LEADTOOLS Medical (Leadtools.Dicom assembly) Send comments on this topic. | Back to Introduction - All Topics | Help Version 17.0.3.29
Initialize(String,DicomNetSecurityeMode,DicomOpenSslContextCreationSettings) Method
See Also 
Leadtools.Dicom Namespace > DicomNet Class : Initialize(String,DicomNetSecurityeMode,DicomOpenSslContextCreationSettings) Method



path
The location of the temporary files. This should be the same string that was used in the DicomNet constructor.
mode
The security mode to use when initializing the network structure. This should be the same value that was used in the DicomNet constructor.
openSslContextCreationSettings
A DicomOpenSslContextCreationSettings object that is used to modify the security defaults. This is used only if the parameter mode is DicomNetSecurityeMode.Tls. Pass a null reference (Nothing in Visual Basic) to get the default values.
path
The location of the temporary files. This should be the same string that was used in the DicomNet constructor.
mode
The security mode to use when initializing the network structure. This should be the same value that was used in the DicomNet constructor.
openSslContextCreationSettings
A DicomOpenSslContextCreationSettings object that is used to modify the security defaults. This is used only if the parameter mode is DicomNetSecurityeMode.Tls. Pass a null reference (Nothing in Visual Basic) to get the default values.
Changes security options from the defaults.

Syntax

Visual Basic (Declaration) 
Public Sub Initialize( _
   ByVal path As String, _
   ByVal mode As DicomNetSecurityeMode, _
   ByVal openSslContextCreationSettings As DicomOpenSslContextCreationSettings _
) 
Visual Basic (Usage)Copy Code
Dim instance As DicomNet
Dim path As String
Dim mode As DicomNetSecurityeMode
Dim openSslContextCreationSettings As DicomOpenSslContextCreationSettings
 
instance.Initialize(path, mode, openSslContextCreationSettings)

Parameters

path
The location of the temporary files. This should be the same string that was used in the DicomNet constructor.
mode
The security mode to use when initializing the network structure. This should be the same value that was used in the DicomNet constructor.
openSslContextCreationSettings
A DicomOpenSslContextCreationSettings object that is used to modify the security defaults. This is used only if the parameter mode is DicomNetSecurityeMode.Tls. Pass a null reference (Nothing in Visual Basic) to get the default values.

Example

This is a comprehensive sample that shows how to use DICOM Secure communication using TLS (with more control over the security settings).

Visual BasicCopy Code
<StructLayout(LayoutKind.Sequential)> _
  Public Structure MSG
      Public hwnd As IntPtr
      Public message As UInteger
      Public wParam As IntPtr
      Public lParam As IntPtr
      Public time As UInteger
      Public p As System.Drawing.Point
  End Structure
  Public Enum WaitReturn
      Complete
      Timeout
  End Enum

  Private Class Utils
      <DllImport("user32.dll")> _
      Shared Function PeekMessage(<System.Runtime.InteropServices.Out()> ByRef lpMsg As MSG, ByVal hWnd As IntPtr, ByVal wMsgFilterMin As UInteger, ByVal wMsgFilterMax As UInteger, ByVal wRemoveMsg As UInteger) As <MarshalAs(UnmanagedType.Bool)> Boolean
      End Function

      <DllImport("user32.dll")> _
      Shared Function TranslateMessage(ByRef lpMsg As MSG) As Boolean
      End Function
      <DllImport("user32.dll")> _
      Shared Function DispatchMessage(ByRef lpmsg As MSG) As IntPtr
      End Function

      Private Const PM_REMOVE As UInteger = 1

      Public Shared Function WaitForComplete(ByVal mill As Double, ByVal wh As WaitHandle) As WaitReturn
          Dim goal As TimeSpan = New TimeSpan(DateTime.Now.AddMilliseconds(mill).Ticks)

          Do
              Dim msg As MSG = New MSG()

              If PeekMessage(msg, IntPtr.Zero, 0, 0, PM_REMOVE) Then
                  TranslateMessage(msg)
                  DispatchMessage(msg)
              End If

              If wh.WaitOne(New TimeSpan(0, 0, 0), False) Then
                  Return WaitReturn.Complete
              End If

              If goal.CompareTo(New TimeSpan(DateTime.Now.Ticks)) < 0 Then
                  Return WaitReturn.Timeout
              End If

