#include <glib.h>
#include <boost/filesystem.hpp>
#include <boost/algorithm/string.hpp>
-#include <libdcp/colour_matrix.h>
-#include <libdcp/raw_convert.h>
+#include <dcp/colour_matrix.h>
+#include <dcp/raw_convert.h>
+#include <dcp/signer.h>
+#include <dcp/certificate_chain.h>
#include <libcxml/cxml.h>
#include "config.h"
#include "server.h"
#include "filter.h"
#include "ratio.h"
#include "dcp_content_type.h"
-#include "sound_processor.h"
+#include "cinema_sound_processor.h"
#include "colour_conversion.h"
#include "cinema.h"
#include "util.h"
+#include "cross.h"
#include "i18n.h"
using boost::optional;
using boost::algorithm::is_any_of;
using boost::algorithm::split;
-using libdcp::raw_convert;
+using dcp::raw_convert;
Config* Config::_instance = 0;
, _server_port_base (6192)
, _use_any_servers (true)
, _tms_path (".")
- , _sound_processor (SoundProcessor::from_id (N_("dolby_cp750")))
+ , _cinema_sound_processor (CinemaSoundProcessor::from_id (N_("dolby_cp750")))
, _allow_any_dcp_frame_rate (false)
, _default_still_length (10)
, _default_scale (Ratio::from_id ("185"))
_allowed_dcp_frame_rates.push_back (50);
_allowed_dcp_frame_rates.push_back (60);
- _colour_conversions.push_back (PresetColourConversion (_("sRGB"), 2.4, true, libdcp::colour_matrix::srgb_to_xyz, 2.6));
- _colour_conversions.push_back (PresetColourConversion (_("sRGB non-linearised"), 2.4, false, libdcp::colour_matrix::srgb_to_xyz, 2.6));
- _colour_conversions.push_back (PresetColourConversion (_("Rec. 709"), 2.2, false, libdcp::colour_matrix::rec709_to_xyz, 2.6));
+ _colour_conversions.push_back (PresetColourConversion (_("sRGB"), 2.4, true, dcp::colour_matrix::srgb_to_xyz, 2.6));
+ _colour_conversions.push_back (PresetColourConversion (_("sRGB non-linearised"), 2.4, false, dcp::colour_matrix::srgb_to_xyz, 2.6));
+ _colour_conversions.push_back (PresetColourConversion (_("Rec. 709"), 2.2, false, dcp::colour_matrix::rec709_to_xyz, 2.6));
reset_kdm_email ();
}
Config::read ()
{
if (!boost::filesystem::exists (file (false))) {
- read_old_metadata ();
+ /* Make a new set of signing certificates and key */
+ _signer.reset (new dcp::Signer (openssl_path ()));
+ /* And decryption keys */
+ make_decryption_keys ();
return;
}
c = f.optional_string_child ("SoundProcessor");
if (c) {
- _sound_processor = SoundProcessor::from_id (c.get ());
+ _cinema_sound_processor = CinemaSoundProcessor::from_id (c.get ());
+ }
+ c = f.optional_string_child ("CinemaSoundProcessor");
+ if (c) {
+ _cinema_sound_processor = CinemaSoundProcessor::from_id (c.get ());
}
_language = f.optional_string_child ("Language");
/* Loading version 0 (before Rec. 709 was added as a preset).
Add it in.
