$dcmtk: dcmsign v3.6.2 2017-07-14 $ dcmsign: Sign and Verify DICOM Files Host type: Debian Character encoding: US-ASCII External libraries used: - ZLIB, Version 1.2.11 - OpenSSL 1.0.2g 1 Mar 2016

$dcmtk: dcmsign v3.6.2 2017-07-14 $ dcmsign: Sign and Verify DICOM Files usage: dcmsign [options] dcmfile-in [dcmfile-out] parameters: dcmfile-in DICOM input filename to be processed dcmfile-out DICOM output filename general options: -h --help print this help text and exit --version print version information and exit --arguments print expanded command line arguments -q --quiet quiet mode, print no warnings and errors -v --verbose verbose mode, print processing details -d --debug debug mode, print debug information -ll --log-level [l]evel: string constant (fatal, error, warn, info, debug, trace) use level l for the logger -lc --log-config [f]ilename: string use config file f for the logger input options: input file format: +f --read-file read file format or data set (default) +fo --read-file-only read file format only -f --read-dataset read data set without file meta information input transfer syntax: -t= --read-xfer-auto use TS recognition (default) -td --read-xfer-detect ignore TS specified in the file meta header -te --read-xfer-little read with explicit VR little endian TS -tb --read-xfer-big read with explicit VR big endian TS -ti --read-xfer-implicit read with implicit VR little endian TS signature commands: --verify verify all signatures (default) +s --sign [p]rivate key file, [c]ertificate file: string create signature in main object +si --sign-item [k]eyfile, [c]ertfile, [i]tem location: string create signature in sequence item +r --remove [s]ignature UID: string remove signature +ra --remove-all remove all signatures from data set signature creation options (only with --sign or --sign-item): private key password: +ps --std-passwd prompt user to type password on stdin (default) +pw --use-passwd [p]assword: string use specified password -pw --null-passwd use empty string as password key and certificate file format: -pem --pem-keys read keys/certificates as PEM file (default) -der --der-keys read keys/certificates as DER file digital signature profile: -pf --profile-none don't enforce any signature profile (default) +pb --profile-base enforce base RSA signature profile +pc --profile-creator enforce creator RSA signature profile +pa --profile-auth enforce authorization signature profile MAC algorithm: +mr --mac-ripemd160 use RIPEMD 160 (default) +ms --mac-sha1 use SHA-1 +mm --mac-md5 use MD 5 +m2 --mac-sha256 use SHA-256 +m3 --mac-sha384 use SHA-384 +m5 --mac-sha512 use SHA-512 tag selection: -t --tag [t]ag: "gggg,eeee" or dictionary name sign only specified tag (this option can be specified multiple times) -tf --tag-file [f]ilename: string read list of tags from text file signature format: -fn --format-new use correct DICOM signature format (default) -fo --format-old use old (pre-3.5.4) DCMTK signature format, non-conformant if signature includes compressed pixel data output options: output transfer syntax: +t= --write-xfer-same write with same TS as input (default) +te --write-xfer-little write with explicit VR little endian TS +tb --write-xfer-big write with explicit VR big endian TS +ti --write-xfer-implicit write with implicit VR little endian TS length encoding in sequences and items: +e --length-explicit write with explicit lengths (default) -e --length-undefined write with undefined lengths other output options: +d --dump [f]ilename: string dump byte stream fed into the MAC codec to file (only with --sign or --sign-item)