This module contains classes to create digital signatures in DICOM data sets, to verify and to remove signatures. Signatures are conforming to the DICOM "Digital
Signatures" extension (formerly Supplement 41). This module requires the external OpenSSL library.
The main interface classes are:
Tools
This module contains the following command line tool:
Examples
The following example shows how to verify all signatures in a DICOM file:
{
X509_FILETYPE_PEM).
bad())
{
cerr << "unable to load CA certificate" << endl;
return;
}
if (result == 0)
std::cerr << "signature(s) found and successfully verified" << endl;
else
std::cerr << "signature absent or verification failed" << endl;
}
static int do_verify(DcmItem *dataset, SiCertificateVerifier &certVerifier, E_SignatureVerificationPolicy verificationPolicy, E_TimestampVerificationPolicy timstampPolicy)
verify all signatures in the given dataset and print results to stdout.
OFBool bad() const
check if the status is not OK, i.e. error or failure.
Definition: ofcond.h:302
OFBool good() const
check if the status is OK.
Definition: ofcond.h:293
a class representing X.509 public key certificates.
Definition: sicertvf.h:44
virtual OFCondition addTrustedCertificateFile(const char *fileName, int fileType)
loads a certificate from a file and adds it to the pool of trusted certificates.
@ ESVP_requireSignature
fail if no signature is present at all but do not check any signature profile
Definition: sitypes.h:125
@ ETVP_verifyTSIfPresent
verify timestamp if present, pass otherwise
Definition: sitypes.h:144
The following example shows how to sign a DICOM file:
{
SiRIPEMD160 mac;
{
cerr << "unable to load certificate" << endl;
return;
}
{
cerr << "unable to load private key" << endl;
return;
}
key, cert, &mac, &profile, &tags, xfer, NULL,
if (result == 0)
std::cerr << "signature successfully created" << endl;
else
std::cerr << "signature creation failed" << endl;
}
a class representing the DICOM value representation 'Attribute Tag' (AT)
Definition: dcvrat.h:38
a class handling the DICOM dataset format (files without meta header)
Definition: dcdatset.h:42
E_TransferSyntax getOriginalXfer() const
return the transfer syntax in which this dataset was originally read or created.
static int do_sign(DcmItem *dataset, SiPrivateKey &key, SiCertificate &cert, SiMAC *opt_mac, SiSecurityProfile *opt_profile, DcmAttributeTag *opt_tagList, E_TransferSyntax opt_signatureXfer, FILE *dumpFile, SiSignaturePurpose::E_SignaturePurposeType opt_sigPurpose, SiTimeStamp *timeStamp=NULL)
perform a signature operation on a given dataset
a class representing X.509 public key certificates.
Definition: sicert.h:47
OFCondition loadCertificate(const char *filename, int filetype)
loads an X.509 certificate from file.
Creator RSA Digital Signature Profile.
Definition: sicreapr.h:37
a class representing a private key.
Definition: siprivat.h:44
OFCondition loadPrivateKey(const char *filename, int filetype)
loads a private key from file.
@ ESP_none
no signature purpose specified
Definition: sipurpos.h:51
E_TransferSyntax
enumeration of all DICOM transfer syntaxes known to the toolkit
Definition: dcxfer.h:37
@ EXS_LittleEndianExplicit
Explicit VR Little Endian.
Definition: dcxfer.h:45
@ EXS_LittleEndianImplicit
Implicit VR Little Endian.
Definition: dcxfer.h:41
@ EXS_BigEndianExplicit
Explicit VR Big Endian.
Definition: dcxfer.h:47