*/
- _colour_conversions.push_back (PresetColourConversion (_("Rec. 709"), 2.2, false, libdcp::colour_matrix::rec709_to_xyz, 2.6));
+ _colour_conversions.push_back (PresetColourConversion (_("Rec. 709"), 2.2, false, dcp::colour_matrix::rec709_to_xyz, 2.6));
}
list<cxml::NodePtr> cin = f.node_children ("Cinema");
for (list<cxml::NodePtr>::const_iterator i = his.begin(); i != his.end(); ++i) {
_history.push_back ((*i)->content ());
}
-}
-void
-Config::read_old_metadata ()
-{
- /* XXX: this won't work with non-Latin filenames */
- ifstream f (file(true).string().c_str ());
- string line;
-
- while (getline (f, line)) {
- if (line.empty ()) {
- continue;
+ cxml::NodePtr signer = f.optional_node_child ("Signer");
+ dcp::CertificateChain signer_chain;
+ if (signer) {
+ /* Read the signing certificates and private key in from the config file */
+ list<cxml::NodePtr> certificates = signer->node_children ("Certificate");
+ for (list<cxml::NodePtr>::const_iterator i = certificates.begin(); i != certificates.end(); ++i) {
+ signer_chain.add (dcp::Certificate ((*i)->content ()));
}
- if (line[0] == '#') {
- continue;
- }
+ _signer.reset (new dcp::Signer (signer_chain, signer->string_child ("PrivateKey")));
+ } else {
+ /* Make a new set of signing certificates and key */
+ _signer.reset (new dcp::Signer (openssl_path ()));
+ }
- size_t const s = line.find (' ');
- if (s == string::npos) {
- continue;
- }
-
- string const k = line.substr (0, s);
- string const v = line.substr (s + 1);
-
- if (k == N_("num_local_encoding_threads")) {
- _num_local_encoding_threads = atoi (v.c_str ());
- } else if (k == N_("default_directory")) {
- _default_directory = v;
- } else if (k == N_("server_port")) {
- _server_port_base = atoi (v.c_str ());
- } else if (k == N_("server")) {
- vector<string> b;
- split (b, v, is_any_of (" "));
- if (b.size() == 2) {
- _servers.push_back (b[0]);
- }
- } else if (k == N_("tms_ip")) {
- _tms_ip = v;
- } else if (k == N_("tms_path")) {
- _tms_path = v;
- } else if (k == N_("tms_user")) {
- _tms_user = v;
- } else if (k == N_("tms_password")) {
- _tms_password = v;
- } else if (k == N_("sound_processor")) {
- _sound_processor = SoundProcessor::from_id (v);
- } else if (k == "language") {
- _language = v;
- } else if (k == "default_container") {
- _default_container = Ratio::from_id (v);
- } else if (k == "default_dcp_content_type") {
- _default_dcp_content_type = DCPContentType::from_isdcf_name (v);
- } else if (k == "dcp_metadata_issuer") {
- _dcp_issuer = v;
- }
+ if (f.optional_string_child ("DecryptionCertificate")) {
+ _decryption_certificate = dcp::Certificate (f.string_child ("DecryptionCertificate"));
+ }
+
+ if (f.optional_string_child ("DecryptionPrivateKey")) {
+ _decryption_private_key = f.string_child ("DecryptionPrivateKey");
+ }
- _default_isdcf_metadata.read_old_metadata (k, v);
+ if (!f.optional_string_child ("DecryptionCertificate") || !f.optional_string_child ("DecryptionPrivateKey")) {
+ /* Generate our own decryption certificate and key if either is not present in config */
+ make_decryption_keys ();
}
}
+void
+Config::make_decryption_keys ()
+{
+ boost::filesystem::path p = dcp::make_certificate_chain (openssl_path ());
+ _decryption_certificate = dcp::Certificate (dcp::file_to_string (p / "leaf.signed.pem"));
+ _decryption_private_key = dcp::file_to_string (p / "leaf.key");
+ boost::filesystem::remove_all (p);
+}
+
/** @return Filename to write configuration to */
boost::filesystem::path
Config::file (bool old) const
return p;
}
-boost::filesystem::path
-Config::signer_chain_directory () const
-{
- boost::filesystem::path p;
- p /= g_get_user_config_dir ();
- p /= "dcpomatic";
- p /= "crypt";
- boost::filesystem::create_directories (p);
- return p;
-}
-
/** @return Singleton instance */
Config *
Config::instance ()
root->add_child("TMSPath")->add_child_text (_tms_path);
root->add_child("TMSUser")->add_child_text (_tms_user);
root->add_child("TMSPassword")->add_child_text (_tms_password);
- if (_sound_processor) {
- root->add_child("SoundProcessor")->add_child_text (_sound_processor->id ());
+ if (_cinema_sound_processor) {
+ root->add_child("CinemaSoundProcessor")->add_child_text (_cinema_sound_processor->id ());
}
if (_language) {
root->add_child("Language")->add_child_text (_language.get());
root->add_child("AllowAnyDCPFrameRate")->add_child_text (_allow_any_dcp_frame_rate ? "1" : "0");
root->add_child("LogTypes")->add_child_text (raw_convert<string> (_log_types));
+ xmlpp::Element* signer = root->add_child ("Signer");
+ dcp::CertificateChain::List certs = _signer->certificates().root_to_leaf ();
+ for (dcp::CertificateChain::List::const_iterator i = certs.begin(); i != certs.end(); ++i) {
+ signer->add_child("Certificate")->add_child_text (i->certificate (true));
+ }
+ signer->add_child("PrivateKey")->add_child_text (_signer->key ());
+
+ root->add_child("DecryptionCertificate")->add_child_text (_decryption_certificate.certificate (true));
+ root->add_child("DecryptionPrivateKey")->add_child_text (_decryption_private_key);
+
for (vector<boost::filesystem::path>::const_iterator i = _history.begin(); i != _history.end(); ++i) {
root->add_child("History")->add_child_text (i->string ());
}