+ /* Decrypt the DKDM */
+ dcp::EncryptedKDM encrypted (dcp::file_to_string (wx_to_std (_dkdm->GetPath())));
+ dcp::DecryptedKDM decrypted (encrypted, Config::instance()->decryption_chain()->key().get());
+
+ /* This is the signer for our new KDMs */
+ shared_ptr<const dcp::CertificateChain> signer = Config::instance()->signer_chain ();
+ if (!signer->valid ()) {
+ throw InvalidSignerError ();
+ }
+
+ list<ScreenKDM> screen_kdms;
+ BOOST_FOREACH (shared_ptr<Screen> i, _screens->screens()) {
+
+ if (!i->certificate) {
+ continue;
+ }
+
+ /* Make an empty KDM */
+ dcp::DecryptedKDM kdm (
+ _timing->from(), _timing->until(), decrypted.annotation_text(), decrypted.content_title_text(), dcp::LocalTime().as_string()
+ );
+
+ /* Add keys from the DKDM */
+ BOOST_FOREACH (dcp::DecryptedKDMKey const & j, decrypted.keys()) {
+ kdm.add_key (j);
+ }
+
+ /* Encrypt */
+ screen_kdms.push_back (ScreenKDM (i, kdm.encrypt (signer, i->certificate.get(), _output->formulation())));
+ }
+