protected virtual void OnSecureLinkReady(
DicomExceptionCode error
)
- (void)onSecureLinkReady:(LTDicomErrorCode)error;
protected:
virtual void OnSecureLinkReady(
DicomExceptionCode error
)
error
An error code.
This method is called after the ISCL or TLS connection is successfully established. From this moment until the connection is closed, an application can securely send and receive data.
using Leadtools;
using Leadtools.Dicom;
[StructLayout(LayoutKind.Sequential)]
public struct MSG
{
public IntPtr hwnd;
public uint message;
public IntPtr wParam;
public IntPtr lParam;
public uint time;
public System.Drawing.Point p;
}
public enum WaitReturn
{
Complete,
Timeout,
}
class Utils
{
[DllImport("user32.dll")]
[return: MarshalAs(UnmanagedType.Bool)]
static extern bool PeekMessage(out MSG lpMsg, IntPtr hWnd,
uint wMsgFilterMin, uint wMsgFilterMax,
uint wRemoveMsg);
[DllImport("user32.dll")]
static extern bool TranslateMessage([In] ref MSG lpMsg);
[DllImport("user32.dll")]
static extern IntPtr DispatchMessage([In] ref MSG lpmsg);
const uint PM_REMOVE = 1;
public static WaitReturn WaitForComplete(double mill, WaitHandle wh)
{
TimeSpan goal = new TimeSpan(DateTime.Now.AddMilliseconds(mill).Ticks);
do
{
MSG msg = new MSG();
if (PeekMessage(out msg, IntPtr.Zero, 0, 0, PM_REMOVE))
{
TranslateMessage(ref msg);
DispatchMessage(ref msg);
}
if (wh.WaitOne(new TimeSpan(0, 0, 0), false))
{
return WaitReturn.Complete;
}
if (goal.CompareTo(new TimeSpan(DateTime.Now.Ticks)) < 0)
{
return WaitReturn.Timeout;
}
} while (true);
}
public static void SetupTlsContext(DicomNet net, string certName)
{
string serverCA = Path.Combine(LEAD_VARS.ImagesDir, "ca.pem");
if (net != null)
{
DicomOpenSslContextCreationSettings settings = new DicomOpenSslContextCreationSettings(
// represents DicomOpenSslContextCreationSettings.MethodType
DicomSslMethodType.SslV23,
// represents DicomOpenSslContextCreationSettings.CertificationAuthoritiesFileName
serverCA,
// represents DicomOpenSslContextCreationSettings.VerificationFlags
DicomOpenSslVerificationFlags.Peer | DicomOpenSslVerificationFlags.FailIfNoPeerCertificate,
// represents DicomOpenSslContextCreationSettings.MaximumVerificationDepth
2,
// represents DicomOpenSslContextCreationSettings.Options
DicomOpenSslOptionsFlags.NoSslV2 | DicomOpenSslOptionsFlags.AllBugWorkarounds
);
net.Initialize(null, DicomNetSecurityMode.Tls, settings);
net.SetTlsClientCertificate(certName, DicomTlsCertificateType.Pem, null);
}
}
}
//
// Secure client (TLS)
//
class Client : DicomNet
{
AutoResetEvent waitEvent = new AutoResetEvent(false);
string clientPEM = Path.Combine(LEAD_VARS.ImagesDir, "client.pem");
public Client()
: base(null, DicomNetSecurityMode.Tls)
{
SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha);
Utils.SetupTlsContext(this, clientPEM);
}
public bool Wait()
{
WaitReturn ret;
ret = Utils.WaitForComplete((5 * 60) * 1000, waitEvent);
return (ret == WaitReturn.Complete);
}
protected override void OnConnect(DicomExceptionCode error)
{
waitEvent.Set();
}
protected override string OnPrivateKeyPassword(bool encryption)
{
return "test";
}
protected override void OnSecureLinkReady(DicomExceptionCode error)
{
waitEvent.Set();
}
}
//
// Secure server (TLS)
//
class ServerConnection : DicomNet
{
string serverPEM = Path.Combine(LEAD_VARS.ImagesDir, "server.pem");
public ServerConnection()
: base(null, DicomNetSecurityMode.Tls)
{
SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha);
SetTlsClientCertificate(serverPEM, DicomTlsCertificateType.Pem, null);
}
protected override string OnPrivateKeyPassword(bool encryption)
{
return "test";
}
// The OnVerify callback gets called twice, once for each certificate in the certificate chain.
