Cleanup: extract encrypt() call from Film::make_kdm().

diff --git a/src/lib/dkdm_recipient.cc b/src/lib/dkdm_recipient.cc
index f25934083170d35920c1069d8afdd89d0ba0c8a7..c73379bed9cded1f3963fad8a62bf32bf67b4095 100644 (file)
--- a/src/lib/dkdm_recipient.cc
+++ b/src/lib/dkdm_recipient.cc
@@ -19,6 +19,7 @@
 */
 
 
+#include "config.h"
 #include "dkdm_recipient.h"
 #include "film.h"
 #include "kdm_with_metadata.h"
@@ -75,16 +76,13 @@ kdm_for_dkdm_recipient (
        dcp::LocalTime const begin(valid_from, dcp::UTCOffset(recipient->utc_offset_hour, recipient->utc_offset_minute));
        dcp::LocalTime const end  (valid_to,   dcp::UTCOffset(recipient->utc_offset_hour, recipient->utc_offset_minute));
 
-       auto const kdm = film->make_kdm (
-                       recipient->recipient.get(),
-                       vector<string>(),
-                       cpl,
-                       begin,
-                       end,
-                       dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-                       true,
-                       0
-                       );
+       auto signer = Config::instance()->signer_chain();
+       if (!signer->valid()) {
+               throw InvalidSignerError();
+       }
+
+       auto const decrypted_kdm = film->make_kdm(cpl, begin, end);
+       auto const kdm = decrypted_kdm.encrypt(signer, recipient->recipient.get(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
        dcp::NameFormat::Map name_values;
        name_values['f'] = kdm.content_title_text();

diff --git a/src/lib/film.cc b/src/lib/film.cc
index e0aa08a77c141034aae6cf24b9639e4f278c37a6..8e409fc696fd114fe569bb1a25f07fee286571f0 100644 (file)
--- a/src/lib/film.cc
+++ b/src/lib/film.cc
@@ -1634,37 +1634,18 @@ Film::active_area () const
 }
 
 
-/** @param recipient KDM recipient certificate.
- *  @param trusted_devices Certificate thumbprints of other trusted devices (can be empty).
- *  @param cpl_file CPL filename.
+/*  @param cpl_file CPL filename.
  *  @param from KDM from time expressed as a local time with an offset from UTC.
  *  @param until KDM to time expressed as a local time with an offset from UTC.
- *  @param formulation KDM formulation to use.
- *  @param disable_forensic_marking_picture true to disable forensic marking of picture.
- *  @param disable_forensic_marking_audio if not set, don't disable forensic marking of audio.  If set to 0,
- *  disable all forensic marking; if set above 0, disable forensic marking above that channel.
  */
-dcp::EncryptedKDM
-Film::make_kdm (
-       dcp::Certificate recipient,
-       vector<string> trusted_devices,
-       boost::filesystem::path cpl_file,
-       dcp::LocalTime from,
-       dcp::LocalTime until,
-       dcp::Formulation formulation,
-       bool disable_forensic_marking_picture,
-       optional<int> disable_forensic_marking_audio
-       ) const
+dcp::DecryptedKDM
+Film::make_kdm(boost::filesystem::path cpl_file, dcp::LocalTime from, dcp::LocalTime until) const
 {
        if (!_encrypted) {
                throw runtime_error (_("Cannot make a KDM as this project is not encrypted."));
        }
 
        auto cpl = make_shared<dcp::CPL>(cpl_file);
-       auto signer = Config::instance()->signer_chain();
-       if (!signer->valid ()) {
-               throw InvalidSignerError ();
-       }
 
        /* Find keys that have been added to imported, encrypted DCP content */
        list<dcp::DecryptedKDMKey> imported_keys;
@@ -1703,7 +1684,7 @@ Film::make_kdm (
 
        return dcp::DecryptedKDM (
                cpl->id(), keys, from, until, cpl->content_title_text(), cpl->content_title_text(), dcp::LocalTime().as_string()
-               ).encrypt (signer, recipient, trusted_devices, formulation, disable_forensic_marking_picture, disable_forensic_marking_audio);
+               );
 }
 
