←Select platform

Initialize Method (DicomNet)

Summary

Changes security options from the defaults.

Syntax

C++

public void Initialize(  
   string path, 
   Leadtools.Dicom.DicomNetSecurityeMode mode, 
   Leadtools.Dicom.DicomOpenSslContextCreationSettings openSslContextCreationSettings 
)

Public Sub Initialize( _ 
   ByVal path As String, _ 
   ByVal mode As Leadtools.Dicom.DicomNetSecurityeMode, _ 
   ByVal openSslContextCreationSettings As Leadtools.Dicom.DicomOpenSslContextCreationSettings _ 
)

public: 
void Initialize(  
   String^ path, 
   Leadtools.Dicom.DicomNetSecurityeMode mode, 
   Leadtools.Dicom.DicomOpenSslContextCreationSettings^ openSslContextCreationSettings 
)

Parameters

path
The location of the temporary files. This should be the same string that was used in the DicomNet constructor.

mode
The security mode to use when initializing the network structure. This should be the same value that was used in the DicomNet constructor.

openSslContextCreationSettings
A DicomOpenSslContextCreationSettings object that is used to modify the security defaults. This is used only if the parameter [mode](" id="modeparameterlink" class="popuplink) is DicomNetSecurityeMode.Tls. Pass a null reference (Nothing in VB) to get the default values.

Remarks

This method is to be used in conjunction with the DicomNet(string, DicomNetSecurityeMode, bool) constructor when changing security options from the defaults. Note that when using the DicomNet(string, DicomNetSecurityeMode, bool) version of the constructor, in addition to calling Startup, it is also necessary to call Initialize in order to prepare the DicomNet object for use. Use the [openSslContextCreationSettings](" id="opensslcontextcreationsettingsparameterlink" class="popuplink) parameter when the security mode is set to DicomNetSecurityeMode.Tls. Note that the following uses of the DicomNet constructors are functionally equivalent:

DicomNet net = new DicomNet(path, mode);

DicomNet net = new DicomNet(path, mode, false); net.Initialize(path, mode, null);

Example

This is a comprehensive sample that shows how to use DICOM Secure communication using TLS (with more control over the security settings).

using Leadtools; 
using Leadtools.Dicom; 
 
[StructLayout(LayoutKind.Sequential)] 
public struct MSG 
{ 
   public IntPtr hwnd; 
   public uint message; 
   public IntPtr wParam; 
   public IntPtr lParam; 
   public uint time; 
   public System.Drawing.Point p; 
} 
 
public enum WaitReturn 
{ 
   Complete, 
   Timeout, 
} 
 
class Utils 
{ 
   [DllImport("user32.dll")] 
   [return: MarshalAs(UnmanagedType.Bool)] 
   static extern bool PeekMessage(out MSG lpMsg, IntPtr hWnd, 
                                  uint wMsgFilterMin, uint wMsgFilterMax, 
                                  uint wRemoveMsg); 
 
   [DllImport("user32.dll")] 
   static extern bool TranslateMessage([In] ref MSG lpMsg); 
   [DllImport("user32.dll")] 
   static extern IntPtr DispatchMessage([In] ref MSG lpmsg); 
 
   const uint PM_REMOVE = 1; 
 
   public static WaitReturn WaitForComplete(double mill, WaitHandle wh) 
   { 
      TimeSpan goal = new TimeSpan(DateTime.Now.AddMilliseconds(mill).Ticks); 
 
      do 
      { 
         MSG msg = new MSG(); 
 
         if (PeekMessage(out msg, IntPtr.Zero, 0, 0, PM_REMOVE)) 
         { 
            TranslateMessage(ref msg); 
            DispatchMessage(ref msg); 
         } 
 
         if (wh.WaitOne(new TimeSpan(0, 0, 0), false)) 
         { 
            return WaitReturn.Complete; 
         } 
 
         if (goal.CompareTo(new TimeSpan(DateTime.Now.Ticks)) < 0) 
         { 
            return WaitReturn.Timeout; 
         } 
 
