DCMTK
Version 3.6.7
OFFIS DICOM Toolkit
|
Base class for a timestamp client. More...
Public Member Functions | |
SiTimeStamp () | |
default constructor | |
virtual | ~SiTimeStamp () |
destructor | |
virtual OFCondition | stamp (const unsigned char *inputData, unsigned long inputDataSize)=0 |
takes a block of raw data and requests a time stamp for this raw data. More... | |
virtual OFCondition | read (DcmItem &item) |
reads the current timestamp from an item of the Digital Signatures Sequence and creates a timestamp ticket object. More... | |
virtual OFCondition | write (DcmItem &item)=0 |
writes the current timestamp into an item of the Digital Signatures Sequence and creates the timestamp type information in the item. More... | |
virtual void | setPolicyOID (const char *oid) |
set the requested policy OID to be included into the time stamp query More... | |
virtual void | setNonce (OFBool nonce) |
sets the flag controlling whether or not a nonce is included into the timestamp query. More... | |
virtual void | setCertificateRequested (OFBool creq) |
sets the flag controlling whether the timestamp authority will be requested to include its certificate into the timestamp reply. More... | |
virtual void | setMAC (E_MACType mac) |
sets the message authentication code to be used for creating the hash value in the timestamp query. More... | |
virtual OFBool | have_tsinfo () const |
checks if this object contains a timestamp ticket info object More... | |
virtual long | get_tsinfo_version () const |
returns the timestamp ticket info version number More... | |
virtual void | get_tsinfo_policy_oid (OFString &oid) const |
returns the timestamp ticket info policy OID More... | |
virtual void | get_tsinfo_imprint_algorithm_name (OFString &mac) const |
returns the timestamp ticket info MAC algorithm name More... | |
virtual void | get_tsinfo_serial_number (OFString &serial) const |
returns the timestamp ticket info serial number More... | |
virtual void | get_tsinfo_nonce (OFString &nonce) const |
returns the timestamp ticket info nonce, if present More... | |
virtual void | get_tsinfo_tsa_name (OFString &tsa) const |
returns the timestamp ticket info timestamp authority (TSA) name, if present More... | |
virtual OFBool | get_tsinfo_ordering () const |
returns the timestamp ticket info ordering flag More... | |
virtual void | get_tsinfo_accuracy (OFString &accuracy) const |
returns the timestamp ticket info accuracy, if present More... | |
virtual void | get_tsinfo_timestamp (OFString &ts) const |
returns the timestamp date/time information, if present More... | |
virtual int | get_tsinfo_numextensions () const |
returns the number of extensions in the timestamp ticket More... | |
virtual void | get_tsinfo_extension (OFString &ext, int idx) const |
returns one timestamp extension, if present More... | |
virtual OFCondition | verifyTSSignature (SiCertificateVerifier &cv) |
this method performs the following functions: More... | |
virtual OFCondition | verifyTSToken (SiCertificateVerifier &cv, DcmItem &ditem, SiCertificate &cert) |
Verify the timestamp token by checking that its imprint is indeed a hash of the DICOM signature, that the version number is as expected and that the TSA name, if provided in the timestamp ticket structure, matches the name of the TSA given in the TSA certificate. More... | |
void | lastError (OFString &err) const |
returns an error string containing a textual description of the result of the last call to verifyTSSignature() or verifyTSToken() if that call returned SI_EC_TimestampSignatureVerificationFailed. More... | |
Protected Member Functions | |
virtual OFCondition | create_ts_query (const unsigned char *inputData, unsigned long inputDataSize) |
takes a block of raw data, computes a message digest and creates a time stamp query object. More... | |
virtual TS_REQ * | getTSQ () |
return pointer to timestamp query object, may be NULL. More... | |
virtual TS_RESP * | getTSR () |
return pointer to timestamp response object, may be NULL. More... | |
virtual PKCS7 * | getTS () |
return pointer to timestamp ticket object, may be NULL. More... | |
virtual TS_TST_INFO * | getTSInfo () |
return pointer to timestamp ticket info object, may be NULL. More... | |
virtual OFCondition | load_ts_query (const char *fname) |
load timestamp query from file More... | |
virtual OFCondition | load_ts_response (const char *fname) |
load timestamp response from file More... | |
Static Protected Member Functions | |
static OFCondition | check_ts_response (TS_REQ *tsq, TS_RESP *tsr, DcmItem &ditem) |
check consistency between timestamp query (if available), timestamp response and DICOM digital signature. More... | |
static OFCondition | write_ts_token (TS_RESP *tsr, DcmItem &ditem) |
insert timestamp token into DICOM dataset The timestamp response must have been checked prior to this method call. More... | |
Private Attributes | |
OFString | tsq_policy_ |
time stamping policy OID to be included in the time stamp query. Default is empty. | |
E_MACType | tsq_mac_ |
MAC algorithm for creating the hash key to be timestamped. Default is SHA-256. | |
OFBool | tsq_use_nonce_ |
Use a pseudo-random nonce in the time stamp query. Default is OFTrue. | |
OFBool | tsq_certificate_requested_ |
Request the TSA certificate to be embedded into the time stamp reply. Default is OFTrue. | |
TS_REQ * | tsq_ |
pointer to time stamp request object, may be NULL | |
TS_RESP * | tsr_ |
pointer to time stamp response object, may be NULL | |
PKCS7 * | ts_ |
pointer to time stamp ticket object, may be NULL | |
TS_TST_INFO * | tsinfo_ |
pointer to time stamp ticket info object (extracted from the timestamp ticket), may be NULL | |
long | errorCode_ |
OpenSSL X.509 certificate verification error code for the last operation. | |
const char * | errorString_ |
error string for the last operation, valid if errorCode_ < 0 | |
Base class for a timestamp client.
