Initialize Method

Summary

Changes security options from the defaults.

Syntax

C++/CLI

public void Initialize( 
   string path, 
   DicomNetSecurityMode mode, 
   DicomOpenSslContextCreationSettings openSslContextCreationSettings 
)

public: 
void Initialize(  
   String^ path, 
   DicomNetSecurityMode mode, 
   DicomOpenSslContextCreationSettings^ openSslContextCreationSettings 
)

Parameters

path
The location of the temporary files. This should be the same string that was used in the DicomNet constructor.

mode
The security mode to use when initializing the network structure. This should be the same value that was used in the DicomNet constructor.

openSslContextCreationSettings
A DicomOpenSslContextCreationSettings object that is used to modify the security defaults. This is used only if the parameter mode is DicomNetSecurityMode.Tls. Pass a null reference (Nothing in VB) to get the default values.

Remarks

This method is to be used in conjunction with the DicomNet(string, DicomNetSecurityMode, bool) constructor when changing security options from the defaults. Note that when using the DicomNet(string, DicomNetSecurityMode, bool) version of the constructor, in addition to calling Startup, it is also necessary to call Initialize in order to prepare the DicomNet object for use. Use the openSslContextCreationSettings parameter when the security mode is set to DicomNetSecurityMode.Tls. Note that the following uses of the DicomNet constructors are functionally equivalent:

DicomNet net = new DicomNet(path, mode);
DicomNet net = new DicomNet(path, mode, false); net.Initialize(path, mode, null);

Example

This is a comprehensive sample that shows how to use DICOM Secure communication using TLS (with more control over the security settings).

using Leadtools; 
using Leadtools.Dicom; 
 
 
[StructLayout(LayoutKind.Sequential)] 
public struct MSG 
{ 
   public IntPtr hwnd; 
   public uint message; 
   public IntPtr wParam; 
   public IntPtr lParam; 
   public uint time; 
   public System.Drawing.Point p; 
} 
 
public enum WaitReturn 
{ 
   Complete, 
   Timeout, 
} 
 
class Utils 
{ 
   [DllImport("user32.dll")] 
   [return: MarshalAs(UnmanagedType.Bool)] 
   static extern bool PeekMessage(out MSG lpMsg, IntPtr hWnd, 
                                  uint wMsgFilterMin, uint wMsgFilterMax, 
                                  uint wRemoveMsg); 
 
   [DllImport("user32.dll")] 
   static extern bool TranslateMessage([In] ref MSG lpMsg); 
   [DllImport("user32.dll")] 
   static extern IntPtr DispatchMessage([In] ref MSG lpmsg); 
 
   const uint PM_REMOVE = 1; 
 
   public static WaitReturn WaitForComplete(double mill, WaitHandle wh) 
   { 
      TimeSpan goal = new TimeSpan(DateTime.Now.AddMilliseconds(mill).Ticks); 
 
      do 
      { 
         MSG msg = new MSG(); 
 
         if (PeekMessage(out msg, IntPtr.Zero, 0, 0, PM_REMOVE)) 
         { 
            TranslateMessage(ref msg); 
            DispatchMessage(ref msg); 
         } 
 
         if (wh.WaitOne(new TimeSpan(0, 0, 0), false)) 
         { 
            return WaitReturn.Complete; 
         } 
 
         if (goal.CompareTo(new TimeSpan(DateTime.Now.Ticks)) < 0) 
         { 
            return WaitReturn.Timeout; 
         } 
 
      } while (true); 
   } 
 
   public static void SetupTlsContext(DicomNet net, string certName) 
   { 
      string serverCA = Path.Combine(LEAD_VARS.ImagesDir, "ca.pem"); 
 
      if (net != null) 
      { 
         DicomOpenSslContextCreationSettings settings = new DicomOpenSslContextCreationSettings( 
            // represents DicomOpenSslContextCreationSettings.MethodType 
            DicomSslMethodType.SslV23, 
            // represents DicomOpenSslContextCreationSettings.CertificationAuthoritiesFileName 
            serverCA, 
            // represents DicomOpenSslContextCreationSettings.VerificationFlags 
            DicomOpenSslVerificationFlags.Peer | DicomOpenSslVerificationFlags.FailIfNoPeerCertificate, 
            // represents DicomOpenSslContextCreationSettings.MaximumVerificationDepth 
            2, 
            // represents DicomOpenSslContextCreationSettings.Options 
            DicomOpenSslOptionsFlags.NoSslV2 | DicomOpenSslOptionsFlags.AllBugWorkarounds 
            ); 
         net.Initialize(null, DicomNetSecurityMode.Tls, settings); 
         net.SetTlsClientCertificate(certName, DicomTlsCertificateType.Pem, null); 
      } 
   } 
} 
 
//  
// Secure client (TLS)  
//  
class Client : DicomNet 
{ 
   AutoResetEvent waitEvent = new AutoResetEvent(false); 
   string clientPEM = Path.Combine(LEAD_VARS.ImagesDir, "client.pem"); 
 
   public Client() 
      : base(null, DicomNetSecurityMode.Tls) 
   { 
      SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha); 
      Utils.SetupTlsContext(this, clientPEM); 
   } 
 
   public bool Wait() 
   { 
      WaitReturn ret; 
 
      ret = Utils.WaitForComplete((5 * 60) * 1000, waitEvent); 
 
      return (ret == WaitReturn.Complete); 
   } 
 
   protected override void OnConnect(DicomExceptionCode error) 
   { 
      waitEvent.Set(); 
   } 
 
   protected override string OnPrivateKeyPassword(bool encryption) 
   { 
      return "test"; 
   } 
 
   protected override void OnSecureLinkReady(DicomExceptionCode error) 
   { 
      waitEvent.Set(); 
   } 
} 
 