      } while (true); 
   } 
} 
 
// 
// Secure client (TLS) 
// 
class Client : DicomNet 
{ 
   AutoResetEvent waitEvent = new AutoResetEvent(false); 
   string clientPEM = Path.Combine(LEAD_VARS.ImagesDir, "client.pem"); 
 
   public Client() 
       : base(null, DicomNetSecurityeMode.Tls) 
   { 
      SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha); 
      SetTlsClientCertificate(clientPEM, DicomTlsCertificateType.Pem, null); 
   } 
 
   public bool Wait() 
   { 
      WaitReturn ret; 
 
      ret = Utils.WaitForComplete((5 * 60) * 1000, waitEvent); 
 
      return (ret == WaitReturn.Complete); 
   } 
 
   protected override void OnConnect(DicomExceptionCode error) 
   { 
      waitEvent.Set(); 
   } 
 
   protected override string OnPrivateKeyPassword(bool encryption) 
   { 
      return "test"; 
   } 
 
   protected override void OnSecureLinkReady(DicomExceptionCode error) 
   { 
      waitEvent.Set(); 
   } 
} 
 
// 
// Secure server (TLS) connection with a client 
// 
class ServerConnection : DicomNet 
{ 
   public ServerConnection() 
       : base(null, DicomNetSecurityeMode.Tls, false) 
   { 
 
   } 
 
   protected override string OnPrivateKeyPassword(bool encryption) 
   { 
      return "test"; 
   } 
} 
 
class Server : DicomNet 
{ 
   ServerConnection client; 
 
   public Server() 
       : base(null, DicomNetSecurityeMode.None) 
   { 
   } 
 
   protected override void OnAccept(DicomExceptionCode error) 
   { 
      string serverPEM = Path.Combine(LEAD_VARS.ImagesDir, "server.pem"); 
      client = new ServerConnection(); 
      if (client != null) 
      { 
         string certificationAuthoritiesFileName = Path.Combine(LEAD_VARS.ImagesDir, "CA.pem"); 
         //Require and verify a client certificate. 
         //Support SSL version 3 or TLS Version 1 for the handshake. 
         //Use trusted certificate authority file to verify the client certificate 
         //Verify the client certificate chain to a maximum depth of 2. 
         DicomOpenSslContextCreationSettings settings = new DicomOpenSslContextCreationSettings(DicomSslMethodType.TlsV1, 
            certificationAuthoritiesFileName, 
            DicomOpenSslVerificationFlags.Peer | 
            DicomOpenSslVerificationFlags.FailIfNoPeerCertificate, 
            2, 
            DicomOpenSslOptionsFlags.NoSslV2 | 
            DicomOpenSslOptionsFlags.AllBugWorkarounds); 
         //You can use the properties too, to specify the context creation settings. 
         //settings.MethodType = DicomSslMethodType.SslV23; 
         //settings.CertificationAuthoritiesFileName = certificationAuthoritiesFileName; 
         //settings.VerificationFlags =  DicomOpenSslVerificationFlags.Peer | 
         //                              DicomOpenSslVerificationFlags.FailIfNoPeerCertificate; 
         //settings.Options = DicomOpenSslOptionsFlags.NoSslV2| DicomOpenSslOptionsFlags.AllBugWorkarounds; 
         client.Initialize(null, DicomNetSecurityeMode.Tls, settings); 
         client.SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha); 
         client.SetTlsClientCertificate(serverPEM, DicomTlsCertificateType.Pem, null); 
      } 
      Accept(client); 
   } 
 
   protected override void Dispose(bool __p1) 
   { 
      client.Dispose(); 
      base.Dispose(__p1); 
   } 
} 
 
public void TLSSecuritySample() 
{ 
   DicomEngine.Startup(); 
   DicomNet.Startup(); 
 
   using (Server server = new Server()) 
   { 
      using (Client client = new Client()) 
      { 
         server.Listen("127.0.0.1", 104, 1); // start server 
         client.Connect(null, 1000, "127.0.0.1", 104); // connect to server 
         if (!client.Wait()) // wait for connection to finish 
         { 
            Debug.Fail("Connection timed out"); 
         } 
 
         Debug.Assert(client.IsConnected(), "Client not connected"); 
 
         // 
         // Wait for authenication 
         // 
         if (!client.Wait()) 
         { 
            Debug.Fail("Connection timed out waiting for authenication"); 
         } 
 
         // Once two computers have negotiated the ciphersuite, and have  
         // authenticated each other, they can begin transferring  
         // messages and data between them. 
 
