*/
+#include "config.h"
#include "dkdm_recipient.h"
#include "film.h"
#include "kdm_with_metadata.h"
dcp::LocalTime const begin(valid_from, dcp::UTCOffset(recipient->utc_offset_hour, recipient->utc_offset_minute));
dcp::LocalTime const end (valid_to, dcp::UTCOffset(recipient->utc_offset_hour, recipient->utc_offset_minute));
- auto const kdm = film->make_kdm (
- recipient->recipient.get(),
- vector<string>(),
- cpl,
- begin,
- end,
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true,
- 0
- );
+ auto signer = Config::instance()->signer_chain();
+ if (!signer->valid()) {
+ throw InvalidSignerError();
+ }
+
+ auto const decrypted_kdm = film->make_kdm(cpl, begin, end);
+ auto const kdm = decrypted_kdm.encrypt(signer, recipient->recipient.get(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
dcp::NameFormat::Map name_values;
name_values['f'] = kdm.content_title_text();
}
-/** @param recipient KDM recipient certificate.
- * @param trusted_devices Certificate thumbprints of other trusted devices (can be empty).
- * @param cpl_file CPL filename.
+/* @param cpl_file CPL filename.
* @param from KDM from time expressed as a local time with an offset from UTC.
* @param until KDM to time expressed as a local time with an offset from UTC.
- * @param formulation KDM formulation to use.
- * @param disable_forensic_marking_picture true to disable forensic marking of picture.
- * @param disable_forensic_marking_audio if not set, don't disable forensic marking of audio. If set to 0,
- * disable all forensic marking; if set above 0, disable forensic marking above that channel.
*/
-dcp::EncryptedKDM
-Film::make_kdm (
- dcp::Certificate recipient,
- vector<string> trusted_devices,
- boost::filesystem::path cpl_file,
- dcp::LocalTime from,
- dcp::LocalTime until,
- dcp::Formulation formulation,
- bool disable_forensic_marking_picture,
- optional<int> disable_forensic_marking_audio
- ) const
+dcp::DecryptedKDM
+Film::make_kdm(boost::filesystem::path cpl_file, dcp::LocalTime from, dcp::LocalTime until) const
{
if (!_encrypted) {
throw runtime_error (_("Cannot make a KDM as this project is not encrypted."));
}
auto cpl = make_shared<dcp::CPL>(cpl_file);
- auto signer = Config::instance()->signer_chain();
- if (!signer->valid ()) {
- throw InvalidSignerError ();
- }
/* Find keys that have been added to imported, encrypted DCP content */
list<dcp::DecryptedKDMKey> imported_keys;
return dcp::DecryptedKDM (
cpl->id(), keys, from, until, cpl->content_title_text(), cpl->content_title_text(), dcp::LocalTime().as_string()
- ).encrypt (signer, recipient, trusted_devices, formulation, disable_forensic_marking_picture, disable_forensic_marking_audio);
+ );
}
FrameRateChange active_frame_rate_change (dcpomatic::DCPTime) const;
std::pair<double, double> speed_up_range (int dcp_frame_rate) const;
- dcp::EncryptedKDM make_kdm (
- dcp::Certificate recipient,
- std::vector<std::string> trusted_devices,
- boost::filesystem::path cpl_file,
- dcp::LocalTime from,
- dcp::LocalTime until,
- dcp::Formulation formulation,
- bool disable_forensic_marking_picture,
- boost::optional<int> disable_forensic_marking_audio
- ) const;
+ dcp::DecryptedKDM make_kdm(boost::filesystem::path cpl_file, dcp::LocalTime from, dcp::LocalTime until) const;
int state_version () const {
return _state_version;
#include "cinema.h"
+#include "config.h"
#include "film.h"
#include "kdm_util.h"
#include "kdm_with_metadata.h"
period_checks.push_back(check_kdm_and_certificate_validity_periods(screen->recipient.get(), begin, end));
- auto const kdm = film->make_kdm (
