DCMTK  Version 3.6.7
OFFIS DICOM Toolkit
Public Member Functions | Static Public Member Functions | Private Member Functions | Private Attributes | List of all members
SiCertificate Class Reference

a class representing X.509 public key certificates. More...

Public Member Functions

 SiCertificate ()
 default constructor
 
 SiCertificate (X509 *cert)
 constructor More...
 
virtual ~SiCertificate ()
 destructor
 
OFCondition loadCertificate (const char *filename, int filetype)
 loads an X.509 certificate from file. More...
 
OFCondition read (DcmItem &item)
 reads an X.509 certificate from an item of the Digital Signatures Sequence and checks the certificate type information in the item. More...
 
OFCondition write (DcmItem &item)
 writes the current X.509 certificate into an item of the Digital Signatures Sequence and creates the certificate type information in the item. More...
 
E_KeyType getKeyType ()
 returns the type of public key stored in this certificate
 
SiAlgorithmcreateAlgorithmForPublicKey ()
 creates an SiAlgorithm object for the public key contained in this certificate. More...
 
long getX509Version ()
 returns the format version of the X.509 certificate. More...
 
void getCertSubjectName (OFString &str)
 returns the subject name (distinguished name) of the current certificate. More...
 
void getCertIssuerName (OFString &str)
 returns the issuer name (distinguished name) of the current certificate. More...
 
long getCertSerialNo ()
 returns the serial number of the X.509 certificate. More...
 
void getCertValidityNotBefore (OFString &str)
 returns the start of validity of the current certificate in human readable form. More...
 
void getCertValidityNotAfter (OFString &str)
 returns the end of validity of the current certificate in human readable form. More...
 
long getCertKeyBits ()
 returns the strength (number of bits) of the public key contained in the current certificate. More...
 
OFString getCertCurveName ()
 returns the name of the elliptic curve used in the certificate. More...
 
OFBool isWeakKey ()
 checks if the length of the public key in the certificate is too short and must be considered weak. More...
 
void checkForWeakKey ()
 checks if the length of the public key in the certificate is too short and must be considered weak, and if so, prints a warning to the logger.
 
X509 * getRawCertificate ()
 returns a pointer to the raw certificate structure or NULL if no certificate present. More...
 
OFBool isCertExpiredAt (OFString &date)
 returns true if the certificate expires before the given date. More...
 
OFBool isCertExpiredNow () const
 returns true if the certificate is expired. More...
 
OFBool isCertNotYetValidAt (OFString &date)
 returns true if the certificate is not yet valid at the given date. More...
 
OFBool isCertNotYetValidNow () const
 returns true if the certificate is not yet valid. More...
 

Static Public Member Functions

static OFCondition convertGeneralizedTime (const ASN1_GENERALIZEDTIME *d, OFDateTime &dt)
 this helper function converts a datetime in ASN1_GENERALIZEDTIME format to OFDateTime. More...
 
static OFCondition convertASN1Time (const ASN1_STRING *d, OFDateTime &dt)
 this helper function converts a datetime in ASN1_TIME format (which is in fact an alias for ASN1_STRING) to OFDateTime. More...
 

Private Member Functions

 SiCertificate (SiCertificate &arg)
 private undefined copy constructor
 
SiCertificateoperator= (SiCertificate &arg)
 private undefined copy assignment operator
 

Private Attributes

X509 * x509
 OpenSSL X.509 structure.
 

Detailed Description

a class representing X.509 public key certificates.

Remarks
this class is only available if DCMTK is compiled with OpenSSL support enabled.

Constructor & Destructor Documentation

◆ SiCertificate()

SiCertificate::SiCertificate ( X509 *  cert)

constructor

Parameters
certpointer to OpenSSL X509 object. Ownership is transferred to the SiCertificate instance

Member Function Documentation

◆ convertASN1Time()

static OFCondition SiCertificate::convertASN1Time ( const ASN1_STRING *  d,
OFDateTime dt 
)
static

this helper function converts a datetime in ASN1_TIME format (which is in fact an alias for ASN1_STRING) to OFDateTime.

Parameters
ddatetime in ASN1_TIME format
dtdt datetime stored in this parameter upon success
Returns
EC_Normal if successful, an error code otherwise

◆ convertGeneralizedTime()

static OFCondition SiCertificate::convertGeneralizedTime ( const ASN1_GENERALIZEDTIME *  d,
OFDateTime dt 
)
static

this helper function converts a datetime in ASN1_GENERALIZEDTIME format to OFDateTime.

Parameters
ddatetime in ASN1_GENERALIZEDTIME format
dtdt datetime stored in this parameter upon success
Returns
EC_Normal if successful, an error code otherwise

◆ createAlgorithmForPublicKey()

SiAlgorithm* SiCertificate::createAlgorithmForPublicKey ( )

creates an SiAlgorithm object for the public key contained in this certificate.

