1 /*
2  *
3  *  Copyright (C) 1998-2019, OFFIS e.V.
4  *  All rights reserved.  See COPYRIGHT file for details.
5  *
6  *  This software and supporting documentation were developed by
7  *
8  *    OFFIS e.V.
9  *    R&D Division Health
10  *    Escherweg 2
11  *    D-26121 Oldenburg, Germany
12  *
13  *
14  *  Module: dcmsign
15  *
16  *  Author: Marco Eichelberg
17  *
18  *  Purpose:
19  *    classes: SiNullProfile
20  *
21  */
22 
23 #ifndef SINULLPR_H
24 #define SINULLPR_H
25 
26 #include "dcmtk/config/osconfig.h"
27 
28 #ifdef WITH_OPENSSL
29 
30 #include "dcmtk/dcmsign/sisprof.h"   /* for SiSecurityProfile */
31 
32 /** defines a "null" security profile that does not require or forbid any
33  *  MAC algorithm, signature algorithm, or attribute tag. This class can be
34  *  used to clean up a proposed attribute list against a dataset.
35  *  @remark this class is only available if DCMTK is compiled with
36  *  OpenSSL support enabled.
37  */
38 class DCMTK_DCMSIGN_EXPORT SiNullProfile: public SiSecurityProfile
39 {
40 public:
41 
42   /// default constructor
SiNullProfile()43   SiNullProfile() { }
44 
45   /// destructor
~SiNullProfile()46   virtual ~SiNullProfile() { }
47 
48   /** checks whether the given MAC type can be used with this security profile.
49    *  @param macType MAC type to be checked
50    *  @return true if MAC type is allowable for this profile, false otherwise.
51    */
52   virtual OFBool isAllowableMACType(E_MACType macType) const;
53 
54   /** checks whether the given public/private key algorithm can be used with this security profile.
55    *  @param keyType public key algorithm type to be checked
56    *  @return true if public key algorithm is allowable for this profile, false otherwise.
57    */
58   virtual OFBool isAllowableAlgorithmType(E_KeyType keyType) const;
59 
60   /** checks whether the given transfer syntax can be used with this security profile
61    *  @param xfer transfer syntax to be checked
62    *  @return true if transfer syntax is allowable for this profile, false otherwise.
63    */
64   virtual OFBool isAllowableTransferSyntax(E_TransferSyntax xfer) const;
65 
66   /** checks whether an attribute with the given tag is required to be signed
67    *  for the current security profile if the attribute is present in the dataset
68    *  @param key tag key to be checked
69    *  @return true if required, false otherwise.
70    */
71   virtual OFBool attributeRequiredIfPresent(const DcmTagKey& key) const;
72 
73   /** checks whether all attributes that are required unconditionally
74    *  to be signed in this profile are included in the given tagList.
75    *  @param taglist attribute tag list
76    *  @return true if requirements for profile are fulfilled, false otherwise.
77    */
78   virtual OFBool checkRequiredAttributeList(DcmAttributeTag& tagList) const;
79 
80   /** checks whether an attribute with the given tag must not be signed
81    *  for the current security profile.
82    *  @param key tag key to be checked
83    *  @return true if attribute must not be signed, false otherwise.
84    */
85   virtual OFBool attributeForbidden(const DcmTagKey& key) const;
86 
87   /** some digital signature profiles specify conditions under which certain
88    *  attributes must be included into the signature.
89    *  This method allows the signature profile to inspect the dataset in order
90    *  to determine whether or not the conditions are met.
91    *  This method should be called before DcmSignature::createSignature() is executed.
92    *  @param item the dataset or item to which the signature will be added
93    *  @return status code
94    */
95   virtual OFCondition inspectSignatureDataset(DcmItem &item);
96 
97   /** returns true if this signature profile only applies to main dataset level
98    *  @return OFTrue if this signature profile only applies to main dataset level, OFFalse otherwise
99    */
100   virtual OFBool mainDatasetRequired() const;
101 
102 };
103 
104 #endif
105 #endif
106