SoundProcessor::from_id (v);
-		} else if (k == "language") {
-			_language = v;
-		} else if (k == "default_container") {
-			_default_container = Ratio::from_id (v);
-		} else if (k == "default_dcp_content_type") {
-			_default_dcp_content_type = DCPContentType::from_isdcf_name (v);
-		} else if (k == "dcp_metadata_issuer") {
-			_dcp_issuer = v;
-		}
+	if (f.optional_string_child ("DecryptionCertificate")) {
+		_decryption_certificate = dcp::Certificate (f.string_child ("DecryptionCertificate"));
+	}
 
-		_default_isdcf_metadata.read_old_metadata (k, v);
+	if (f.optional_string_child ("DecryptionPrivateKey")) {
+		_decryption_private_key = f.string_child ("DecryptionPrivateKey");
+	}
+
+	if (!f.optional_string_child ("DecryptionCertificate") || !f.optional_string_child ("DecryptionPrivateKey")) {
+		/* Generate our own decryption certificate and key if either is not present in config */
+		make_decryption_keys ();
 	}
 }
 
+void
+Config::make_decryption_keys ()
+{
+	boost::filesystem::path p = dcp::make_certificate_chain (openssl_path ());
+	_decryption_certificate = dcp::Certificate (dcp::file_to_string (p / "leaf.signed.pem"));
+	_decryption_private_key = dcp::file_to_string (p / "leaf.key");
+	boost::filesystem::remove_all (p);
+}
+
 /** @return Filename to write configuration to */
 boost::filesystem::path
 Config::file (bool old) const
@@ -294,17 +281,6 @@ Config::file (bool old) const
 	return p;
 }
 
-boost::filesystem::path
-Config::signer_chain_directory () const
-{
-	boost::filesystem::path p;
-	p /= g_get_user_config_dir ();
-	p /= "dcpomatic";
-	p /= "crypt";
-	boost::filesystem::create_directories (p);
-	return p;
-}
-
 /** @return Singleton instance */
 Config *
 Config::instance ()
@@ -347,15 +323,13 @@ Config::write () const
 	root->add_child("TMSPath")->add_child_text (_tms_path);
 	root->add_child("TMSUser")->add_child_text (_tms_user);
 	root->add_child("TMSPassword")->add_child_text (_tms_password);
-	if (_sound_processor) {
-		root->add_child("SoundProcessor")->add_child_text (_sound_processor->id ());
+	if (_cinema_sound_processor) {
+		root->add_child("CinemaSoundProcessor")->add_child_text (_cinema_sound_processor->id ());
 	}
 	if (_language) {
 		root->add_child("Language")->add_child_text (_language.get());
 	}
-	if (_default_scale) {
-		root->add_child("DefaultScale")->add_child_text (_default_scale->id ());
-	}
+	root->add_child("DefaultScale")->add_child_text (_default_scale.id ());
 	if (_default_container) {
 		root->add_child("DefaultContainer")->add_child_text (_default_container->id ());
 	}
@@ -394,6 +368,16 @@ Config::write () const
 	root->add_child("AllowAnyDCPFrameRate")->add_child_text (_allow_any_dcp_frame_rate ? "1" : "0");
 	root->add_child("LogTypes")->add_child_text (raw_convert<string> (_log_types));
 
+	xmlpp::Element* signer = root->add_child ("Signer");
+	dcp::CertificateChain::List certs = _signer->certificates().root_to_leaf ();
+	for (dcp::CertificateChain::List::const_iterator i = certs.begin(); i != certs.end(); ++i) {
+		signer->add_child("Certificate")->add_child_text (i->certificate (true));
+	}
+	signer->add_child("PrivateKey")->add_child_text (_signer->key ());
+
+	root->add_child("DecryptionCertificate")->add_child_text (_decryption_certificate.certificate (true));
+	root->add_child("DecryptionPrivateKey")->add_child_text (_decryption_private_key);
+
 	for (vector<boost::filesystem::path>::const_iterator i = _history.begin(); i != _history.end(); ++i) {
 		root->add_child("History")->add_child_text (i->string ());
 	}