UseSecureHost Property

Summary

Gets or sets a value indicating whether a C-MOVE to oneself requires secure (TLS) communication.

Syntax

C++

public bool UseSecureHost {get; set;}

Public Property UseSecureHost() As Boolean 
   Get 
   Set

public:  
   property bool UseSecureHost 
   { 
      bool get() 
      void set(bool value) 
   }

Property Value

A value indicating whether a C-MOVE to oneself requires secure (TLS) communication. The default value is false.

Remarks

When doing a C-MOVE Move to oneself, the destination AE is the same as the calling AE. In this case, the calling AE (i.e., the host) is listening and accepting incoming connections. Set UseSecureHost to true to make the host accept connections securely using TLS. If UseSecureHost is false (the default behavior), the host accepts connections conventionally, without using TLS security.

If UseSecureHost is true, then the SecureHostSettings properties are used to specify the host security (TLS) settings. Otherwise, the SecureHostSettings properties are ignored.

Both the UseSecureHost and SecureHostSettings properties are only used with the Move methods, where the destination AE is the same as the calling AE.

For more information, see SecureHostSettings.

Example

Moves the specified series from an SCP (DICOM Server) to the calling AE (host).

The SCP is accepting unsecure connections.
The host is configured to accept secure connections (TLS).

using Leadtools; 
using Leadtools.Dicom.Scu; 
using Leadtools.Dicom.Scu.Common; 
using Leadtools.Dicom; 
using Leadtools.Dicom.Common.DataTypes; 
 
public void MoveSeriesSecure() 
{ 
   DicomEngine.Startup(); 
   DicomNet.Startup(); 
 
   QueryRetrieveScu retrieveSeriesSecure = new QueryRetrieveScu(); 
   FindQuery query = new FindQuery(); 
   DicomScp scp = new DicomScp(); 
 
   // 
   // Change these parameters to reflect the calling AETitle. 
   // 
 
   retrieveSeriesSecure.AETitle = "T20_CLIENT64"; 
   retrieveSeriesSecure.HostPort = 1030; 
   retrieveSeriesSecure.HostAddress = Dns.GetHostEntry(Dns.GetHostName()).AddressList.FirstOrDefault(ip => ip.AddressFamily == AddressFamily.InterNetwork); 
   retrieveSeriesSecure.UseSecureHost = true;   // SCU host is secure 
   retrieveSeriesSecure.SecureHostSettings = new DicomOpenSslContextCreationSettings(DicomSslMethodType.SslV23, @"C:\Certificates\ca.pem", DicomOpenSslVerificationFlags.None, 9, DicomOpenSslOptionsFlags.AllBugWorkarounds); 
 
   // 
   // Change these parameters to reflect the called AETitle (server). 
   // 
 
   scp.AETitle = "L20_PACS_SCP64"; 
   scp.Port = 534; 
   scp.Timeout = 60; 
   scp.PeerAddress = IPAddress.Parse("192.168.5.102"); 
   scp.Secure = false;     // SCP is unsecure 
 
   retrieveSeriesSecure.BeforeCMove += new BeforeCMoveDelegate(retrieveSeriesSecure_BeforeCMove); 
   retrieveSeriesSecure.Moved += new MovedDelegate(retrieveSeriesSecure_Moved); 
   retrieveSeriesSecure.AfterCMove += new AfterCMoveDelegate(retrieveSeriesSecure_AfterCMove); 
   retrieveSeriesSecure.HostReady += RetrieveSeriesSecure_HostReady; 
   retrieveSeriesSecure.AfterSecureLinkReady += RetrieveSeriesSecure_AfterSecureLinkReady; 
   retrieveSeriesSecure.Move(scp, string.Empty, "1.2.840.114257.3.6.5.41964868", "1.2.840.114257.3.6.5.5.4214471"); 
 
   DicomNet.Shutdown(); 
   DicomEngine.Shutdown(); 
} 
 
private void RetrieveSeriesSecure_AfterSecureLinkReady(object sender, AfterSecureLinkReadyEventArgs e) 
{ 
   DicomNet net = (DicomNet)sender; 
   if (net != null) 
   { 
      if (e.Error != DicomExceptionCode.Success) 
      { 
         ClientSecureLinkReadyException exception = new ClientSecureLinkReadyException("Secure handshake (TLS) failed.", e.Error); 
         Console.WriteLine("Secure handshake (TLS) failed: code{0}", exception.Code); 
         throw exception; 
      } 
   } 
} 
 