         // Continue with normal dicom communication 
 
         client.CloseForced(true); 
      } 
      server.CloseForced(true); 
   } 
 
   DicomEngine.Shutdown(); 
   DicomNet.Shutdown(); 
} 
 
static class LEAD_VARS 
{ 
   public const string ImagesDir = @"C:\Users\Public\Documents\LEADTOOLS Images"; 
}

Imports Leadtools 
Imports Leadtools.Dicom 
 
<StructLayout(LayoutKind.Sequential)> 
Public Structure MSG 
   Public hwnd As IntPtr 
   Public message As UInteger 
   Public wParam As IntPtr 
   Public lParam As IntPtr 
   Public time As UInteger 
   Public p As System.Drawing.Point 
End Structure 
 
Public Enum WaitReturn 
   Complete 
   Timeout 
End Enum 
 
Private Class Utils 
   <DllImport("user32.dll")> 
   Shared Function PeekMessage(<System.Runtime.InteropServices.Out()> ByRef lpMsg As MSG, ByVal hWnd As IntPtr, ByVal wMsgFilterMin As UInteger, 
                                  ByVal wMsgFilterMax As UInteger, ByVal wRemoveMsg As UInteger) As <MarshalAs(UnmanagedType.Bool)> Boolean 
   End Function 
 
   <DllImport("user32.dll")> 
   Shared Function TranslateMessage(ByRef lpMsg As MSG) As Boolean 
   End Function 
   <DllImport("user32.dll")> 
   Shared Function DispatchMessage(ByRef lpmsg As MSG) As IntPtr 
   End Function 
 
   Private Const PM_REMOVE As UInteger = 1 
 
   Public Shared Function WaitForComplete(ByVal mill As Double, ByVal wh As WaitHandle) As WaitReturn 
      Dim goal As TimeSpan = New TimeSpan(DateTime.Now.AddMilliseconds(mill).Ticks) 
 
      Do 
         Dim msg As MSG = New MSG() 
 
         If PeekMessage(msg, IntPtr.Zero, 0, 0, PM_REMOVE) Then 
            TranslateMessage(msg) 
            DispatchMessage(msg) 
         End If 
 
         If wh.WaitOne(New TimeSpan(0, 0, 0), False) Then 
            Return WaitReturn.Complete 
         End If 
 
         If goal.CompareTo(New TimeSpan(DateTime.Now.Ticks)) < 0 Then 
            Return WaitReturn.Timeout 
         End If 
 
      Loop While True 
   End Function 
End Class 
 
' 
' Secure client (TLS) 
' 
Private Class Client : Inherits DicomNet 
   Private waitEvent As AutoResetEvent = New AutoResetEvent(False) 
   Private clientPEM As String = Path.Combine(LEAD_VARS.ImagesDir, "client.pem") 
 
   Public Sub New() 
      MyBase.New(Nothing, DicomNetSecurityeMode.Tls) 
      SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha) 
      SetTlsClientCertificate(clientPEM, DicomTlsCertificateType.Pem, Nothing) 
 
      'Over here we can get detailed information about the Cipher Suite 
      ' Can also call GetTlsCipherSuiteByIndex 
      Dim cipherSuite As DicomTlsCipherSuiteType 
      cipherSuite = GetTlsCipherSuite() 
      'Returns DicomTlsEncryptionMethodType 
      Console.WriteLine("Encryption Algorithm is : {0}", GetTlsEncryptionAlgorithm(cipherSuite)) 
      'Returns DicomTlsAuthenticationMethodType 
      Console.WriteLine("Authentication Algorithm is : {0}", GetTlsAuthenticationAlgorithm(cipherSuite)) 
      'Returns DicomTlsMacMethodType 
      Console.WriteLine("Integrity Algorithm is : {0}", GetTlsIntegrityAlgorithm(cipherSuite)) 
      'Returns DicomTlsExchangeMethodType 
      Console.WriteLine("Key Exchange Algorithm is : {0}", GetTlsKeyExchangeAlgorithm(cipherSuite)) 
      Console.WriteLine("Encryption Key Length is : {0}", GetTlsEncryptionKeyLength(cipherSuite)) 
      Console.WriteLine("Mutual Authentication Key Length is : {0}", GetTlsMutualAuthenticationKeyLength(cipherSuite)) 
 
   End Sub 
 
   Public Function Wait() As Boolean 
      Dim ret As WaitReturn 
 
      ret = Utils.WaitForComplete((5 * 60) * 1000, waitEvent) 
 
