DCMTK
Version 3.6.7
OFFIS DICOM Toolkit
|
a class representing X.509 public key certificates. More...
Public Member Functions | |
SiCertificate () | |
default constructor | |
SiCertificate (X509 *cert) | |
constructor More... | |
virtual | ~SiCertificate () |
destructor | |
OFCondition | loadCertificate (const char *filename, int filetype) |
loads an X.509 certificate from file. More... | |
OFCondition | read (DcmItem &item) |
reads an X.509 certificate from an item of the Digital Signatures Sequence and checks the certificate type information in the item. More... | |
OFCondition | write (DcmItem &item) |
writes the current X.509 certificate into an item of the Digital Signatures Sequence and creates the certificate type information in the item. More... | |
E_KeyType | getKeyType () |
returns the type of public key stored in this certificate | |
SiAlgorithm * | createAlgorithmForPublicKey () |
creates an SiAlgorithm object for the public key contained in this certificate. More... | |
long | getX509Version () |
returns the format version of the X.509 certificate. More... | |
void | getCertSubjectName (OFString &str) |
returns the subject name (distinguished name) of the current certificate. More... | |
void | getCertIssuerName (OFString &str) |
returns the issuer name (distinguished name) of the current certificate. More... | |
long | getCertSerialNo () |
returns the serial number of the X.509 certificate. More... | |
void | getCertValidityNotBefore (OFString &str) |
returns the start of validity of the current certificate in human readable form. More... | |
void | getCertValidityNotAfter (OFString &str) |
returns the end of validity of the current certificate in human readable form. More... | |
long | getCertKeyBits () |
returns the strength (number of bits) of the public key contained in the current certificate. More... | |
OFString | getCertCurveName () |
returns the name of the elliptic curve used in the certificate. More... | |
OFBool | isWeakKey () |
checks if the length of the public key in the certificate is too short and must be considered weak. More... | |
void | checkForWeakKey () |
checks if the length of the public key in the certificate is too short and must be considered weak, and if so, prints a warning to the logger. | |
X509 * | getRawCertificate () |
returns a pointer to the raw certificate structure or NULL if no certificate present. More... | |
OFBool | isCertExpiredAt (OFString &date) |
returns true if the certificate expires before the given date. More... | |
OFBool | isCertExpiredNow () const |
returns true if the certificate is expired. More... | |
OFBool | isCertNotYetValidAt (OFString &date) |
returns true if the certificate is not yet valid at the given date. More... | |
OFBool | isCertNotYetValidNow () const |
returns true if the certificate is not yet valid. More... | |
Static Public Member Functions | |
static OFCondition | convertGeneralizedTime (const ASN1_GENERALIZEDTIME *d, OFDateTime &dt) |
this helper function converts a datetime in ASN1_GENERALIZEDTIME format to OFDateTime. More... | |
static OFCondition | convertASN1Time (const ASN1_STRING *d, OFDateTime &dt) |
this helper function converts a datetime in ASN1_TIME format (which is in fact an alias for ASN1_STRING) to OFDateTime. More... | |
Private Member Functions | |
SiCertificate (SiCertificate &arg) | |
private undefined copy constructor | |
SiCertificate & | operator= (SiCertificate &arg) |
private undefined copy assignment operator | |
Private Attributes | |
X509 * | x509 |
OpenSSL X.509 structure. | |
a class representing X.509 public key certificates.
SiCertificate::SiCertificate | ( | X509 * | cert | ) |
constructor
cert | pointer to OpenSSL X509 object. Ownership is transferred to the SiCertificate instance |
|
static |
this helper function converts a datetime in ASN1_TIME format (which is in fact an alias for ASN1_STRING) to OFDateTime.
d | datetime in ASN1_TIME format |
dt | dt datetime stored in this parameter upon success |
|
static |
this helper function converts a datetime in ASN1_GENERALIZEDTIME format to OFDateTime.
d | datetime in ASN1_GENERALIZEDTIME format |
dt | dt datetime stored in this parameter upon success |
SiAlgorithm* SiCertificate::createAlgorithmForPublicKey | ( | ) |
creates an SiAlgorithm object for the public key contained in this certificate.
If no certificate loaded or operation fails, returns NULL. New SiAlgorithm object must be deleted by caller.
OFString SiCertificate::getCertCurveName | ( | ) |
returns the name of the elliptic curve used in the certificate.
void SiCertificate::getCertIssuerName | ( | OFString & | str | ) |
returns the issuer name (distinguished name) of the current certificate.
If no certificate is loaded, returns an empty string.
str | issuer name returned in this string. |
long SiCertificate::getCertKeyBits | ( | ) |
returns the strength (number of bits) of the public key contained in the current certificate.
If no certificate is loaded, returns 0.
long SiCertificate::getCertSerialNo | ( | ) |
returns the serial number of the X.509 certificate.
If no certificate is loaded, returns -1.
void SiCertificate::getCertSubjectName | ( | OFString & | str | ) |
returns the subject name (distinguished name) of the current certificate.
If no certificate is loaded, returns an empty string.
str | subject name returned in this string. |
void SiCertificate::getCertValidityNotAfter | ( | OFString & | str | ) |
returns the end of validity of the current certificate in human readable form.
If no certificate is loaded, returns an empty string.
str | end of validity returned in this string. |
void SiCertificate::getCertValidityNotBefore | ( | OFString & | str | ) |
returns the start of validity of the current certificate in human readable form.
If no certificate is loaded, returns an empty string.
str | start of validity returned in this string. |
X509* SiCertificate::getRawCertificate | ( | ) |
returns a pointer to the raw certificate structure or NULL if no certificate present.
Should not be called by users of this library.
long SiCertificate::getX509Version | ( | ) |
returns the format version of the X.509 certificate.
If no certificate is loaded, returns 0.
OFBool SiCertificate::isCertExpiredAt | ( | OFString & | date | ) |
returns true if the certificate expires before the given date.
date | a string in the format YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ (where Z represents the letter 'Z', meaning time zone UTC+0) |
OFBool SiCertificate::isCertExpiredNow | ( | ) | const |
returns true if the certificate is expired.
OFBool SiCertificate::isCertNotYetValidAt | ( | OFString & | date | ) |
returns true if the certificate is not yet valid at the given date.
date | a string in the format YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ (where Z represents the letter 'Z', meaning time zone UTC+0) |
OFBool SiCertificate::isCertNotYetValidNow | ( | ) | const |
returns true if the certificate is not yet valid.
OFBool SiCertificate::isWeakKey | ( | ) |
checks if the length of the public key in the certificate is too short and must be considered weak.
Currently, an RSA or DSA key with less than 1024 bits and an ECDSA key with less than 256 bits are considered weak.
OFCondition SiCertificate::loadCertificate | ( | const char * | filename, |
int | filetype | ||
) |
loads an X.509 certificate from file.
filename | file name of X.509 certificate |
filetype | file format: X509_FILETYPE_PEM or X509_FILETYPE_ASN1 |
OFCondition SiCertificate::read | ( | DcmItem & | item | ) |
reads an X.509 certificate from an item of the Digital Signatures Sequence and checks the certificate type information in the item.
item | item of the DigitalSignatureSQ from which the certificate is read |
OFCondition SiCertificate::write | ( | DcmItem & | item | ) |
writes the current X.509 certificate into an item of the Digital Signatures Sequence and creates the certificate type information in the item.
item | item of the DigitalSignatureSQ to which the certificate is written |