- screen->recipient.get(),
- screen->trusted_device_thumbprints(),
- cpl,
- begin,
- end,
- formulation,
- disable_forensic_marking_picture,
- disable_forensic_marking_audio
- );
+ auto signer = Config::instance()->signer_chain();
+ if (!signer->valid()) {
+ throw InvalidSignerError();
+ }
+
+ auto const decrypted_kdm = film->make_kdm(cpl, begin, end);
+ auto kdm = decrypted_kdm.encrypt(signer, screen->recipient.get(), screen->trusted_device_thumbprints(), formulation, disable_forensic_marking_picture, disable_forensic_marking_audio);
dcp::NameFormat::Map name_values;
if (cinema) {
dcp::LocalTime to (Config::instance()->signer_chain()->leaf().not_after());
to.add_days (-1);
- optional<dcp::EncryptedKDM> kdm;
- try {
- kdm = _film->make_kdm (
- Config::instance()->decryption_chain()->leaf(),
- vector<string>(),
- dialog.cpl(),
- from, to,
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true,
- 0
- );
- } catch (dcp::NotEncryptedError& e) {
- error_dialog (this, _("CPL's content is not encrypted."));
- } catch (exception& e) {
- error_dialog (this, e.what ());
- } catch (...) {
- error_dialog (this, _("An unknown exception occurred."));
+ auto signer = Config::instance()->signer_chain();
+ if (!signer->valid()) {
+ error_dialog(this, _("The certificate chain for signing is invalid"));
+ return;
}
- if (kdm) {
+ optional<dcp::EncryptedKDM> kdm;
+ try {
+ auto const decrypted_kdm = _film->make_kdm(dialog.cpl(), from, to);
+ auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
if (dialog.internal()) {
auto dkdms = Config::instance()->dkdms();
- dkdms->add (make_shared<DKDM>(kdm.get()));
+ dkdms->add(make_shared<DKDM>(kdm));
Config::instance()->changed ();
} else {
auto path = dialog.directory() / (_film->dcp_name(false) + "_DKDM.xml");
- kdm->as_xml (path);
+ kdm.as_xml(path);
}
+ } catch (dcp::NotEncryptedError& e) {
+ error_dialog (this, _("CPL's content is not encrypted."));
+ } catch (exception& e) {
+ error_dialog (this, e.what ());
+ } catch (...) {
+ error_dialog (this, _("An unknown exception occurred."));
}
}
BOOST_REQUIRE (!mxf_atmos_files_same(ref, dcp_file(film, "atmos")));
- auto kdm = film->make_kdm (
- Config::instance()->decryption_chain()->leaf(),
- vector<string>(),
- dcp_file(film, "cpl"),
- dcp::LocalTime(),
- dcp::LocalTime(),
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- false,
- optional<int>()
- );
+ auto signer = Config::instance()->signer_chain();
+ BOOST_REQUIRE(signer->valid());
+
+ auto const decrypted_kdm = film->make_kdm(dcp_file(film, "cpl"), dcp::LocalTime(), dcp::LocalTime());
+ auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, false, {});
auto content2 = make_shared<DCPContent>(film->dir(film->dcp_name()));
content2->add_kdm (kdm);
dcp::DCP encrypted_dcp (encrypted->dir(encrypted->dcp_name()));
encrypted_dcp.read ();
- auto kdm = encrypted->make_kdm (
- Config::instance()->decryption_chain()->leaf(),
- vector<string>(),
- encrypted_dcp.cpls().front()->file().get(),
- dcp::LocalTime ("2030-07-21T00:00:00+00:00"),
- dcp::LocalTime ("2031-07-21T00:00:00+00:00"),
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true, 0
- );
+ auto signer = Config::instance()->signer_chain();
+ BOOST_REQUIRE(signer->valid());
+ auto const decrypted_kdm = encrypted->make_kdm(encrypted_dcp.cpls().front()->file().get(), dcp::LocalTime ("2030-07-21T00:00:00+00:00"), dcp::LocalTime ("2031-07-21T00:00:00+00:00"));
+ auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
/* Add just the OV to a new project, move it around a bit and check that
the _reels get reused.