Instances of derived classes are able to request timestamps from a timestamp service. This class implements the code needed to create a timestamp request and to insert a timestamp reply into a DICOM dataset, but not the protocol for actually interacting with a timestamp authority.
|
staticprotected |
check consistency between timestamp query (if available), timestamp response and DICOM digital signature.
tsq | pointer to timestamp query, may be NULL |
tsr | pointer to timestamp response, must not be NULL |
ditem | item of the DigitalSignaturesSequence to which this timestamp belongs |
|
protectedvirtual |
takes a block of raw data, computes a message digest and creates a time stamp query object.
inputData | pointer to raw data |
inputDataSize | length of raw data block in bytes |
|
virtual |
returns the timestamp ticket info accuracy, if present
accuracy | upon return, contains the accuracy if available, an empty string otherwise |
|
virtual |
returns one timestamp extension, if present
ext | upon return, contains the timestamp extension if present, an empty string otherwise |
idx | number of the extension, 0 <= idx < get_tsinfo_numextensions(). |
|
virtual |
returns the timestamp ticket info MAC algorithm name
mac | upon return, contains the MAC algorithm name if available, an empty string otherwise |
|
virtual |
returns the timestamp ticket info nonce, if present
nonce | upon return, contains the nonce if available, an empty string otherwise |
|
virtual |
returns the number of extensions in the timestamp ticket
|
virtual |
returns the timestamp ticket info ordering flag
|
virtual |
returns the timestamp ticket info policy OID
oid | upon return, contains the policy OID if available, an empty string otherwise |
|
virtual |
returns the timestamp ticket info serial number
serial | upon return, contains the serial number if available, an empty string otherwise |
|
virtual |
returns the timestamp date/time information, if present
ts | upon return, contains the timestamp date/time information, an empty string otherwise |
|
virtual |
returns the timestamp ticket info timestamp authority (TSA) name, if present
tsa | upon return, contains the TSA name if available, an empty string otherwise |
|
virtual |
returns the timestamp ticket info version number
|
inlineprotectedvirtual |
return pointer to timestamp ticket object, may be NULL.
|
inlineprotectedvirtual |
return pointer to timestamp ticket info object, may be NULL.
|
inlineprotectedvirtual |
return pointer to timestamp query object, may be NULL.
|
inlineprotectedvirtual |
return pointer to timestamp response object, may be NULL.
|
virtual |
checks if this object contains a timestamp ticket info object
void SiTimeStamp::lastError | ( | OFString & | err | ) | const |
returns an error string containing a textual description of the result of the last call to verifyTSSignature() or verifyTSToken() if that call returned SI_EC_TimestampSignatureVerificationFailed.
err | text string returned in this parameter |
|
protectedvirtual |
load timestamp query from file
fname | filename, must not be NULL |
|
protectedvirtual |
load timestamp response from file
fname | filename, must not be NULL |
|
virtual |
reads the current timestamp from an item of the Digital Signatures Sequence and creates a timestamp ticket object.
item | item of the DigitalSignatureSQ from which the timestamp is read |
|
virtual |
sets the flag controlling whether the timestamp authority will be requested to include its certificate into the timestamp reply.
A timestamp reply with certificate is easier to verify, as less external key material is required, but somewhat larger. Default is OFTrue;
creq | OFTrue if certificate should be requested, OFFalse otherwise |
|
virtual |
sets the message authentication code to be used for creating the hash value in the timestamp query.
Default is SHA256.
creq | OFTrue if certificate should be requested, OFFalse otherwise |
|
virtual |
sets the flag controlling whether or not a nonce is included into the timestamp query.
Since a nonce is a protection against replay attack, normally it should be included, and this is also the default.
nonce | OFTrue if nonce should be included, OFFalse otherwise |
|
virtual |
set the requested policy OID to be included into the time stamp query
oid | policy OID, NULL for no policy (which is the default). |
|
pure virtual |
takes a block of raw data and requests a time stamp for this raw data.
inputData | pointer to raw data |
inputDataSize | length of raw data block in bytes |
Implemented in SiTimeStampFS.
|
virtual |
this method performs the following functions:
cv | container for the certificates used during verification |
|
virtual |
Verify the timestamp token by checking that its imprint is indeed a hash of the DICOM signature, that the version number is as expected and that the TSA name, if provided in the timestamp ticket structure, matches the name of the TSA given in the TSA certificate.
cv | container for the certificates used during verification |
ditem | item of the Digital Signatures Sequence containing the timestamp |
cert | certificate of the signer of the DICOM signature, used to check the date/time of the timestamp against the validity period of the certificate |
|
pure virtual |
writes the current timestamp into an item of the Digital Signatures Sequence and creates the timestamp type information in the item.
item | item of the DigitalSignatureSQ to which the timestamp is written |
Implemented in SiTimeStampFS.
|
staticprotected |
insert timestamp token into DICOM dataset The timestamp response must have been checked prior to this method call.
tsr | pointer to timestamp response, must not be NULL |
ditem | item of the DigitalSignaturesSequence to which this timestamp is written |