          Loop While True
      End Function
  End Class

  '
  ' Secure client (TLS)
  '
  Private Class Client : Inherits DicomNet
      Private waitEvent As AutoResetEvent = New AutoResetEvent(False)
   Private clientPEM As String = LeadtoolsExamples.Common.ImagesPath.Path + "client.pem"

   Public Sub New()
      MyBase.New(Nothing, DicomNetSecurityeMode.Tls)
      SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha)
      SetTlsClientCertificate(clientPEM, DicomTlsCertificateType.Pem, Nothing)

      'Over here we can get detailed information about the Cipher Suite
      ' Can also call GetTlsCipherSuiteByIndex
      Dim cipherSuite As DicomTlsCipherSuiteType
      cipherSuite = GetTlsCipherSuite()
      'Returns DicomTlsEncryptionMethodType
      Console.WriteLine("Encryption Algorithm is : {0}", GetTlsEncryptionAlgorithm(cipherSuite))
      'Returns DicomTlsAuthenticationMethodType
      Console.WriteLine("Authentication Algorithm is : {0}", GetTlsAuthenticationAlgorithm(cipherSuite))
      'Returns DicomTlsMacMethodType
      Console.WriteLine("Integrity Algorithm is : {0}", GetTlsIntegrityAlgorithm(cipherSuite))
      'Returns DicomTlsExchangeMethodType
      Console.WriteLine("Key Exchange Algorithm is : {0}", GetTlsKeyExchangeAlgorithm(cipherSuite))
      Console.WriteLine("Encryption Key Length is : {0}", GetTlsEncryptionKeyLength(cipherSuite))
      Console.WriteLine("Mutual Authentication Key Length is : {0}", GetTlsMutualAuthenticationKeyLength(cipherSuite))

   End Sub

   Public Function Wait() As Boolean
      Dim ret As WaitReturn

      ret = Utils.WaitForComplete((5 * 60) * 1000, waitEvent)

      Return (ret = WaitReturn.Complete)
   End Function

   Protected Overrides Sub OnConnect(ByVal [error] As DicomExceptionCode)
      waitEvent.Set()
   End Sub

   Protected Overrides Function OnPrivateKeyPassword(ByVal encryption As Boolean) As String
      Return "test"
   End Function

   Protected Overrides Sub OnSecureLinkReady(ByVal [error] As DicomExceptionCode)
      waitEvent.Set()
   End Sub
End Class

'
' Secure server (TLS) connection with a client
'
Private Class ServerConnection : Inherits DicomNet

   Public Sub New()
      MyBase.New(Nothing, DicomNetSecurityeMode.Tls, False)

   End Sub

   Protected Overrides Function OnPrivateKeyPassword(ByVal encryption As Boolean) As String
      Return "test"
   End Function
End Class

Private Class Server : Inherits DicomNet
   Private client As ServerConnection
   Private certificationAuthoritiesFileName As String = LeadtoolsExamples.Common.ImagesPath.Path + "CA.pem"

   Public Sub New()
      MyBase.New(Nothing, DicomNetSecurityeMode.None)
   End Sub

   Protected Overrides Sub OnAccept(ByVal [error] As DicomExceptionCode)
      Dim serverPEM As String = LeadtoolsExamples.Common.ImagesPath.Path + "server.pem"
      client = New ServerConnection()
      'Require and verify a client certificate.
      'Support SSL version 3 or TLS Version 1 for the handshake.
      'Use trusted certificate authority file to verify the client certificate
      'Verify the client certificate chain to a maximum depth of 2.
      Dim settings As New DicomOpenSslContextCreationSettings(DicomSslMethodType.TlsV1, _
         certificationAuthoritiesFileName, _
         DicomOpenSslVerificationFlags.Peer Or DicomOpenSslVerificationFlags.FailIfNoPeerCertificate, _
         2, _
         DicomOpenSslOptionsFlags.NoSslV2 Or DicomOpenSslOptionsFlags.AllBugWorkarounds)
      'You can use the properties too, to specify the context creation settings.
      settings.MethodType = DicomSslMethodType.SslV23
      settings.CertificationAuthoritiesFileName = certificationAuthoritiesFileName
      settings.VerificationFlags = DicomOpenSslVerificationFlags.Peer Or DicomOpenSslVerificationFlags.FailIfNoPeerCertificate
      settings.Options = DicomOpenSslOptionsFlags.NoSslV2 Or DicomOpenSslOptionsFlags.AllBugWorkarounds

      client.Initialize(Nothing, DicomNetSecurityeMode.Tls, settings)
      client.SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha)
      client.SetTlsClientCertificate(serverPEM, DicomTlsCertificateType.Pem, Nothing)

