DCMTK
Version 3.6.6
OFFIS DICOM Toolkit
|
this class provides the main interface to the dcmsign module - it allows to create, examine and verify digital signatures in DICOM datasets or items. More...
Public Member Functions | |
DcmSignature () | |
default constructor | |
virtual | ~DcmSignature () |
destructor | |
void | attach (DcmItem *dataset) |
attaches a DICOM dataset or item to the signature object. More... | |
void | detach () |
detaches an attached DICOM dataset from the signature object. | |
OFCondition | createSignature (SiPrivateKey &key, SiCertificate &cert, SiMAC &mac, SiSecurityProfile &profile, E_TransferSyntax xfer=EXS_LittleEndianExplicit, const DcmAttributeTag *tagList=NULL, SiTimeStamp *timeStamp=NULL, SiSignaturePurpose::E_SignaturePurposeType sigPurpose=SiSignaturePurpose::ESP_none) |
creates a new digital signature in the current dataset. More... | |
unsigned long | numberOfSignatures () |
returns the number of signatures in the dataset. More... | |
OFCondition | removeSignature (unsigned long i) |
removes a signature from the dataset. More... | |
OFCondition | selectSignature (unsigned long i) |
selects one of the digital signatures from the attached dataset for reading. More... | |
OFCondition | verifyCurrent () |
verifies the current signature. More... | |
OFCondition | getCurrentMacID (Uint16 &macID) |
returns the MAC ID of the current signature. More... | |
OFCondition | getCurrentMacXferSyntaxName (OFString &str) |
returns the MAC Calculation Transfer Syntax of the current signature. More... | |
OFCondition | getCurrentMacName (OFString &str) |
returns the MAC Algorithm Name of the current signature. More... | |
OFCondition | getCurrentSignatureUID (OFString &str) |
returns the Digital Signature UID of the current signature. More... | |
OFCondition | getCurrentSignatureDateTime (OFString &str) |
returns the Signature Date/Time of the current signature. More... | |
DcmDateTime * | getCurrentSignatureDateTime () |
returns a pointer to the object representing Signature Date/Time of the current signature. More... | |
OFCondition | getCurrentDataElementsSigned (DcmAttributeTag &desig) |
returns the Data Elements Signed attribute of the current signature if present. More... | |
OFCondition | getCurrentSignaturePurpose (OFString &codeValue, OFString &codeMeaning, OFString &codingSchemeDesignator) |
returns the signature purpose code of the current signature if present. More... | |
OFCondition | verifySignatureProfile (SiSecurityProfile &sprof) |
verifies whether the currently selected signature within the currently attached dataset matches the requirements of the given signature profile. More... | |
SiCertificate * | getCurrentCertificate () |
returns the certificate of the current signature if present. More... | |
SiTimeStamp * | getCurrentTimestamp () |
returns the certified timestamp of the current signature if present. More... | |
DcmItem * | getSelectedSignatureItem () |
returns the item of the DigitalSignaturesSequence selected by the last call to selectSignature(), or NULL if no signature has been selected. More... | |
void | setDumpFile (FILE *f) |
dump all data that is fed into the MAC algorithm into the given file, which must be opened and closed by caller. More... | |
Static Public Member Functions | |
static void | initializeLibrary () |
initializes the dcmsign library including the underlying OpenSSL library. More... | |
static DcmItem * | findFirstSignatureItem (DcmItem &item, DcmStack &stack) |
recursively browses through the given dataset and searches the first occurrence of the DigitalSignaturesSequence. More... | |
static DcmItem * | findNextSignatureItem (DcmItem &item, DcmStack &stack) |
recursively browses through the given dataset and searches the next occurrence of the DigitalSignaturesSequence. More... | |
static void | adjustASN1SequenceLength (const unsigned char *buf, unsigned long &buflen) |
check a DER encoded ASN.1 SEQUENCE structure for a possible pad byte and, if a pad byte is detected, remove it by decreasing buflen. More... | |
Private Member Functions | |
DcmSignature (DcmSignature &arg) | |
private undefined copy constructor | |
DcmSignature & | operator= (DcmSignature &arg) |
private undefined copy assignment operator | |
void | deselect () |
removes the selection of a current signature if present | |
OFCondition | allocateMACID (Uint16 &newID) |
allocates a new mac ID number for a new signature. More... | |
Static Private Member Functions | |
static OFCondition | getMACIDnumber (DcmItem &item, Uint16 &macid) |
searches a given item for the DCM_MACIDnumber element and returns its value if present More... | |
static OFCondition | checkListOfSignedTags (const DcmAttributeTag *tagList, const DcmAttributeTag *tagListOut) |