 

diff --git a/src/lib/film.h b/src/lib/film.h
index babc14a295c2d75cba261cf56c1dd2120ccdb03a..d059099ee521e7c5d8f9ae7daa4afa2907df799f 100644 (file)
--- a/src/lib/film.h
+++ b/src/lib/film.h
@@ -167,16 +167,7 @@ public:
        FrameRateChange active_frame_rate_change (dcpomatic::DCPTime) const;
        std::pair<double, double> speed_up_range (int dcp_frame_rate) const;
 
-       dcp::EncryptedKDM make_kdm (
-               dcp::Certificate recipient,
-               std::vector<std::string> trusted_devices,
-               boost::filesystem::path cpl_file,
-               dcp::LocalTime from,
-               dcp::LocalTime until,
-               dcp::Formulation formulation,
-               bool disable_forensic_marking_picture,
-               boost::optional<int> disable_forensic_marking_audio
-               ) const;
+       dcp::DecryptedKDM make_kdm(boost::filesystem::path cpl_file, dcp::LocalTime from, dcp::LocalTime until) const;
 
        int state_version () const {
                return _state_version;

diff --git a/src/lib/screen.cc b/src/lib/screen.cc
index 453a833d79b51b0a2fc1148a973016a20fe921b4..5ef007214b874c02cbe52f8f5b4433a071a6a552 100644 (file)
--- a/src/lib/screen.cc
+++ b/src/lib/screen.cc
@@ -20,6 +20,7 @@
 
 
 #include "cinema.h"
+#include "config.h"
 #include "film.h"
 #include "kdm_util.h"
 #include "kdm_with_metadata.h"
@@ -95,16 +96,13 @@ kdm_for_screen (
 
        period_checks.push_back(check_kdm_and_certificate_validity_periods(screen->recipient.get(), begin, end));
 
-       auto const kdm = film->make_kdm (
-                       screen->recipient.get(),
-                       screen->trusted_device_thumbprints(),
-                       cpl,
-                       begin,
-                       end,
-                       formulation,
-                       disable_forensic_marking_picture,
-                       disable_forensic_marking_audio
-                       );
+       auto signer = Config::instance()->signer_chain();
+       if (!signer->valid()) {
+               throw InvalidSignerError();
+       }
+
+       auto const decrypted_kdm = film->make_kdm(cpl, begin, end);
+       auto kdm = decrypted_kdm.encrypt(signer, screen->recipient.get(), screen->trusted_device_thumbprints(), formulation, disable_forensic_marking_picture, disable_forensic_marking_audio);
 
        dcp::NameFormat::Map name_values;
        if (cinema) {

diff --git a/src/tools/dcpomatic.cc b/src/tools/dcpomatic.cc
index deaa15afd05343ce438ce2247f912c74c09fc92c..1923a12a3f4305e964d53e6718ff6e1936680a85 100644 (file)
--- a/src/tools/dcpomatic.cc
+++ b/src/tools/dcpomatic.cc
@@ -944,34 +944,30 @@ private:
                dcp::LocalTime to (Config::instance()->signer_chain()->leaf().not_after());
                to.add_days (-1);
 
-               optional<dcp::EncryptedKDM> kdm;
-               try {
-                       kdm = _film->make_kdm (
-                               Config::instance()->decryption_chain()->leaf(),
-                               vector<string>(),
-                               dialog.cpl(),
-                               from, to,
-                               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-                               true,
-                               0
-                               );
-               } catch (dcp::NotEncryptedError& e) {
-                       error_dialog (this, _("CPL's content is not encrypted."));
-               } catch (exception& e) {
-                       error_dialog (this, e.what ());
-               } catch (...) {
-                       error_dialog (this, _("An unknown exception occurred."));
+               auto signer = Config::instance()->signer_chain();
+               if (!signer->valid()) {
+                       error_dialog(this, _("The certificate chain for signing is invalid"));
+                       return;
                }
 
