Use an enum class for Marker.

[libdcp.git] / src / decrypted_kdm.cc

diff --git a/src/decrypted_kdm.cc b/src/decrypted_kdm.cc
index 6147439ad2045cd94bb54d32729d25887c56893e..dd6def32d5d8d50152bcbc27dd8257fe930a6157 100644 (file)
--- a/src/decrypted_kdm.cc
+++ b/src/decrypted_kdm.cc
@@ -57,7 +57,7 @@ using std::setfill;
 using std::hex;
 using std::pair;
 using std::map;
-using boost::shared_ptr;
+using std::shared_ptr;
 using boost::optional;
 using namespace dcp;
 
@@ -153,7 +153,11 @@ DecryptedKDM::DecryptedKDM (EncryptedKDM const & kdm, string private_key)
                int const decrypted_len = RSA_private_decrypt (cipher_value_len, cipher_value, decrypted, rsa, RSA_PKCS1_OAEP_PADDING);
                if (decrypted_len == -1) {
                        delete[] decrypted;
+#if OPENSSL_VERSION_NUMBER > 0x10100000L
+                       throw KDMDecryptionError (ERR_error_string (ERR_get_error(), 0), cipher_value_len, RSA_bits(rsa));
+#else
                        throw KDMDecryptionError (ERR_error_string (ERR_get_error(), 0), cipher_value_len, rsa->n->dmax);
+#endif
                }
 
                unsigned char* p = decrypted;
@@ -267,10 +271,9 @@ DecryptedKDM::DecryptedKDM (
 {
        /* Create DecryptedKDMKey objects for each encryptable asset */
        bool did_one = false;
-       BOOST_FOREACH(shared_ptr<const ReelAsset> i, cpl->reel_assets ()) {
-               shared_ptr<const ReelMXF> mxf = boost::dynamic_pointer_cast<const ReelMXF> (i);
-               if (mxf && mxf->key_id ()) {
-                       add_key (mxf->key_type(), mxf->key_id().get(), key, cpl->id(), SMPTE);
+       BOOST_FOREACH(shared_ptr<const ReelMXF> i, cpl->reel_mxfs()) {
+               if (i->key_id()) {
+                       add_key (i->key_type(), i->key_id().get(), key, cpl->id(), SMPTE);
                        did_one = true;
                }
        }
@@ -299,11 +302,26 @@ DecryptedKDM::add_key (DecryptedKDMKey key)
 
 EncryptedKDM
 DecryptedKDM::encrypt (
-       shared_ptr<const CertificateChain> signer, Certificate recipient, vector<Certificate> trusted_devices, Formulation formulation
+       shared_ptr<const CertificateChain> signer,
+       Certificate recipient,
+       vector<string> trusted_devices,
+       Formulation formulation,
+       bool disable_forensic_marking_picture,
+       optional<int> disable_forensic_marking_audio
        ) const
 {
-       list<pair<string, string> > key_ids;
-       list<string> keys;
+       DCP_ASSERT (!_keys.empty ());
+
+       BOOST_FOREACH (dcp::Certificate i, signer->leaf_to_root()) {
+               if (day_greater_than_or_equal(dcp::LocalTime(i.not_before()), _not_valid_before)) {
+                       throw BadKDMDateError (true);
+               } else if (day_less_than_or_equal(dcp::LocalTime(i.not_after()), _not_valid_after)) {
+                       throw BadKDMDateError (false);
+               }
+       }
+
+       vector<pair<string, string>> key_ids;
+       vector<string> keys;
        BOOST_FOREACH (DecryptedKDMKey const & i, _keys) {
                /* We're making SMPTE keys so we must have a type for each one */
                DCP_ASSERT (i.type());
@@ -363,6 +381,8 @@ DecryptedKDM::encrypt (
                _not_valid_before,
                _not_valid_after,
                formulation,
+               disable_forensic_marking_picture,
+               disable_forensic_marking_audio,
                key_ids,
                keys
                );