checks if all tags from tagList are present in tagListOut, which is the list of attribute tags actually included in a signature, including tags added due to a signature profile, and without tags that were absent in the dataset. More... | |
static OFBool | inTagList (const DcmTagKey &tag, const DcmAttributeTag &tagList) |
checks if the given tag key is present in tagList More... | |
static void | currentDateTime (OFString &str) |
returns the current date and time as a DICOM DT string. More... | |
Private Attributes | |
DcmItem * | currentItem |
pointer to current item if attached, NULL otherwise | |
DcmSequenceOfItems * | macParametersSq |
pointer to mac parameters sequence of attached item, may be NULL if not attached or not yet present | |
DcmSequenceOfItems * | signatureSq |
pointer to digital signatures sequence of attached item, may be NULL if not attached or not yet present | |
FILE * | dumpFile |
if nonzero, the data fed to the MAC algorithm is also stored in this file. | |
DcmItem * | selectedSignatureItem |
pointer to currently selected signature item | |
DcmItem * | selectedMacParametersItem |
pointer to currently selected mac parameters item | |
SiCertificate * | selectedCertificate |
pointer to certificate for currently selected signature item | |
SiTimeStamp * | selectedTimestamp |
pointer to certified timestamp for currently selected signature item | |
this class provides the main interface to the dcmsign module - it allows to create, examine and verify digital signatures in DICOM datasets or items.
The methods in this class do not handle digital signatures embedded in sequence items within the dataset, other than providing helper functions that allow to locate and attach the sub-items separately.
|
static |
check a DER encoded ASN.1 SEQUENCE structure for a possible pad byte and, if a pad byte is detected, remove it by decreasing buflen.
This will work for SEQUENCEs with one byte and two byte encoding (i.e. max 64 kBytes).
buf | pointer to DER encoded ASN.1 data |
buflen | length of buffer pointed to, in bytes. The variable is decreased by one if a pad byte is detected. |
|
private |
allocates a new mac ID number for a new signature.
examines all mac ID numbers in the digital signatures sequence and in the mac parameters sequence and returns an unused number.
newID | upon successful return, new number is passed in this parameter |
void DcmSignature::attach | ( | DcmItem * | dataset | ) |
attaches a DICOM dataset or item to the signature object.
The dataset is detached by a call to detach() or by destruction of the signature object. This object may modify but never deletes an attached dataset.
dataset | dataset or item to be attached |
|
staticprivate |
checks if all tags from tagList are present in tagListOut, which is the list of attribute tags actually included in a signature, including tags added due to a signature profile, and without tags that were absent in the dataset.
tagList | list of attribute tags that should be present in the signature, may be NULL |
tagListOut | list of attribute tags actually present in the signature, must not be NULL |
OFCondition DcmSignature::createSignature | ( | SiPrivateKey & | key, |
SiCertificate & | cert, | ||
SiMAC & | mac, | ||
SiSecurityProfile & | profile, | ||
E_TransferSyntax | xfer = EXS_LittleEndianExplicit , |
||
const DcmAttributeTag * | tagList = NULL , |
||
SiTimeStamp * | timeStamp = NULL , |
||
SiSignaturePurpose::E_SignaturePurposeType | sigPurpose = SiSignaturePurpose::ESP_none |
||
) |
creates a new digital signature in the current dataset.
Checks whether private and public key match and whether all requirements of the given security profile are fulfilled.
key | private key for signature creation |
cert | certificate with public key |
mac | MAC algorithm to be used for signature creation |
profile | security profile for signature creation |
xfer | transfer syntax to use when serializing DICOM data |
tagList | pointer to list of attribute tags to sign, may be NULL. If this parameter is nonzero, it contains a list of attribute sign. The real list of attributes signed is derived from this parameter plus the requirements of the security profile. If NULL, a universal match is assumed, i.e. all signable attributes in the data set are signed. |
timeStamp | pointer to time stamp client used to create timestamps for the digital signature. |
sigPurpose | digital signature purpose |
|
staticprivate |
returns the current date and time as a DICOM DT string.
str | date/time returned in this string. |
recursively browses through the given dataset and searches the first occurrence of the DigitalSignaturesSequence.
If found, returns a pointer to the Item in which the sequence is contained.
item | dataset to be browsed |
stack | search stack, must be passed to findNextSignatureItem() later on. |
recursively browses through the given dataset and searches the next occurrence of the DigitalSignaturesSequence.