//  
// Secure server (TLS)  
//  
class ServerConnection : DicomNet 
{ 
 
   string serverPEM = Path.Combine(LEAD_VARS.ImagesDir, "server.pem"); 
 
   public ServerConnection() 
      : base(null, DicomNetSecurityMode.Tls) 
   { 
      SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha); 
      SetTlsClientCertificate(serverPEM, DicomTlsCertificateType.Pem, null); 
   } 
 
   protected override string OnPrivateKeyPassword(bool encryption) 
   { 
      return "test"; 
   } 
 
   // The OnVerify callback gets called twice, once for each certificate in the certificate chain. 
   protected override int OnVerify(int ok, string certificateString, DicomSecurityCertificateException ex) 
   { 
      string certificateMessageString = "Received Client Certificate:\n" + certificateString; 
 
      // Log that the SCP received the Client Certificate 
      Debug.WriteLine(certificateMessageString); 
 
      if (ex.Code != DicomSecurityCertificateExceptionCode.Success) 
      { 
         string message = string.Format("Error {0}: {1}", ex.Code, ex.Message); 
 
         // Log the error with Client Certificate 
         Debug.WriteLine(message); 
      } 
      return ok; 
   } 
} 
 
class Server : DicomNet 
{ 
   string serverPEM = Path.Combine(LEAD_VARS.ImagesDir, "server.pem"); 
 
   ServerConnection client; 
 
   public Server() 
      : base(null, DicomNetSecurityMode.Tls) 
   { 
      SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha); 
      Utils.SetupTlsContext(this, serverPEM); 
   } 
 
   protected override void OnAccept(DicomExceptionCode error) 
   { 
      client = new ServerConnection(); 
 
      Utils.SetupTlsContext(client, serverPEM); 
 
      Accept(client); 
   } 
 
   protected override string OnPrivateKeyPassword(bool encryption) 
   { 
      return "test"; 
   } 
 
   protected override void Dispose(bool __p1) 
   { 
      client.Dispose(); 
      base.Dispose(__p1); 
   } 
} 
 
public void TLSSecuritySample() 
{ 
   //Assert test to check file exists before running code 
   string clientPEM = Path.Combine(LEAD_VARS.ImagesDir, "ca.pem"); 
   Assert.IsTrue(File.Exists(clientPEM) == true, "Missing file: " + clientPEM); 
 
   DicomEngine.Startup(); 
   DicomNet.Startup(); 
 
   using (Server server = new Server()) 
   { 
      using (Client client = new Client()) 
      { 
         server.Listen("127.0.0.1", 104, 1); // start server  
         client.Connect(null, 1000, "127.0.0.1", 104); // connect to server  
         if (!client.Wait()) // wait for connection to finish  
         { 
            Debug.Fail("Connection timed out"); 
         } 
 
         Debug.Assert(client.IsConnected(), "Client not connected"); 
 
         //  
         // Wait for authenication  
         //  
         if (!client.Wait()) 
         { 
            Debug.Fail("Connection timed out waiting for authenication"); 
         } 
 
         // Once two computers have negotiated the ciphersuite, and have   
         // authenticated each other, they can begin transferring   
         // messages and data between them.  
 
         //Now we can get detailed information about the Cipher Suite   
         DicomTlsCipherSuiteType cipherSuite = client.GetTlsCipherSuite();// Can also call GetTlsCipherSuiteByIndex   
 
         Debug.WriteLine("Encryption Algorithm is : {0}", client.GetTlsEncryptionAlgorithm(cipherSuite)); 
         Debug.WriteLine("Authentication Algorithm is : {0}", client.GetTlsAuthenticationAlgorithm(cipherSuite)); 
         Debug.WriteLine("Integrity Algorithm is : {0}", client.GetTlsIntegrityAlgorithm(cipherSuite)); 
         Debug.WriteLine("Key Exchange Algorithm is : {0}", client.GetTlsKeyExchangeAlgorithm(cipherSuite)); 
         Debug.WriteLine("Encryption Key Length is : {0}", client.GetTlsEncryptionKeyLength(cipherSuite)); 
         Debug.WriteLine("Mutual Authentication Key Length is : {0}", client.GetTlsMutualAuthenticationKeyLength(cipherSuite)); 
 
         // Continue with normal dicom communication  
 
         client.CloseForced(true); 
      } 
      server.CloseForced(true); 
   } 
 
   DicomEngine.Shutdown(); 
   DicomNet.Shutdown(); 
} 
 
static class LEAD_VARS 
{ 
   public const string ImagesDir = @"C:\LEADTOOLS23\Resources\Images"; 
}

Requirements

Target Platforms

Reference

DicomNet Class

DicomNet Members

Startup Method

Download our FREE evaluation

Help Version 23.0.2024.8.20

Leadtools.Dicom Assembly

Introduction

Getting Started

Namespaces

Leadtools.Dicom Namespace

Assemblies