/*
- Copyright (C) 2013-2014 Carl Hetherington <cth@carlh.net>
+ Copyright (C) 2013-2015 Carl Hetherington <cth@carlh.net>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
*/
+#ifndef LIBDCP_DECRYPTED_KDM_H
+#define LIBDCP_DECRYPTED_KDM_H
+
/** @file src/decrypted_kdm.h
* @brief DecryptedKDM class.
*/
#include "key.h"
#include "local_time.h"
#include "decrypted_kdm_key.h"
+#include "types.h"
+#include "certificate.h"
#include <boost/filesystem.hpp>
namespace dcp {
class DecryptedKDMKey;
class EncryptedKDM;
-class Signer;
-class Certificate;
+class CertificateChain;
class CPL;
/** @class DecryptedKDM
* has been created (by some other means) ready for encryption later.
*
* A DecryptedKDM object can be created either from an EncryptedKDM and private key file,
- * or from the details of the MXFs that the KDM should protect.
+ * or from the details of the assets that the KDM should protect.
*/
class DecryptedKDM
{
public:
/** @param kdm Encrypted KDM.
- * @param private_key Private key file name.
+ * @param private_key Private key as a PEM-format string.
*/
- DecryptedKDM (EncryptedKDM const & kdm, boost::filesystem::path private_key);
+ DecryptedKDM (EncryptedKDM const & kdm, std::string private_key);
- /** Construct a DecryptedKDM.
- * @param cpl CPL that the keys are for.
+ /** Create an empty DecryptedKDM. After creation you must call
+ * add_key() to add each key that you want in the KDM.
+ *
* @param not_valid_before Start time for the KDM.
* @param not_valid_after End time for the KDM.
*/
DecryptedKDM (
- boost::shared_ptr<const CPL> cpl,
LocalTime not_valid_before,
LocalTime not_valid_after,
std::string annotation_text,
std::string issue_date
);
- /** Add a key to this KDM.
- * @param type Key type (MDIK, MDAK etc.)
- * @param id Key id.
- * @param key the key itself (which has been used to encrypt a MXF).
+ /** Create a DecryptedKDM by taking a CPL and setting up to encrypt each of its
+ * assets with the same symmetric key.
+ *
+ * @param cpl CPL that the keys are for.
+ * @param key Key that was used to encrypt the assets.
+ * @param not_valid_before Start time for the KDM.
+ * @param not_valid_after End time for the KDM.
*/
- void add_key (std::string type, std::string id, Key key);
+ DecryptedKDM (
+ boost::shared_ptr<const CPL> cpl,
+ Key key,
+ LocalTime not_valid_before,
+ LocalTime not_valid_after,
+ std::string annotation_text,
+ std::string content_title_text,
+ std::string issue_date
+ );
/** Encrypt this KDM's keys and sign the whole KDM.
- * @param signer Signer.
+ * @param signer Chain to sign with.
* @param recipient Certificate of the projector/server which should receive this KDM's keys.
+ * @param trusted_devices Extra trusted devices which should be written to the KDM (recipient will be written
+ * as a trusted device automatically and does not need to be included in this list).
+ * @param formulation Formulation to use for the encrypted KDM.
* @return Encrypted KDM.
*/
- EncryptedKDM encrypt (boost::shared_ptr<const Signer> signer, boost::shared_ptr<const Certificate> recipient) const;
+ EncryptedKDM encrypt (
+ boost::shared_ptr<const CertificateChain> signer,
+ Certificate recipient,
+ std::vector<Certificate> trusted_devices,
+ Formulation formulation
+ ) const;
- /** @return This KDM's (decrypted) keys, which could be used to decrypt MXFs. */
+ void add_key (std::string type, std::string key_id, Key key, std::string cpl_id);
+ void add_key (DecryptedKDMKey key);
+
+ /** @return This KDM's (decrypted) keys, which could be used to decrypt assets. */
std::list<DecryptedKDMKey> keys () const {
return _keys;
}
+ std::string annotation_text () const {
+ return _annotation_text;
+ }
+
+ std::string content_title_text () const {
+ return _content_title_text;
+ }
+
+ std::string issue_date () const {
+ return _issue_date;
+ }
+
private:
LocalTime _not_valid_before;
LocalTime _not_valid_after;
};
}
+
+#endif