Give better errors when incorrect KDMs are used (#1326).
authorCarl Hetherington <cth@carlh.net>
Sat, 7 Jul 2018 18:35:42 +0000 (19:35 +0100)
committerCarl Hetherington <cth@carlh.net>
Sat, 7 Jul 2018 18:35:42 +0000 (19:35 +0100)
ChangeLog
src/lib/dcp.cc
src/lib/emailer.cc
src/lib/exceptions.cc
src/lib/exceptions.h
src/lib/job.cc
src/wx/content_menu.cc

index ddeac7e..eb7df83 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2018-07-07  Carl Hetherington  <cth@carlh.net>
+
+       * Give better errors when incorrect KDMs are used (#1326).
+
 2018-07-06  Carl Hetherington  <cth@carlh.net>
 
        * Add option to enable/disable KDM forensic marking.
index 7e6c66c..28e5c4f 100644 (file)
@@ -1,5 +1,5 @@
 /*
-    Copyright (C) 2014-2016 Carl Hetherington <cth@carlh.net>
+    Copyright (C) 2014-2018 Carl Hetherington <cth@carlh.net>
 
     This file is part of DCP-o-matic.
 
 #include "dcp_content.h"
 #include <dcp/dcp.h>
 #include <dcp/decrypted_kdm.h>
+#include <dcp/exceptions.h>
 #include <boost/foreach.hpp>
 
+#include "i18n.h"
+
 using std::list;
+using std::string;
 using boost::shared_ptr;
 
 /** Find all the CPLs in our directories, cross-add assets and return the CPLs */
@@ -54,7 +58,24 @@ DCP::cpls () const
 
        if (_dcp_content->kdm ()) {
                BOOST_FOREACH (shared_ptr<dcp::DCP> i, dcps) {
-                       i->add (dcp::DecryptedKDM (_dcp_content->kdm().get(), Config::instance()->decryption_chain()->key().get ()));
+                       try {
+                               i->add (dcp::DecryptedKDM (_dcp_content->kdm().get(), Config::instance()->decryption_chain()->key().get ()));
+                       } catch (dcp::KDMDecryptionError& e) {
+                               /* Flesh out the error a bit */
+                               string const kdm_subject_name = _dcp_content->kdm()->recipient_x509_subject_name();
+                               bool on_chain = false;
+                               shared_ptr<const dcp::CertificateChain> dc = Config::instance()->decryption_chain();
+                               BOOST_FOREACH (dcp::Certificate i, dc->root_to_leaf()) {
+                                       if (i.subject() == kdm_subject_name) {
+                                               on_chain = true;
+                                       }
+                               }
+                               if (!on_chain) {
+                                       throw KDMError (_("KDM was not made for DCP-o-matic's decryption certificate."), e.what());
+                               } else if (on_chain && kdm_subject_name != dc->leaf().subject()) {
+                                       throw KDMError (_("KDM was made for DCP-o-matic but not for its leaf certificate."), e.what());
+                               }
+                       }
                }
        }
 
index 7edad20..57b06ed 100644 (file)
@@ -219,7 +219,7 @@ Emailer::send (string server, int port, string user, string password)
 
        CURLcode const r = curl_easy_perform (curl);
        if (r != CURLE_OK) {
-               throw KDMError (String::compose (_("Failed to send email (%1)"), curl_easy_strerror (r)));
+               throw KDMError (_("Failed to send email"), curl_easy_strerror (r));
        }
 
        curl_slist_free_all (recipients);
index 43a8f3b..481d2e8 100644 (file)
@@ -89,4 +89,14 @@ ProgrammingError::ProgrammingError (string file, int line, string message)
 
 KDMAsContentError::KDMAsContentError ()
        : runtime_error (_("This file is a KDM.  KDMs should be added to DCP content by right-clicking the content and choosing \"Add KDM\"."))
-{}
+{
+
+}
+
+KDMError::KDMError (string s, string d)
+       : runtime_error (String::compose ("%1 (%2)", s, d))
+       , _summary (s)
+       , _detail (d)
+{
+
+}
index 5efb045..7220af3 100644 (file)
@@ -192,9 +192,19 @@ public:
 class KDMError : public std::runtime_error
 {
 public:
-       explicit KDMError (std::string s)
-               : std::runtime_error (s)
-       {}
+       KDMError (std::string s, std::string d);
+
+       std::string summary () const {
+               return _summary;
+       }
+
+       std::string detail () const {
+               return _detail;
+       }
+
+private:
+       std::string _summary;
+       std::string _detail;
 };
 
 /** @class PixelFormatError
index 65e2567..06416d1 100644 (file)
@@ -180,6 +180,12 @@ Job::run_wrapper ()
                set_progress (1);
                set_state (FINISHED_ERROR);
 
+       } catch (KDMError& e) {
+
+               set_error (e.summary(), e.detail());
+               set_progress (1);
+               set_state (FINISHED_ERROR);
+
        } catch (std::exception& e) {
 
                set_error (
index 2a91831..36187e0 100644 (file)
@@ -35,6 +35,7 @@
 #include "lib/dcp_examiner.h"
 #include "lib/ffmpeg_content.h"
 #include "lib/audio_content.h"
+#include "lib/config.h"
 #include <dcp/cpl.h>
 #include <dcp/exceptions.h>
 #include <wx/wx.h>
@@ -145,6 +146,8 @@ ContentMenu::popup (weak_ptr<Film> film, ContentList c, TimelineContentViewList
                                /* The DCP is probably missing */
                        } catch (dcp::KDMDecryptionError) {
                                /* We have an incorrect KDM */
+                       } catch (KDMError) {
+                               /* We have an incorrect KDM */
                        }
                } else {
                        _kdm->Enable (false);
@@ -377,7 +380,7 @@ ContentMenu::kdm ()
                try {
                        dcp->add_kdm (dcp::EncryptedKDM (dcp::file_to_string (wx_to_std (d->GetPath ()), MAX_KDM_SIZE)));
                } catch (exception& e) {
-                       error_dialog (_parent, wxString::Format (_("Could not load KDM.")), std_to_wx(e.what()));
+                       error_dialog (_parent, _("Could not load KDM"), std_to_wx(e.what()));
                        d->Destroy ();
                        return;
                }