      Accept(client)

   End Sub

   Protected Overloads Overrides Sub Dispose(ByVal __p1 As Boolean)
      client.Dispose()
      MyBase.Dispose(__p1)
   End Sub
End Class



  Public Sub TLSSecuritySample()
      DicomEngine.Startup()
      DicomNet.Startup()

      Using server As Server = New Server()
          Using client As Client = New Client()
              server.Listen("127.0.0.1", 104, 1) ' start server
              client.Connect(Nothing, 1000, "127.0.0.1", 104) ' connect to server
              If (Not client.Wait()) Then ' wait for connection to finish
                  Debug.Fail("Connection timed out")
              End If

              Debug.Assert(client.IsConnected(), "Client not connected")

              '
              ' Wait for authenication
              '
              If (Not client.Wait()) Then
                  Debug.Fail("Connection timed out waiting for authenication")
              End If

              ' Once two computers have negotiated the ciphersuite, and have 
              ' authenticated each other, they can begin transferring 
              ' messages and data between them.

              ' Continue with normal dicom communication

              client.CloseForced(True)
          End Using
          server.CloseForced(True)
      End Using

      DicomEngine.Shutdown()
      DicomNet.Shutdown()
  End Sub
C#Copy Code
[StructLayout(LayoutKind.Sequential)]
public struct MSG
{
    public IntPtr hwnd;
    public uint message;
    public IntPtr wParam;
    public IntPtr lParam;
    public uint time;
    public System.Drawing.Point p;
}
public enum WaitReturn
{
    Complete,
    Timeout,
}

class Utils
{
    [DllImport("user32.dll")]
    [return: MarshalAs(UnmanagedType.Bool)]
    static extern bool PeekMessage(out MSG lpMsg, IntPtr hWnd,
                                   uint wMsgFilterMin, uint wMsgFilterMax,
                                   uint wRemoveMsg);

    [DllImport("user32.dll")]
    static extern bool TranslateMessage([In] ref MSG lpMsg);
    [DllImport("user32.dll")]
    static extern IntPtr DispatchMessage([In] ref MSG lpmsg);

    const uint PM_REMOVE = 1;

    public static WaitReturn WaitForComplete(double mill, WaitHandle wh)
    {
        TimeSpan goal = new TimeSpan(DateTime.Now.AddMilliseconds(mill).Ticks);

        do
        {
            MSG msg = new MSG();

            if (PeekMessage(out msg, IntPtr.Zero, 0, 0, PM_REMOVE))
            {
                TranslateMessage(ref msg);
                DispatchMessage(ref msg);
            }

            if (wh.WaitOne(new TimeSpan(0, 0, 0), false))
            {
                return WaitReturn.Complete;
            }

            if (goal.CompareTo(new TimeSpan(DateTime.Now.Ticks)) < 0)
            {
                return WaitReturn.Timeout;
            }

        } while (true);
    }
}

//
// Secure client (TLS)
//
class Client : DicomNet
{
    AutoResetEvent waitEvent = new AutoResetEvent(false);
    string clientPEM = LeadtoolsExamples.Common.ImagesPath.Path + "client.pem";

    public Client()
        : base(null, DicomNetSecurityeMode.Tls)
    {
       SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha);
       SetTlsClientCertificate(clientPEM,DicomTlsCertificateType.Pem, null);
    }

    public bool Wait()
    {
        WaitReturn ret;

        ret = Utils.WaitForComplete((5 * 60) * 1000, waitEvent);

        return (ret == WaitReturn.Complete);
    }

    protected override void OnConnect(DicomExceptionCode error)
    {
        waitEvent.Set();
    }

    protected override string OnPrivateKeyPassword(bool encryption)
    {
        return "test";
    }

    protected override void OnSecureLinkReady(DicomExceptionCode error)
    {
        waitEvent.Set();
    }
}

//
// Secure server (TLS) connection with a client
//
class ServerConnection : DicomNet
{
    public ServerConnection()
        : base(null, DicomNetSecurityeMode.Tls, false)
    {