If no certificate loaded or operation fails, returns NULL. New SiAlgorithm object must be deleted by caller.

Returns
pointer to new SiAlgorithm object

◆ getCertCurveName()

OFString SiCertificate::getCertCurveName ( )

returns the name of the elliptic curve used in the certificate.

Returns
empty string if the certificate is not of elliptic curve type, "unnamed curve" if the curve name has not been stored in the certificate, or the short name of the elliptic curve if available.

◆ getCertIssuerName()

void SiCertificate::getCertIssuerName ( OFString str)

returns the issuer name (distinguished name) of the current certificate.

If no certificate is loaded, returns an empty string.

Parameters
strissuer name returned in this string.

◆ getCertKeyBits()

long SiCertificate::getCertKeyBits ( )

returns the strength (number of bits) of the public key contained in the current certificate.

If no certificate is loaded, returns 0.

Returns
key strength in bits.

◆ getCertSerialNo()

long SiCertificate::getCertSerialNo ( )

returns the serial number of the X.509 certificate.

If no certificate is loaded, returns -1.

Returns
X.509 certificate serial number

◆ getCertSubjectName()

void SiCertificate::getCertSubjectName ( OFString str)

returns the subject name (distinguished name) of the current certificate.

If no certificate is loaded, returns an empty string.

Parameters
strsubject name returned in this string.

◆ getCertValidityNotAfter()

void SiCertificate::getCertValidityNotAfter ( OFString str)

returns the end of validity of the current certificate in human readable form.

If no certificate is loaded, returns an empty string.

Parameters
strend of validity returned in this string.

◆ getCertValidityNotBefore()

void SiCertificate::getCertValidityNotBefore ( OFString str)

returns the start of validity of the current certificate in human readable form.

If no certificate is loaded, returns an empty string.

Parameters
strstart of validity returned in this string.

◆ getRawCertificate()

X509* SiCertificate::getRawCertificate ( )

returns a pointer to the raw certificate structure or NULL if no certificate present.

Should not be called by users of this library.

◆ getX509Version()

long SiCertificate::getX509Version ( )

returns the format version of the X.509 certificate.

If no certificate is loaded, returns 0.

Returns
X.509 certificate version

◆ isCertExpiredAt()

OFBool SiCertificate::isCertExpiredAt ( OFString date)

returns true if the certificate expires before the given date.

Parameters
datea string in the format YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ (where Z represents the letter 'Z', meaning time zone UTC+0)
Returns
OFTrue if certificate expires before the given date, or if the given date is invalid; OFFalse otherwise.

◆ isCertExpiredNow()

OFBool SiCertificate::isCertExpiredNow ( ) const

returns true if the certificate is expired.

Returns
OFTrue if certificate is expired, OFFalse otherwise

◆ isCertNotYetValidAt()

OFBool SiCertificate::isCertNotYetValidAt ( OFString date)

returns true if the certificate is not yet valid at the given date.

Parameters
datea string in the format YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ (where Z represents the letter 'Z', meaning time zone UTC+0)
Returns
OFTrue if certificate is not yet valid at the given date, or if the given date is invalid; OFFalse otherwise.

◆ isCertNotYetValidNow()

OFBool SiCertificate::isCertNotYetValidNow ( ) const

returns true if the certificate is not yet valid.

Returns
OFTrue if certificate is not yet valid, OFFalse otherwise

◆ isWeakKey()

OFBool SiCertificate::isWeakKey ( )

checks if the length of the public key in the certificate is too short and must be considered weak.

Currently, an RSA or DSA key with less than 1024 bits and an ECDSA key with less than 256 bits are considered weak.

Returns
OFTrue if key is weak, OFFalse otherwise.

◆ loadCertificate()

OFCondition SiCertificate::loadCertificate ( const char *  filename,
int  filetype 
)

loads an X.509 certificate from file.

Parameters
filenamefile name of X.509 certificate
filetypefile format: X509_FILETYPE_PEM or X509_FILETYPE_ASN1
Returns
status code

◆ read()

OFCondition SiCertificate::read ( DcmItem item)

reads an X.509 certificate from an item of the Digital Signatures Sequence and checks the certificate type information in the item.

Parameters
itemitem of the DigitalSignatureSQ from which the certificate is read
Returns
status code

◆ write()

OFCondition SiCertificate::write ( DcmItem item)

writes the current X.509 certificate into an item of the Digital Signatures Sequence and creates the certificate type information in the item.

Parameters
itemitem of the DigitalSignatureSQ to which the certificate is written
Returns
dcmdata OFCondition status code

The documentation for this class was generated from the following file:


Generated on Thu Apr 28 2022 for DCMTK Version 3.6.7 by Doxygen 1.9.1