-               if (kdm) {
+               optional<dcp::EncryptedKDM> kdm;
+               try {
+                       auto const decrypted_kdm = _film->make_kdm(dialog.cpl(), from, to);
+                       auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
                        if (dialog.internal()) {
                                auto dkdms = Config::instance()->dkdms();
-                               dkdms->add (make_shared<DKDM>(kdm.get()));
+                               dkdms->add(make_shared<DKDM>(kdm));
                                Config::instance()->changed ();
                        } else {
                                auto path = dialog.directory() / (_film->dcp_name(false) + "_DKDM.xml");
-                               kdm->as_xml (path);
+                               kdm.as_xml(path);
                        }
+               } catch (dcp::NotEncryptedError& e) {
+                       error_dialog (this, _("CPL's content is not encrypted."));
+               } catch (exception& e) {
+                       error_dialog (this, e.what ());
+               } catch (...) {
+                       error_dialog (this, _("An unknown exception occurred."));
                }
        }
 

diff --git a/test/atmos_test.cc b/test/atmos_test.cc
index c2b0cb6d8e03b48a65b6fc7c38bd44a26596b47d..17073682520a945705f136a3244fad2f74a13c5d 100644 (file)
--- a/test/atmos_test.cc
+++ b/test/atmos_test.cc
@@ -74,16 +74,11 @@ BOOST_AUTO_TEST_CASE (atmos_encrypted_passthrough_test)
 
        BOOST_REQUIRE (!mxf_atmos_files_same(ref, dcp_file(film, "atmos")));
 
-       auto kdm = film->make_kdm (
-               Config::instance()->decryption_chain()->leaf(),
-               vector<string>(),
-               dcp_file(film, "cpl"),
-               dcp::LocalTime(),
-               dcp::LocalTime(),
-               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-               false,
-               optional<int>()
-               );
+       auto signer = Config::instance()->signer_chain();
+       BOOST_REQUIRE(signer->valid());
+
+       auto const decrypted_kdm = film->make_kdm(dcp_file(film, "cpl"), dcp::LocalTime(), dcp::LocalTime());
+       auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, false, {});
 
        auto content2 = make_shared<DCPContent>(film->dir(film->dcp_name()));
        content2->add_kdm (kdm);

diff --git a/test/dcp_decoder_test.cc b/test/dcp_decoder_test.cc
index c9474b998c0e0da98f1347d52cb5d7d208a4f2b2..a37b60ee8d00d73bce8c4e8ae9cb89c187f53493 100644 (file)
--- a/test/dcp_decoder_test.cc
+++ b/test/dcp_decoder_test.cc
@@ -69,16 +69,11 @@ BOOST_AUTO_TEST_CASE (check_reuse_old_data_test)
        dcp::DCP encrypted_dcp (encrypted->dir(encrypted->dcp_name()));
        encrypted_dcp.read ();
 
-       auto kdm = encrypted->make_kdm (
-               Config::instance()->decryption_chain()->leaf(),
-               vector<string>(),
-               encrypted_dcp.cpls().front()->file().get(),
-               dcp::LocalTime ("2030-07-21T00:00:00+00:00"),
-               dcp::LocalTime ("2031-07-21T00:00:00+00:00"),
-               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-               true, 0
-               );
+       auto signer = Config::instance()->signer_chain();
+       BOOST_REQUIRE(signer->valid());
 
+       auto const decrypted_kdm = encrypted->make_kdm(encrypted_dcp.cpls().front()->file().get(), dcp::LocalTime ("2030-07-21T00:00:00+00:00"), dcp::LocalTime ("2031-07-21T00:00:00+00:00"));
+       auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
        /* Add just the OV to a new project, move it around a bit and check that
           the _reels get reused.