    }

    protected override string OnPrivateKeyPassword(bool encryption)
    {
        return "test";
    }
}

class Server : DicomNet
{
    ServerConnection client;

    public Server()
        : base(null, DicomNetSecurityeMode.None)
    {
    }

    protected override void OnAccept(DicomExceptionCode error)
    {
       string serverPEM = LeadtoolsExamples.Common.ImagesPath.Path + "server.pem";
       client = new ServerConnection();
       if (client != null)
       {
          string certificationAuthoritiesFileName = LeadtoolsExamples.Common.ImagesPath.Path + "CA.pem";
          //Require and verify a client certificate.
          //Support SSL version 3 or TLS Version 1 for the handshake.
          //Use trusted certificate authority file to verify the client certificate
          //Verify the client certificate chain to a maximum depth of 2.
          DicomOpenSslContextCreationSettings settings = new DicomOpenSslContextCreationSettings(DicomSslMethodType.TlsV1, 
             certificationAuthoritiesFileName,
             DicomOpenSslVerificationFlags.Peer |
             DicomOpenSslVerificationFlags.FailIfNoPeerCertificate,
             2,
             DicomOpenSslOptionsFlags.NoSslV2|
             DicomOpenSslOptionsFlags.AllBugWorkarounds);
          //You can use the properties too, to specify the context creation settings.
          //settings.MethodType = DicomSslMethodType.SslV23;
          //settings.CertificationAuthoritiesFileName = certificationAuthoritiesFileName;
          //settings.VerificationFlags =  DicomOpenSslVerificationFlags.Peer |
          //                              DicomOpenSslVerificationFlags.FailIfNoPeerCertificate;
          //settings.Options = DicomOpenSslOptionsFlags.NoSslV2| DicomOpenSslOptionsFlags.AllBugWorkarounds;
          client.Initialize(null, DicomNetSecurityeMode.Tls, settings);
          client.SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha);
          client.SetTlsClientCertificate(serverPEM, DicomTlsCertificateType.Pem, null);
       }
       Accept(client);
    }

    protected override void Dispose(bool __p1)
    {
        client.Dispose();
        base.Dispose(__p1);
    }
}


public void TLSSecuritySample()
{
    DicomEngine.Startup();
    DicomNet.Startup();

    using (Server server = new Server())
    {
        using (Client client = new Client())
        {
            server.Listen("127.0.0.1", 104, 1); // start server
            client.Connect(null, 1000, "127.0.0.1", 104); // connect to server
            if (!client.Wait()) // wait for connection to finish
            {
                Debug.Fail("Connection timed out");
            }

            Debug.Assert(client.IsConnected(), "Client not connected");

            //
            // Wait for authenication
            //
            if (!client.Wait())
            {
                Debug.Fail("Connection timed out waiting for authenication");
            }

            // Once two computers have negotiated the ciphersuite, and have 
            // authenticated each other, they can begin transferring 
            // messages and data between them.

            // Continue with normal dicom communication

            client.CloseForced(true);
        }
        server.CloseForced(true);
    }

    DicomEngine.Shutdown();
    DicomNet.Shutdown();
}
SilverlightCSharpCopy Code
SilverlightVBCopy Code

Remarks

This method is to be used in conjunction with the DicomNet(string, DicomNetSecurityeMode, bool) constructor when changing security options from the defaults. Note that when using the DicomNet(string, DicomNetSecurityeMode, bool) version of the constructor, in addition to calling Leadtools.Dicom.DicomNet.Startup, it is also necessary to call Initialize(String,DicomNetSecurityeMode,DicomOpenSslContextCreationSettings) in order to prepare the DicomNet object for use. Use the openSslContextCreationSettings parameter when the security mode is set to DicomNetSecurityeMode.Tls.

Note that the following uses of the DicomNet constructors are functionally equivalent:

  1.             DicomNet net = new DicomNet(path, mode);
                
    
  2.             DicomNet net = new DicomNet(path, mode, false);
                net.Initialize(path, mode, null);
                
    

Requirements

Target Platforms: Silverlight 3.0, Windows XP, Windows Server 2003 family, Windows Server 2008 family, Windows Vista, Windows 7, MAC OS/X (Intel Only)

See Also

Leadtools.Dicom requires a Medical toolkit server license and unlock key. For more information, refer to: Imaging Pro/Document/Medical Features