If found, returns a pointer to the Item in which the sequence is contained.
item | dataset to be browsed |
stack | search stack as returned by findFirstSignatureItem() or the last call to this method. |
SiCertificate* DcmSignature::getCurrentCertificate | ( | ) |
returns the certificate of the current signature if present.
Current signature must be selected with selectSignature(). May return NULL if certificate is unavailable.
OFCondition DcmSignature::getCurrentDataElementsSigned | ( | DcmAttributeTag & | desig | ) |
returns the Data Elements Signed attribute of the current signature if present.
Current signature must be selected with selectSignature(). If a valid signature is selected but the signature does not contain the Data Elements Signed element (i.e. all attributes are signed), this method returns an error code.
desig | data elements signed returned in this parameter upon success |
OFCondition DcmSignature::getCurrentMacID | ( | Uint16 & | macID | ) |
returns the MAC ID of the current signature.
Current signature must be selected with selectSignature().
macID | MAC ID returned in this parameter upon success |
OFCondition DcmSignature::getCurrentMacName | ( | OFString & | str | ) |
returns the MAC Algorithm Name of the current signature.
Current signature must be selected with selectSignature().
str | MAC algorithm name returned in this parameter upon success |
OFCondition DcmSignature::getCurrentMacXferSyntaxName | ( | OFString & | str | ) |
returns the MAC Calculation Transfer Syntax of the current signature.
If the transfer syntax is well-known, the UID is replaced by the transfer syntax name preceded by '='. Current signature must be selected with selectSignature().
str | transfer syntax name or UID returned in this parameter upon success |
DcmDateTime* DcmSignature::getCurrentSignatureDateTime | ( | ) |
returns a pointer to the object representing Signature Date/Time of the current signature.
Current signature must be selected with selectSignature().
OFCondition DcmSignature::getCurrentSignatureDateTime | ( | OFString & | str | ) |
returns the Signature Date/Time of the current signature.
Current signature must be selected with selectSignature().
str | signature date/time returned in this parameter upon success |
OFCondition DcmSignature::getCurrentSignaturePurpose | ( | OFString & | codeValue, |
OFString & | codeMeaning, | ||
OFString & | codingSchemeDesignator | ||
) |
returns the signature purpose code of the current signature if present.
Current signature must be selected with selectSignature(). If a valid signature is selected but the signature does not contain a valid SignaturePurposeCodeSequence, this method returns an error code.
codeValue | signature purpose code value returned in this parameter upon success |
codeMeaning | signature purpose code meaning returned in this parameter upon success |
codingSchemeDesignator | signature purpose coding scheme designator returned in this parameter upon success |
OFCondition DcmSignature::getCurrentSignatureUID | ( | OFString & | str | ) |
returns the Digital Signature UID of the current signature.
Current signature must be selected with selectSignature().
str | signature UID returned in this parameter upon success |
SiTimeStamp* DcmSignature::getCurrentTimestamp | ( | ) |
returns the certified timestamp of the current signature if present.
Current signature must be selected with selectSignature(). May return NULL if timestamp is unavailable.
|
staticprivate |
searches a given item for the DCM_MACIDnumber element and returns its value if present
item | item to be searched |
macid | MAC ID returned in this parameter upon success |
DcmItem* DcmSignature::getSelectedSignatureItem | ( | ) |
returns the item of the DigitalSignaturesSequence selected by the last call to selectSignature(), or NULL if no signature has been selected.
|
static |
initializes the dcmsign library including the underlying OpenSSL library.
this method should be called by main() before any object of the dcmsign library is created or used.
|
staticprivate |
checks if the given tag key is present in tagList
tag | tag key |
tagList | list of tag keys |
unsigned long DcmSignature::numberOfSignatures | ( | ) |
returns the number of signatures in the dataset.
Does not count signatures embedded in sequence items within the dataset.
OFCondition DcmSignature::removeSignature | ( | unsigned long | i | ) |
removes a signature from the dataset.
i | index, must be < numberOfSignatures(). |
OFCondition DcmSignature::selectSignature | ( | unsigned long | i | ) |
selects one of the digital signatures from the attached dataset for reading.
i | index, must be < numberOfSignatures() |
void DcmSignature::setDumpFile | ( | FILE * | f | ) |
dump all data that is fed into the MAC algorithm into the given file, which must be opened and closed by caller.
f | pointer to file already opened for writing; may be NULL. |
OFCondition DcmSignature::verifyCurrent | ( | ) |
verifies the current signature.
Current signature must be selected with selectSignature().
OFCondition DcmSignature::verifySignatureProfile | ( | SiSecurityProfile & | sprof | ) |
verifies whether the currently selected signature within the currently attached dataset matches the requirements of the given signature profile.
sprof | security profile |