1 /* 2 * 3 * Copyright (C) 1998-2019, OFFIS e.V. 4 * All rights reserved. See COPYRIGHT file for details. 5 * 6 * This software and supporting documentation were developed by 7 * 8 * OFFIS e.V. 9 * R&D Division Health 10 * Escherweg 2 11 * D-26121 Oldenburg, Germany 12 * 13 * 14 * Module: dcmsign 15 * 16 * Author: Norbert Loxen, Marco Eichelberg 17 * 18 * Purpose: 19 * classes: SiPrivateKey 20 * 21 */ 22 23 #ifndef SIPRIVAT_H 24 #define SIPRIVAT_H 25 26 #include "dcmtk/config/osconfig.h" 27 28 #ifdef WITH_OPENSSL 29 30 #include "dcmtk/dcmsign/sitypes.h" 31 #include "dcmtk/ofstd/ofstring.h" 32 33 class SiAlgorithm; 34 class SiCertificate; 35 struct evp_pkey_st; 36 typedef struct evp_pkey_st EVP_PKEY; 37 38 39 /** a class representing a private key. 40 * @remark this class is only available if DCMTK is compiled with 41 * OpenSSL support enabled. 42 */ 43 class DCMTK_DCMSIGN_EXPORT SiPrivateKey 44 { 45 public: 46 /// default constructor 47 SiPrivateKey(); 48 49 ///destructor 50 virtual ~SiPrivateKey(); 51 52 /** sets the password string to be used when loading an 53 * encrypted private key file in PEM format (ASN.1/DER encoded files are never encrypted). 54 * Must be called prior to loadPrivateKey() in order to be effective. 55 * @param thePasswd password string, may be "" or NULL in which case an empty 56 * password is assumed. 57 */ 58 void setPrivateKeyPasswd(const char *thePasswd); 59 60 /** sets the password string to be used when loading an 61 * encrypted private key file to be read from the console stdin. 62 */ 63 void setPrivateKeyPasswdFromConsole(); 64 65 /** loads a private key from file. If the private key is in encrypted PEM 66 * format, the password is either read from console (default) or taken 67 * from an internal setting created with setPrivateKeyPasswd(). 68 * @param filename file name of key 69 * @param filetype file format: X509_FILETYPE_PEM or X509_FILETYPE_ASN1 70 * @return status code 71 */ 72 OFCondition loadPrivateKey(const char *filename, int filetype); 73 74 /** returns the type of public key stored in this certificate 75 */ 76 E_KeyType getKeyType() const; 77 78 /** creates an SiAlgorithm object for the private key contained in this certificate. 79 * If no key is loaded or operation fails, returns NULL. 80 * New SiAlgorithm object must be deleted by caller. 81 * @return pointer to new SiAlgorithm object 82 */ 83 SiAlgorithm *createAlgorithmForPrivateKey(); 84 85 /** checks if the private key and the certificate set using setPrivateKeyFile() 86 * and setCertificateFile() match, i.e. if they establish a private/public key pair. 87 * @return OFTrue if private key and certificate match, OFFalse otherwise. 88 */ 89 OFBool matchesCertificate(SiCertificate& cert); 90 91 /** provides access to the raw private key in OpenSSL format. Use with care! 92 * @return raw private key in OpenSSL format 93 */ 94 EVP_PKEY *getRawPrivateKey(); 95 96 private: 97 98 /// private undefined copy constructor 99 SiPrivateKey(SiPrivateKey& arg); 100 101 /// private undefined copy assignment operator 102 SiPrivateKey& operator=(SiPrivateKey& arg); 103 104 /// contains the password for the private key if set on command line 105 OFString privateKeyPasswd; 106 107 /// true if the privateKeyPasswd contains the password, false otherwise. 108 OFBool usePrivateKeyPassword; 109 110 /// the private key managed by this object, may be NULL if not loaded yet 111 EVP_PKEY* pkey; 112 113 }; 114 115 #endif 116 #endif 117