2 Copyright (C) 2012-2022 Carl Hetherington <cth@carlh.net>
4 This file is part of libdcp.
6 libdcp is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 libdcp is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with libdcp. If not, see <http://www.gnu.org/licenses/>.
21 /* If you are using an installed libdcp, these #includes would need to be changed to
22 #include <dcp/decrypted_kdm.h>
26 #include "certificate_chain.h"
27 #include "decrypted_kdm.h"
28 #include "encrypted_kdm.h"
33 constexpr char recipient_certificate[] = "-----BEGIN CERTIFICATE-----\n"
34 "MIIEaTCCA1GgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBhTEWMBQGA1UEChMNZGNw\n"
35 "b21hdGljLmNvbTEWMBQGA1UECxMNZGNwb21hdGljLmNvbTEsMCoGA1UEAxMjLmRj\n"
36 "cG9tYXRpYy5zbXB0ZS00MzAtMi5JTlRFUk1FRElBVEUxJTAjBgNVBC4THEJyRE1x\n"
37 "TjF4bytQcy9ZZTdLTmVhNzRHdlI5Yz0wHhcNMjIwOTIwMTk1MTQxWhcNMzIwOTIy\n"
38 "MTk1MTQxWjB/MRYwFAYDVQQKEw1kY3BvbWF0aWMuY29tMRYwFAYDVQQLEw1kY3Bv\n"
39 "bWF0aWMuY29tMSYwJAYDVQQDEx1DUy5kY3BvbWF0aWMuc21wdGUtNDMwLTIuTEVB\n"
40 "RjElMCMGA1UELhMcSmR4aEVZdURUR05RQlh2TFpsWEZReVVGSzdZPTCCASIwDQYJ\n"
41 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOWq+41uCQbcwQ8+Sh3kVUiG7b9SjU5k\n"
42 "L8my4IEW2ajjUSDff/a2AM7W+BBAzuAWXpZe2+x+/UdAKOIBLFuyWFKbKLMgh0i0\n"
43 "WuukOqeEdr+ZD09PgvHriEk9pXcYDhGxp3OmLVR7kmK0mn+SwLfNZ2LUGJSItGra\n"
44 "ciOPcJgbj/2jyqIkFOz6oZk4xPNdhhM1q41ledTQY/DjesoQqCVZv+lJlAOhc7Sy\n"
45 "vynk6WXF+PtRYjTqMFuHKAjZaNjKBFu60gYp3xVdmAyOmD/7DHFtum9HgTr0GM9l\n"
46 "NfBuU7tFjwl7uylB8/Eff2OLo1cSOH+O2uvzaat1ceYETlCLDeyneY8CAwEAAaOB\n"
47 "6DCB5TAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIFoDAdBgNVHQ4EFgQUJdxhEYuD\n"
48 "TGNQBXvLZlXFQyUFK7YwgagGA1UdIwSBoDCBnYAUBrDMqN1xo+Ps/Ye7KNea74Gv\n"
49 "R9ehgYGkfzB9MRYwFAYDVQQKEw1kY3BvbWF0aWMuY29tMRYwFAYDVQQLEw1kY3Bv\n"
50 "bWF0aWMuY29tMSQwIgYDVQQDExsuZGNwb21hdGljLnNtcHRlLTQzMC0yLlJPT1Qx\n"
51 "JTAjBgNVBC4THFc4YnBZTXkyVlF2WllDcGhOVWRqUVhLcGVNYz2CAQYwDQYJKoZI\n"
52 "hvcNAQELBQADggEBAHNocvxiWHwh0JKgf5cS1x7NHjnL9V5NSKRFH6qKZkSEWOdk\n"
53 "05+n99zxDzjh600DAAp8QIQ8FgC93TXsBg/owrKyZhVpDaRt5ZmUaLmmJUFBtEkJ\n"
54 "qmlXmZGu213zTCT1coMFNXiEImhUt/vd5JOmNsGydCyzEipr7vt8aDr/xCCJdcUo\n"
55 "y2Q5MfrD5wC4PgPBampSsbIu6IrTfx5kbrKIg/4X2VGFzyNDHz8N4+wfPGBuo4Ra\n"
56 "6YWAd58LUb1Wp7dP27HkQH74QRPvrVNOC4vcjnHnBtlWmFzGOi+1e4stWupL7IYd\n"
57 "Apivqyi9TqCUHkjLyuZPjEU30borxqrl918Z/Co=\n"
58 "-----END CERTIFICATE-----\n";
63 /* The parameter to this call specifies where resources can be found, i.e.
64 * the tags and schema directories.
66 dcp::init(boost::filesystem::path("."));
68 /* Make a KDM to hold one or more asset keys */
69 dcp::DecryptedKDM decrypted_kdm(
71 dcp::LocalTime("2023-01-20T09:30:00"),
73 dcp::LocalTime("2023-11-01T09:30:00"),
78 // issue date; using dcp::LocalTime() gives the time when the code is run
79 dcp::LocalTime().as_string()
82 /* Add a key which can decrypt an asset; you should do this for each encrypted asset
83 * that the KDM must unlock.
85 decrypted_kdm.add_key(
86 // key type (MDIK is for image MXFs)
89 "01234567-89ab-cdef-0123-456789abcdef",
91 dcp::Key("00112233445566778899aabbccddeeff"),
93 "fedcba98-7654-3210-fedc-ba9876543210",
94 // Standard for KDM (interop/SMPTE)
98 /* Make a certificate chain to sign the KDM */
99 auto signer = std::make_shared<dcp::CertificateChain>("/usr/bin/openssl", 365);
101 /* Certificate of the recipient projector/media block */
102 dcp::Certificate recipient(recipient_certificate);
104 /* Encrypt the KDM */
105 auto encrypted_kdm = decrypted_kdm.encrypt(
109 dcp::Formulation::MODIFIED_TRANSITIONAL_1,
114 /* Dump the XML to the console */
115 std::cout << encrypted_kdm.as_xml();