+ {
+ wxStaticText* m = new wxStaticText (_panel, wxID_ANY, _("Signing DCPs and KDMs"));
+ m->SetFont (subheading_font);
+ _panel->GetSizer()->Add (m, 0, wxALL, _border);
+ }
+
+ wxBoxSizer* certificates_sizer = new wxBoxSizer (wxHORIZONTAL);
+ _panel->GetSizer()->Add (certificates_sizer, 0, wxLEFT | wxRIGHT, _border);
+
+ _certificates = new wxListCtrl (_panel, wxID_ANY, wxDefaultPosition, wxSize (400, 200), wxLC_REPORT | wxLC_SINGLE_SEL);
+
+ {
+ wxListItem ip;
+ ip.SetId (0);
+ ip.SetText (_("Type"));
+ ip.SetWidth (100);
+ _certificates->InsertColumn (0, ip);
+ }
+
+ {
+ wxListItem ip;
+ ip.SetId (1);
+ ip.SetText (_("Thumbprint"));
+ ip.SetWidth (300);
+
+ wxFont font = ip.GetFont ();
+ font.SetFamily (wxFONTFAMILY_TELETYPE);
+ ip.SetFont (font);
+
+ _certificates->InsertColumn (1, ip);
+ }
+
+ certificates_sizer->Add (_certificates, 1, wxEXPAND);
+
+ {
+ wxSizer* s = new wxBoxSizer (wxVERTICAL);
+ _add_certificate = new wxButton (_panel, wxID_ANY, _("Add..."));
+ s->Add (_add_certificate, 0, wxTOP | wxBOTTOM, DCPOMATIC_BUTTON_STACK_GAP);
+ _remove_certificate = new wxButton (_panel, wxID_ANY, _("Remove"));
+ s->Add (_remove_certificate, 0, wxTOP | wxBOTTOM, DCPOMATIC_BUTTON_STACK_GAP);
+ certificates_sizer->Add (s, 0, wxLEFT, DCPOMATIC_SIZER_X_GAP);
+ }
+
+ wxGridBagSizer* table = new wxGridBagSizer (DCPOMATIC_SIZER_X_GAP, DCPOMATIC_SIZER_Y_GAP);
+ _panel->GetSizer()->Add (table, 1, wxALL | wxEXPAND, _border);
+
+ int r = 0;
+
+ add_label_to_grid_bag_sizer (table, _panel, _("Leaf private key"), true, wxGBPosition (r, 0));
+ _signer_private_key = new wxStaticText (_panel, wxID_ANY, wxT (""));
+ wxFont font = _signer_private_key->GetFont ();
+ font.SetFamily (wxFONTFAMILY_TELETYPE);
+ _signer_private_key->SetFont (font);
+ table->Add (_signer_private_key, wxGBPosition (r, 1), wxDefaultSpan, wxALIGN_CENTER_VERTICAL);
+ _load_signer_private_key = new wxButton (_panel, wxID_ANY, _("Load..."));
+ table->Add (_load_signer_private_key, wxGBPosition (r, 2));
+ ++r;
+
+ _remake_certificates = new wxButton (_panel, wxID_ANY, _("Re-make certificates and key..."));
+ table->Add (_remake_certificates, wxGBPosition (r, 0), wxGBSpan (1, 3));
+ ++r;
+
+ {
+ wxStaticText* m = new wxStaticText (_panel, wxID_ANY, _("Decrypting DCPs"));
+ m->SetFont (subheading_font);
+ table->Add (m, wxGBPosition (r, 0), wxGBSpan (1, 3), wxTOP, _border * 1.5);
+ ++r;
+ }
+
+ add_label_to_grid_bag_sizer (table, _panel, _("Certificate"), true, wxGBPosition (r, 0));
+ _decryption_certificate = new wxStaticText (_panel, wxID_ANY, wxT (""));
+ _decryption_certificate->SetFont (font);
+ table->Add (_decryption_certificate, wxGBPosition (r, 1), wxDefaultSpan, wxALIGN_CENTER_VERTICAL);
+ _load_decryption_certificate = new wxButton (_panel, wxID_ANY, _("Load..."));
+ table->Add (_load_decryption_certificate, wxGBPosition (r, 2));
+ ++r;
+
+ add_label_to_grid_bag_sizer (table, _panel, _("Private key"), true, wxGBPosition (r, 0));
+ _decryption_private_key = new wxStaticText (_panel, wxID_ANY, wxT (""));
+ _decryption_private_key->SetFont (font);
+ table->Add (_decryption_private_key, wxGBPosition (r, 1), wxDefaultSpan, wxALIGN_CENTER_VERTICAL);
+ _load_decryption_private_key = new wxButton (_panel, wxID_ANY, _("Load..."));
+ table->Add (_load_decryption_private_key, wxGBPosition (r, 2));
+ ++r;
+
+ _export_decryption_certificate = new wxButton (_panel, wxID_ANY, _("Export DCP decryption certificate..."));