private void RetrieveSeriesSecure_HostReady(object sender, HostReadyEventArgs e) 
{ 
   DicomConnection host = e.ScpHost; 
 
   if (host != null) 
   { 
      Console.WriteLine("HostReady: Host AETitle:{0} Host Port:{1}", e.ScpHost.AETitle, e.ScpHost.HostPort); 
 
      if (host.SecurityMode == DicomNetSecurityMode.Tls) 
      { 
         host.PrivateKeyPassword += Host_PrivateKeyPassword; 
         host.SetTlsClientCertificate(@"C:\Certificates\client.pem", DicomTlsCertificateType.Pem, @"C:\Certificates\client.pem"); 
         host.PrivateKeyPassword -= Host_PrivateKeyPassword; 
 
         host.SetTlsCipherSuiteByIndex(0, 0); 
 
         host.SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha); 
         host.SetTlsCipherSuiteByIndex(1, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha); 
         host.SetTlsCipherSuiteByIndex(2, DicomTlsCipherSuiteType.DheRsaAes256Sha); 
         host.SetTlsCipherSuiteByIndex(3, DicomTlsCipherSuiteType.RsaWithAes128CbcSha); 
         host.SetTlsCipherSuiteByIndex(4, DicomTlsCipherSuiteType.RsaWith3DesEdeCbcSha); 
         host.SetTlsCipherSuiteByIndex(5, DicomTlsCipherSuiteType.DheRsaWithAes128GcmSha256); 
         host.SetTlsCipherSuiteByIndex(6, DicomTlsCipherSuiteType.EcdheRsaWithAes128GcmSha256); 
         host.SetTlsCipherSuiteByIndex(7, DicomTlsCipherSuiteType.DheRsaWithAes256GcmSha384); 
         host.SetTlsCipherSuiteByIndex(8, DicomTlsCipherSuiteType.EcdheRsaWithAes256GcmSha384); 
      } 
   } 
} 
 
private void Host_PrivateKeyPassword(object sender, PrivateKeyPasswordEventArgs e) 
{ 
   e.PrivateKeyPassword = "test"; 
} 
 
void retrieveSeriesSecure_BeforeCMove(object sender, BeforeCMoveEventArgs e) 
{ 
   Console.WriteLine("Before CMove"); 
} 
 
void retrieveSeriesSecure_Moved(object sender, MovedEventArgs e) 
{ 
   Console.WriteLine(e.Patient.Name.Full); 
   Console.WriteLine(e.Study.AccessionNumber); 
   Console.WriteLine(e.Series.Number); 
   Console.WriteLine(e.Instance.SOPInstanceUID); 
   Console.WriteLine("=========================================="); 
} 
 
void retrieveSeriesSecure_AfterCMove(object sender, AfterCMoveEventArgs e) 
{ 
   Console.WriteLine("After CMove"); 
   Console.WriteLine("\t{0} Completed", e.Completed); 
   Console.WriteLine("\t{0} Failed", e.Failed); 
   Console.WriteLine("\t{0} Warning", e.Warning); 
   Console.WriteLine("\tStatus: {0}", e.Status); 
}

Imports Leadtools 
Imports Leadtools.Dicom.Scu 
Imports Leadtools.Dicom.Scu.Common 
Imports Leadtools.Dicom 
Imports Leadtools.Dicom.Common.DataTypes 
 
Public Sub MoveSeriesSecure() 
    DicomEngine.Startup() 
    DicomNet.Startup() 
 
    Dim retrieveSeriesSecure As New QueryRetrieveScu() 
    Dim query As New FindQuery() 
    Dim scp As New DicomScp() 
 
    ' 
    ' Change these parameters to reflect the calling AETitle. 
    ' 
 
    retrieveSeriesSecure.AETitle = "T20_CLIENT64" 
    retrieveSeriesSecure.HostPort = 1030 
    retrieveSeriesSecure.HostAddress = Dns.GetHostEntry(Dns.GetHostName()).AddressList.FirstOrDefault(Function(ip) ip.AddressFamily = AddressFamily.InterNetwork) 
    retrieveSeriesSecure.UseSecureHost = True ' SCU host is secure 
    retrieveSeriesSecure.SecureHostSettings = New DicomOpenSslContextCreationSettings(DicomSslMethodType.SslV23, "C:\Certificates\ca.pem", DicomOpenSslVerificationFlags.None, 9, DicomOpenSslOptionsFlags.AllBugWorkarounds) 
 