auto ov_cpl = find_cpl.cpls()[0]->file();
BOOST_REQUIRE (static_cast<bool>(ov_cpl));
- auto kdm = ov->make_kdm (
- Config::instance()->decryption_chain()->leaf(),
- {},
- ov_cpl.get(),
- dcp::LocalTime(), dcp::LocalTime(),
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true,
- 0
- );
+ auto signer = Config::instance()->signer_chain();
+ BOOST_REQUIRE(signer->valid());
+
+ auto decrypted_kdm = ov->make_kdm(ov_cpl.get(), dcp::LocalTime(), dcp::LocalTime());
+ auto kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
auto ov_dcp = make_shared<DCPContent>(ov->dir(ov->dcp_name()));
ov_dcp->add_kdm (kdm);
auto cpl = dcp.cpls()[0];
BOOST_REQUIRE (cpl->file());
- auto kdm = film->make_kdm (
- Config::instance()->decryption_chain()->leaf(),
- {},
- *cpl->file(),
- dcp::LocalTime(),
- dcp::LocalTime(),
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true,
- 0
- );
+ auto signer = Config::instance()->signer_chain();
+ BOOST_REQUIRE(signer->valid());
+
+ auto const decrypted_kdm = film->make_kdm(*cpl->file(), dcp::LocalTime(), dcp::LocalTime());
+ auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
auto dcp_content = make_shared<DCPContent>(film->dir(film->dcp_name()));
dcp_content->add_kdm (kdm);
Config::instance()->set_decryption_chain (make_shared<dcp::CertificateChain>(openssl_path(), CERTIFICATE_VALIDITY_PERIOD));
- auto kdm = A->make_kdm (
- Config::instance()->decryption_chain()->leaf (),
- vector<string>(),
- A_dcp.cpls().front()->file().get(),
- dcp::LocalTime ("2030-07-21T00:00:00+00:00"),
- dcp::LocalTime ("2031-07-21T00:00:00+00:00"),
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true, 0
- );
+ auto signer = Config::instance()->signer_chain();
+ BOOST_REQUIRE(signer->valid());
+
+ auto const decrypted_kdm = A->make_kdm(A_dcp.cpls().front()->file().get(), dcp::LocalTime ("2030-07-21T00:00:00+00:00"), dcp::LocalTime ("2031-07-21T00:00:00+00:00"));
+ auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
auto B = new_test_film ("import_dcp_test2");
B->set_container (Ratio::from_id ("185"));
}
BOOST_REQUIRE(cpl);
+ auto signer = Config::instance()->signer_chain();
+ BOOST_REQUIRE(signer->valid());
+
/* Make a DKDM */
- auto kdm = film->make_kdm (
- Config::instance()->decryption_chain()->leaf(),
- vector<string>(),
- *cpl,
- dcp::LocalTime ("2030-01-01T01:00:00+00:00"),
- dcp::LocalTime ("2031-01-01T01:00:00+00:00"),
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true,
- 0
- );
+ auto const decrypted_kdm = film->make_kdm(*cpl, dcp::LocalTime ("2030-01-01T01:00:00+00:00"), dcp::LocalTime ("2031-01-01T01:00:00+00:00"));
+ auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
/* Import the DCP into a new film */
auto dcp_content = make_shared<DCPContent>(film->dir(film->dcp_name()));
Config::instance()->set_decryption_chain (make_shared<dcp::CertificateChain>(openssl_path(), CERTIFICATE_VALIDITY_PERIOD));
- auto A_kdm = A->make_kdm (
- Config::instance()->decryption_chain()->leaf(),
- vector<string>(),
- A_dcp.cpls().front()->file().get(),
- dcp::LocalTime("2030-07-21T00:00:00+00:00"),
- dcp::LocalTime("2031-07-21T00:00:00+00:00"),
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true, 0
- );
+ auto signer = Config::instance()->signer_chain();
+ BOOST_REQUIRE(signer->valid());
+
+ auto const A_decrypted_kdm = A->make_kdm(A_dcp.cpls().front()->file().get(), dcp::LocalTime("2030-07-21T00:00:00+00:00"), dcp::LocalTime("2031-07-21T00:00:00+00:00"));
+ auto const A_kdm = A_decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
/* Import A into a new project, with the required KDM, and make a VF that refers to it */
dcp::DCP B_dcp ("build/test/vf_kdm_test_vf/" + B->dcp_name());
B_dcp.read ();
- auto B_kdm = B->make_kdm (
- Config::instance()->decryption_chain()->leaf (),
- vector<string>(),
- B_dcp.cpls().front()->file().get(),
- dcp::LocalTime ("2030-07-21T00:00:00+00:00"),
- dcp::LocalTime ("2031-07-21T00:00:00+00:00"),
- dcp::Formulation::MODIFIED_TRANSITIONAL_1,
- true, 0
- );
+ auto const B_decrypted_kdm = B->make_kdm(B_dcp.cpls().front()->file().get(), dcp::LocalTime ("2030-07-21T00:00:00+00:00"), dcp::LocalTime ("2031-07-21T00:00:00+00:00"));
+ auto const B_kdm = B_decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
/* Import the OV and VF into a new project with the KDM that was created for the VF.
This KDM should decrypt assets from the OV too.