+ table->Add (_export_decryption_certificate, wxGBPosition (r, 0), wxGBSpan (1, 3));
+ ++r;
+
+ _add_certificate->Bind (wxEVT_COMMAND_BUTTON_CLICKED, boost::bind (&KeysPage::add_certificate, this));
+ _remove_certificate->Bind (wxEVT_COMMAND_BUTTON_CLICKED, boost::bind (&KeysPage::remove_certificate, this));
+ _certificates->Bind (wxEVT_COMMAND_LIST_ITEM_SELECTED, boost::bind (&KeysPage::update_sensitivity, this));
+ _certificates->Bind (wxEVT_COMMAND_LIST_ITEM_DESELECTED, boost::bind (&KeysPage::update_sensitivity, this));
+ _remake_certificates->Bind (wxEVT_COMMAND_BUTTON_CLICKED, boost::bind (&KeysPage::remake_certificates, this));
+ _load_signer_private_key->Bind (wxEVT_COMMAND_BUTTON_CLICKED, boost::bind (&KeysPage::load_signer_private_key, this));
+ _load_decryption_certificate->Bind (wxEVT_COMMAND_BUTTON_CLICKED, boost::bind (&KeysPage::load_decryption_certificate, this));
+ _load_decryption_private_key->Bind (wxEVT_COMMAND_BUTTON_CLICKED, boost::bind (&KeysPage::load_decryption_private_key, this));
+ _export_decryption_certificate->Bind (wxEVT_COMMAND_BUTTON_CLICKED, boost::bind (&KeysPage::export_decryption_certificate, this));
+ }
+
+ void config_changed ()
+ {
+ _signer.reset (new dcp::CertificateChain (*Config::instance()->signer().get ()));
+
+ update_certificate_list ();
+ update_signer_private_key ();
+ update_decryption_certificate ();
+ update_decryption_private_key ();
+ update_sensitivity ();
+ }
+
+ void add_certificate ()
+ {
+ wxFileDialog* d = new wxFileDialog (_panel, _("Select Certificate File"));
+
+ if (d->ShowModal() == wxID_OK) {
+ try {
+ dcp::Certificate c (dcp::file_to_string (wx_to_std (d->GetPath ())));
+ _signer->add (c);
+ Config::instance()->set_signer (_signer);
+ update_certificate_list ();
+ } catch (dcp::MiscError& e) {
+ error_dialog (_panel, wxString::Format (_("Could not read certificate file (%s)"), e.what ()));
+ }
+ }
+
+ d->Destroy ();
+
+ update_sensitivity ();
+ }
+
+ void remove_certificate ()
+ {
+ int i = _certificates->GetNextItem (-1, wxLIST_NEXT_ALL, wxLIST_STATE_SELECTED);
+ if (i == -1) {
+ return;
+ }
+
+ _certificates->DeleteItem (i);
+ _signer->remove (i);
+ Config::instance()->set_signer (_signer);
+
+ update_sensitivity ();
+ }
+
+ void update_certificate_list ()
+ {
+ _certificates->DeleteAllItems ();
+ dcp::CertificateChain::List certs = _signer->root_to_leaf ();
+ size_t n = 0;
+ for (dcp::CertificateChain::List::const_iterator i = certs.begin(); i != certs.end(); ++i) {
+ wxListItem item;
+ item.SetId (n);
+ _certificates->InsertItem (item);
+ _certificates->SetItem (n, 1, std_to_wx (i->thumbprint ()));
+
+ if (n == 0) {
+ _certificates->SetItem (n, 0, _("Root"));
+ } else if (n == (certs.size() - 1)) {
+ _certificates->SetItem (n, 0, _("Leaf"));
+ } else {
+ _certificates->SetItem (n, 0, _("Intermediate"));
+ }
+
+ ++n;
+ }
+ }
+
+ void remake_certificates ()
+ {
+ shared_ptr<const dcp::CertificateChain> chain = Config::instance()->signer();
+
+ string intermediate_common_name;
+ if (chain->root_to_leaf().size() >= 3) {
+ dcp::CertificateChain::List all = chain->root_to_leaf ();
+ dcp::CertificateChain::List::iterator i = all.begin ();
+ ++i;
+ intermediate_common_name = i->subject_common_name ();
+ }
+
+ MakeSignerChainDialog* d = new MakeSignerChainDialog (
+ _panel,
+ chain->root().subject_organization_name (),
+ chain->root().subject_organizational_unit_name (),
+ chain->root().subject_common_name (),
+ intermediate_common_name,
+ chain->leaf().subject_common_name ()