protected override int OnVerify(int ok, string certificateString, DicomSecurityCertificateException ex)
{
string certificateMessageString = "Received Client Certificate:\n" + certificateString;
// Log that the SCP received the Client Certificate
Debug.WriteLine(certificateMessageString);
if (ex.Code != DicomSecurityCertificateExceptionCode.Success)
{
string message = string.Format("Error {0}: {1}", ex.Code, ex.Message);
// Log the error with Client Certificate
Debug.WriteLine(message);
}
return ok;
}
}
class Server : DicomNet
{
string serverPEM = Path.Combine(LEAD_VARS.ImagesDir, "server.pem");
ServerConnection client;
public Server()
: base(null, DicomNetSecurityMode.Tls)
{
SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha);
Utils.SetupTlsContext(this, serverPEM);
}
protected override void OnAccept(DicomExceptionCode error)
{
client = new ServerConnection();
Utils.SetupTlsContext(client, serverPEM);
Accept(client);
}
protected override string OnPrivateKeyPassword(bool encryption)
{
return "test";
}
protected override void Dispose(bool __p1)
{
client.Dispose();
base.Dispose(__p1);
}
}
public void TLSSecuritySample()
{
//Assert test to check file exists before running code
string clientPEM = Path.Combine(LEAD_VARS.ImagesDir, "ca.pem");
Assert.IsTrue(File.Exists(clientPEM) == true, "Missing file: " + clientPEM);
DicomEngine.Startup();
DicomNet.Startup();
using (Server server = new Server())
{
using (Client client = new Client())
{
server.Listen("127.0.0.1", 104, 1); // start server
client.Connect(null, 1000, "127.0.0.1", 104); // connect to server
if (!client.Wait()) // wait for connection to finish
{
Debug.Fail("Connection timed out");
}
Debug.Assert(client.IsConnected(), "Client not connected");
//
// Wait for authenication
//
if (!client.Wait())
{
Debug.Fail("Connection timed out waiting for authenication");
}
// Once two computers have negotiated the ciphersuite, and have
// authenticated each other, they can begin transferring
// messages and data between them.
//Now we can get detailed information about the Cipher Suite
DicomTlsCipherSuiteType cipherSuite = client.GetTlsCipherSuite();// Can also call GetTlsCipherSuiteByIndex
Debug.WriteLine("Encryption Algorithm is : {0}", client.GetTlsEncryptionAlgorithm(cipherSuite));
Debug.WriteLine("Authentication Algorithm is : {0}", client.GetTlsAuthenticationAlgorithm(cipherSuite));
Debug.WriteLine("Integrity Algorithm is : {0}", client.GetTlsIntegrityAlgorithm(cipherSuite));
Debug.WriteLine("Key Exchange Algorithm is : {0}", client.GetTlsKeyExchangeAlgorithm(cipherSuite));
Debug.WriteLine("Encryption Key Length is : {0}", client.GetTlsEncryptionKeyLength(cipherSuite));
Debug.WriteLine("Mutual Authentication Key Length is : {0}", client.GetTlsMutualAuthenticationKeyLength(cipherSuite));
// Continue with normal dicom communication
client.CloseForced(true);
}
server.CloseForced(true);
}
DicomEngine.Shutdown();
DicomNet.Shutdown();
}
static class LEAD_VARS
{
public const string ImagesDir = @"C:\LEADTOOLS23\Resources\Images";
}
Help Collections
Raster .NET | C API | C++ Class Library | HTML5 JavaScript
Document .NET | C API | C++ Class Library | HTML5 JavaScript
Medical .NET | C API | C++ Class Library | HTML5 JavaScript
Medical Web Viewer .NET
Multimedia
Direct Show .NET | C API | Filters
Media Foundation .NET | C API | Transforms
Supported Platforms
.NET, Java, Android, and iOS/macOS Assemblies
Imaging, Medical, and Document
C API/C++ Class Libraries
Imaging, Medical, and Document
HTML5 JavaScript Libraries
Imaging, Medical, and Document