      Return (ret = WaitReturn.Complete) 
   End Function 
 
   Protected Overrides Sub OnConnect(ByVal [error] As DicomExceptionCode) 
      waitEvent.Set() 
   End Sub 
 
   Protected Overrides Function OnPrivateKeyPassword(ByVal encryption As Boolean) As String 
      Return "test" 
   End Function 
 
   Protected Overrides Sub OnSecureLinkReady(ByVal [error] As DicomExceptionCode) 
      waitEvent.Set() 
   End Sub 
End Class 
 
' 
' Secure server (TLS) connection with a client 
' 
Private Class ServerConnection : Inherits DicomNet 
 
   Public Sub New() 
      MyBase.New(Nothing, DicomNetSecurityeMode.Tls, False) 
 
   End Sub 
 
   Protected Overrides Function OnPrivateKeyPassword(ByVal encryption As Boolean) As String 
      Return "test" 
   End Function 
End Class 
 
Private Class Server : Inherits DicomNet 
   Private client As ServerConnection 
   Private certificationAuthoritiesFileName As String = Path.Combine(LEAD_VARS.ImagesDir, "CA.pem") 
 
   Public Sub New() 
      MyBase.New(Nothing, DicomNetSecurityeMode.None) 
   End Sub 
 
   Protected Overrides Sub OnAccept(ByVal [error] As DicomExceptionCode) 
      Dim serverPEM As String = Path.Combine(LEAD_VARS.ImagesDir, "server.pem") 
      client = New ServerConnection() 
      'Require and verify a client certificate. 
      'Support SSL version 3 or TLS Version 1 for the handshake. 
      'Use trusted certificate authority file to verify the client certificate 
      'Verify the client certificate chain to a maximum depth of 2. 
      Dim settings As New DicomOpenSslContextCreationSettings(DicomSslMethodType.TlsV1, 
         certificationAuthoritiesFileName, 
         DicomOpenSslVerificationFlags.Peer Or DicomOpenSslVerificationFlags.FailIfNoPeerCertificate, 
         2, 
         DicomOpenSslOptionsFlags.NoSslV2 Or DicomOpenSslOptionsFlags.AllBugWorkarounds) 
      'You can use the properties too, to specify the context creation settings. 
      settings.MethodType = DicomSslMethodType.SslV23 
      settings.CertificationAuthoritiesFileName = certificationAuthoritiesFileName 
      settings.VerificationFlags = DicomOpenSslVerificationFlags.Peer Or DicomOpenSslVerificationFlags.FailIfNoPeerCertificate 
      settings.Options = DicomOpenSslOptionsFlags.NoSslV2 Or DicomOpenSslOptionsFlags.AllBugWorkarounds 
 
      client.Initialize(Nothing, DicomNetSecurityeMode.Tls, settings) 
      client.SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha) 
      client.SetTlsClientCertificate(serverPEM, DicomTlsCertificateType.Pem, Nothing) 
 
      Accept(client) 
 
   End Sub 
 
   Protected Overloads Overrides Sub Dispose(ByVal __p1 As Boolean) 
      client.Dispose() 
      MyBase.Dispose(__p1) 
   End Sub 
End Class 
 
 
Public Sub TLSSecuritySample() 
   DicomEngine.Startup() 
   DicomNet.Startup() 
 
   Using server As Server = New Server() 
      Using client As Client = New Client() 
         server.Listen("127.0.0.1", 104, 1) ' start server 
         client.Connect(Nothing, 1000, "127.0.0.1", 104) ' connect to server 
         If (Not client.Wait()) Then ' wait for connection to finish 
            Debug.Fail("Connection timed out") 
         End If 
 
         Debug.Assert(client.IsConnected(), "Client not connected") 
 
         ' 
         ' Wait for authenication 
         ' 
         If (Not client.Wait()) Then 
            Debug.Fail("Connection timed out waiting for authenication") 
         End If 
 
         ' Once two computers have negotiated the ciphersuite, and have  
         ' authenticated each other, they can begin transferring  
         ' messages and data between them. 
 
         ' Continue with normal dicom communication 
 
         client.CloseForced(True) 
      End Using 
      server.CloseForced(True) 
   End Using 
 
   DicomEngine.Shutdown() 
   DicomNet.Shutdown() 
End Sub 
 
Public NotInheritable Class LEAD_VARS 
   Public Const ImagesDir As String = "C:\Users\Public\Documents\LEADTOOLS Images" 
End Class