diff --git a/test/dcp_digest_file_test.cc b/test/dcp_digest_file_test.cc
index 16fe4a5bb97f15b8b96bd420a3a355ef720fd3a8..d67c734c126c3fc97d1b7cbc66b8376d10df4bb2 100644 (file)
--- a/test/dcp_digest_file_test.cc
+++ b/test/dcp_digest_file_test.cc
@@ -80,15 +80,11 @@ BOOST_AUTO_TEST_CASE (dcp_digest_file_test2)
        auto ov_cpl = find_cpl.cpls()[0]->file();
        BOOST_REQUIRE (static_cast<bool>(ov_cpl));
 
-       auto kdm = ov->make_kdm (
-               Config::instance()->decryption_chain()->leaf(),
-               {},
-               ov_cpl.get(),
-               dcp::LocalTime(), dcp::LocalTime(),
-               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-               true,
-               0
-               );
+       auto signer = Config::instance()->signer_chain();
+       BOOST_REQUIRE(signer->valid());
+
+       auto decrypted_kdm = ov->make_kdm(ov_cpl.get(), dcp::LocalTime(), dcp::LocalTime());
+       auto kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
        auto ov_dcp = make_shared<DCPContent>(ov->dir(ov->dcp_name()));
        ov_dcp->add_kdm (kdm);

diff --git a/test/encryption_test.cc b/test/encryption_test.cc
index b7703f4e99cf2880c5259f0f558e595592101b95..9cadd087e04cf34da9c032c12860b058211b07c3 100644 (file)
--- a/test/encryption_test.cc
+++ b/test/encryption_test.cc
@@ -55,16 +55,11 @@ BOOST_AUTO_TEST_CASE (smpte_dcp_with_subtitles_can_be_decrypted)
        auto cpl = dcp.cpls()[0];
        BOOST_REQUIRE (cpl->file());
 
-       auto kdm = film->make_kdm (
-               Config::instance()->decryption_chain()->leaf(),
-               {},
-               *cpl->file(),
-               dcp::LocalTime(),
-               dcp::LocalTime(),
-               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-               true,
-               0
-               );
+       auto signer = Config::instance()->signer_chain();
+       BOOST_REQUIRE(signer->valid());
+
+       auto const decrypted_kdm = film->make_kdm(*cpl->file(), dcp::LocalTime(), dcp::LocalTime());
+       auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
        auto dcp_content = make_shared<DCPContent>(film->dir(film->dcp_name()));
        dcp_content->add_kdm (kdm);

diff --git a/test/import_dcp_test.cc b/test/import_dcp_test.cc
index e4545b7b0dc0e7e5eb7d45962ad83f634476e9a3..acac790513ea6480b747a18dee64be26d37496b5 100644 (file)
--- a/test/import_dcp_test.cc
+++ b/test/import_dcp_test.cc
@@ -74,15 +74,11 @@ BOOST_AUTO_TEST_CASE (import_dcp_test)
 
        Config::instance()->set_decryption_chain (make_shared<dcp::CertificateChain>(openssl_path(), CERTIFICATE_VALIDITY_PERIOD));
 
-       auto kdm = A->make_kdm (
-               Config::instance()->decryption_chain()->leaf (),
-               vector<string>(),
-               A_dcp.cpls().front()->file().get(),
-               dcp::LocalTime ("2030-07-21T00:00:00+00:00"),
-               dcp::LocalTime ("2031-07-21T00:00:00+00:00"),
-               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-               true, 0
-               );
+       auto signer = Config::instance()->signer_chain();
+       BOOST_REQUIRE(signer->valid());
+
+       auto const decrypted_kdm = A->make_kdm(A_dcp.cpls().front()->file().get(), dcp::LocalTime ("2030-07-21T00:00:00+00:00"), dcp::LocalTime ("2031-07-21T00:00:00+00:00"));
+       auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
        auto B = new_test_film ("import_dcp_test2");
        B->set_container (Ratio::from_id ("185"));

diff --git a/test/remake_id_test.cc b/test/remake_id_test.cc
index 0a29f94613fe3673efc14579ca72d55a81c3bd3c..816a43feb04186c2e23f46524a70f0d455bae0d5 100644 (file)
--- a/test/remake_id_test.cc
+++ b/test/remake_id_test.cc
@@ -84,17 +84,12 @@ BOOST_AUTO_TEST_CASE (remake_id_test2)
        }
        BOOST_REQUIRE(cpl);
 
