Verifies Digital Signatures in the Data Set.
#include "ltdic.h"
L_LTDIC_API L_UINT16 L_DicomVerifySignature(hDS, pSignatureItem, uReserved)
A DICOM handle.
Pointer to a DICOMELEMENT structure that specifies the Digital Signatures Sequence Item which corresponds to the Digital Signature to be verified. To verify all the Digital Signatures in the entire Data Set, set this parameter to NULL.
Reserved for future use. This must be set to 0.
Value | Meaning |
---|---|
DICOM_SUCCESS | The Digital Signature(s) was/were verified successfully. |
DICOM_ERROR_INVALID_SIGNATURE | The Digital Signature is invalid or at least one of the Digital Signatures is invalid. |
(Otherwise) | An error occurred. Refer to Return Codes. |
To verify all the Digital Signatures in the entire Data Set, set the pSignatureItem parameter to NULL. If at least one of these Digital Signatures is invalid, the function returns DICOM_ERROR_INVALID_SIGNATURE and does not examine the remaining Digital Signatures, if there are any.
Win32, x64
L_INT DicomVerifySignatureExample(
HDICOMDS hDS,
pDICOMELEMENT pSignatureItem)
{
L_TCHAR szMsg[1024] = TEXT("");
// The Digital Signature UID
L_TCHAR* pszSignatureUID;
// The Digital Signature DateTime
pVALUEDATETIME pSignatureDateTime;
// The MAC Calculation Transfer Syntax UID
L_TCHAR* pszMacTransferSyntax;
// The MAC Algorithm
L_TCHAR* pszMacAlgorithm;
// Verify the Digital Signature; if pSignatureItem is NULL, the function
// will verify all the Digital Signatures that exist in the Data Set
L_UINT16 uRet = L_DicomVerifySignature(hDS,pSignatureItem,0);
switch (uRet)
{
case DICOM_SUCCESS:
if (pSignatureItem)
{
MessageBox(NULL,
TEXT("The Digital Signature was verified."),
TEXT("Sample"),
MB_OK);
}
else
{
MessageBox(NULL,
TEXT("All Digital Signatures were verified (if there are any)."),
TEXT("Sample"),
MB_OK);
return uRet;
}
break;
case DICOM_ERROR_INVALID_SIGNATURE:
if (pSignatureItem)
{
MessageBox(NULL,
TEXT("The Digital Signature is invalid."),
TEXT("Sample"),
MB_OK);
}
else
{
MessageBox(NULL,
TEXT("At least one Digital Signature is invalid."),
TEXT("Sample"),
MB_OK);
}
return uRet;
default:
wsprintf(szMsg, TEXT("An error occurred [Error: %hu]."), uRet);
MessageBox(NULL, szMsg, TEXT("Sample"), MB_OK);
return uRet;
}
pszSignatureUID = L_DicomGetSignatureUID(hDS,pSignatureItem);
if (pszSignatureUID)
wsprintf(szMsg, TEXT("Digital Signature UID: %s\n"), pszSignatureUID);
pSignatureDateTime = L_DicomGetSignatureDateTime(hDS,pSignatureItem);
if (pSignatureDateTime)
{
wsprintf(szMsg, TEXT("%sDigital Signature DateTime: %02hu/%02hu/%04hu %02hu:%02hu:%02hu.%06lu %c%04li\n"),
szMsg,
pSignatureDateTime->nMonth,
pSignatureDateTime->nDay,
pSignatureDateTime->nYear,
pSignatureDateTime->nHours,
pSignatureDateTime->nMinutes,
pSignatureDateTime->nSeconds,
pSignatureDateTime->nFractions,
(pSignatureDateTime->nOffset >= 0) ? '+' : '-',
pSignatureDateTime->nOffset);
}
pszMacTransferSyntax = L_DicomGetMacTransferSyntax(hDS,pSignatureItem);
if (pszMacTransferSyntax)
{
wsprintf(szMsg, TEXT("%sMAC Calculation Transfer Syntax UID: %s\n"),
szMsg,
pszMacTransferSyntax);
}
pszMacAlgorithm = L_DicomGetMacAlgorithm(hDS,pSignatureItem);
if (pszMacAlgorithm)
{
wsprintf(szMsg, TEXT("%sMAC Algorithm: %s\n"),
szMsg,
pszMacAlgorithm);
}
// The Data Elements Signed
if (L_DicomGetSignedElementsCount(hDS,pSignatureItem) > 0)
{
// We will display only one
pDICOMELEMENT pSignedElement;
lstrcat(szMsg, TEXT("Data Elements Signed: "));
pSignedElement = L_DicomGetSignedElement(hDS,pSignatureItem, 0);
if (pSignedElement)
{
wsprintf(szMsg, TEXT("%s(%04X,%04X), ..."),
szMsg,
GETGROUP(pSignedElement->nTag),
GETELEMENT(pSignedElement->nTag));
}
lstrcat(szMsg, TEXT("\n"));
}
lstrcat(szMsg, TEXT("\nDo you want to save the Certificate of Signer?"));
// Display the information we have about the Digital Signature
if (MessageBox(NULL, szMsg, TEXT("Sample"), MB_YESNO) == IDYES)
{
// Save the Certificate of Signer
uRet = L_DicomSaveCertificate(hDS,pSignatureItem, MAKE_IMAGE_PATH(TEXT("CertOfSigner.cer")),DICOM_CERTIFICATE_FORMAT_PEM);
if (uRet != DICOM_SUCCESS)
return uRet;
}
return DICOM_SUCCESS;
}