+       auto signer = Config::instance()->signer_chain();
+       BOOST_REQUIRE(signer->valid());
+
        /* Make a DKDM */
-       auto kdm = film->make_kdm (
-               Config::instance()->decryption_chain()->leaf(),
-               vector<string>(),
-               *cpl,
-               dcp::LocalTime ("2030-01-01T01:00:00+00:00"),
-               dcp::LocalTime ("2031-01-01T01:00:00+00:00"),
-               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-               true,
-               0
-               );
+       auto const decrypted_kdm = film->make_kdm(*cpl, dcp::LocalTime ("2030-01-01T01:00:00+00:00"), dcp::LocalTime ("2031-01-01T01:00:00+00:00"));
+       auto const kdm = decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
        /* Import the DCP into a new film */
        auto dcp_content = make_shared<DCPContent>(film->dir(film->dcp_name()));

diff --git a/test/vf_kdm_test.cc b/test/vf_kdm_test.cc
index 259f5403146f29d1260fb85c5c943c5aa13a4316..665cf72a086895922659d516f2a23a721f1b17d2 100644 (file)
--- a/test/vf_kdm_test.cc
+++ b/test/vf_kdm_test.cc
@@ -68,15 +68,11 @@ BOOST_AUTO_TEST_CASE (vf_kdm_test)
 
        Config::instance()->set_decryption_chain (make_shared<dcp::CertificateChain>(openssl_path(), CERTIFICATE_VALIDITY_PERIOD));
 
-       auto A_kdm = A->make_kdm (
-               Config::instance()->decryption_chain()->leaf(),
-               vector<string>(),
-               A_dcp.cpls().front()->file().get(),
-               dcp::LocalTime("2030-07-21T00:00:00+00:00"),
-               dcp::LocalTime("2031-07-21T00:00:00+00:00"),
-               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-               true, 0
-               );
+       auto signer = Config::instance()->signer_chain();
+       BOOST_REQUIRE(signer->valid());
+
+       auto const A_decrypted_kdm = A->make_kdm(A_dcp.cpls().front()->file().get(), dcp::LocalTime("2030-07-21T00:00:00+00:00"), dcp::LocalTime("2031-07-21T00:00:00+00:00"));
+       auto const A_kdm = A_decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
        /* Import A into a new project, with the required KDM, and make a VF that refers to it */
 
@@ -97,15 +93,8 @@ BOOST_AUTO_TEST_CASE (vf_kdm_test)
        dcp::DCP B_dcp ("build/test/vf_kdm_test_vf/" + B->dcp_name());
        B_dcp.read ();
 
-       auto B_kdm = B->make_kdm (
-               Config::instance()->decryption_chain()->leaf (),
-               vector<string>(),
-               B_dcp.cpls().front()->file().get(),
-               dcp::LocalTime ("2030-07-21T00:00:00+00:00"),
-               dcp::LocalTime ("2031-07-21T00:00:00+00:00"),
-               dcp::Formulation::MODIFIED_TRANSITIONAL_1,
-               true, 0
-               );
+       auto const B_decrypted_kdm = B->make_kdm(B_dcp.cpls().front()->file().get(), dcp::LocalTime ("2030-07-21T00:00:00+00:00"), dcp::LocalTime ("2031-07-21T00:00:00+00:00"));
+       auto const B_kdm = B_decrypted_kdm.encrypt(signer, Config::instance()->decryption_chain()->leaf(), {}, dcp::Formulation::MODIFIED_TRANSITIONAL_1, true, 0);
 
        /* Import the OV and VF into a new project with the KDM that was created for the VF.
           This KDM should decrypt assets from the OV too.