    ' 
    ' Change these parameters to reflect the called AETitle (server). 
    ' 
 
    scp.AETitle = "L20_PACS_SCP64" 
    scp.Port = 534 
    scp.Timeout = 60 
    scp.PeerAddress = IPAddress.Parse("192.168.5.102") 
    scp.Secure = False ' SCP is unsecure 
 
    AddHandler retrieveSeriesSecure.BeforeCMove, AddressOf retrieveSeriesSecure_BeforeCMove 
    AddHandler retrieveSeriesSecure.Moved, AddressOf retrieveSeriesSecure_Moved 
    AddHandler retrieveSeriesSecure.AfterCMove, AddressOf retrieveSeriesSecure_AfterCMove 
    AddHandler retrieveSeriesSecure.HostReady, AddressOf RetrieveSeriesSecure_HostReady 
    AddHandler retrieveSeriesSecure.AfterSecureLinkReady, AddressOf RetrieveSeriesSecure_AfterSecureLinkReady 
    retrieveSeriesSecure.Move(scp, String.Empty, "1.2.840.114257.3.6.5.41964868", "1.2.840.114257.3.6.5.5.4214471") 
 
    DicomNet.Shutdown() 
    DicomEngine.Shutdown() 
End Sub 
 
Private Sub RetrieveSeriesSecure_AfterSecureLinkReady(ByVal sender As Object, ByVal e As AfterSecureLinkReadyEventArgs) 
    Dim net As DicomNet = CType(sender, DicomNet) 
    If net IsNot Nothing Then 
        If e.Error <> DicomExceptionCode.Success Then 
            Dim exception As New ClientSecureLinkReadyException("Secure handshake (TLS) failed.", e.Error) 
            Console.WriteLine("Secure handshake (TLS) failed: code{0}", exception.Code) 
            Throw exception 
        End If 
    End If 
End Sub 
 
Private Sub RetrieveSeriesSecure_HostReady(ByVal sender As Object, ByVal e As HostReadyEventArgs) 
    Dim host As DicomConnection = e.ScpHost 
 
    If host IsNot Nothing Then 
        Console.WriteLine("HostReady: Host AETitle:{0} Host Port:{1}", e.ScpHost.AETitle, e.ScpHost.HostPort) 
 
        If host.SecurityMode = DicomNetSecurityMode.Tls Then 
            AddHandler host.PrivateKeyPassword, AddressOf Host_PrivateKeyPassword 
            host.SetTlsClientCertificate("C:\Certificates\client.pem", DicomTlsCertificateType.Pem, "C:\Certificates\client.pem") 
            RemoveHandler host.PrivateKeyPassword, AddressOf Host_PrivateKeyPassword 
 
            host.SetTlsCipherSuiteByIndex(0, 0) 
 
            host.SetTlsCipherSuiteByIndex(0, DicomTlsCipherSuiteType.DheRsaWithDesCbcSha) 
            host.SetTlsCipherSuiteByIndex(1, DicomTlsCipherSuiteType.DheRsaWith3DesEdeCbcSha) 
            host.SetTlsCipherSuiteByIndex(2, DicomTlsCipherSuiteType.DheRsaAes256Sha) 
            host.SetTlsCipherSuiteByIndex(3, DicomTlsCipherSuiteType.RsaWithAes128CbcSha) 
            host.SetTlsCipherSuiteByIndex(4, DicomTlsCipherSuiteType.RsaWith3DesEdeCbcSha) 
            host.SetTlsCipherSuiteByIndex(5, DicomTlsCipherSuiteType.DheRsaWithAes128GcmSha256) 
            host.SetTlsCipherSuiteByIndex(6, DicomTlsCipherSuiteType.EcdheRsaWithAes128GcmSha256) 
            host.SetTlsCipherSuiteByIndex(7, DicomTlsCipherSuiteType.DheRsaWithAes256GcmSha384) 
            host.SetTlsCipherSuiteByIndex(8, DicomTlsCipherSuiteType.EcdheRsaWithAes256GcmSha384) 
        End If 
    End If 
End Sub 
 
Private Sub Host_PrivateKeyPassword(ByVal sender As Object, ByVal e As PrivateKeyPasswordEventArgs) 
    e.PrivateKeyPassword = "test" 
End Sub 
 
Private Sub retrieveSeriesSecure_BeforeCMove(ByVal sender As Object, ByVal e As BeforeCMoveEventArgs) 
    Console.WriteLine("Before CMove") 
End Sub 
 
Private Sub retrieveSeriesSecure_Moved(ByVal sender As Object, ByVal e As MovedEventArgs) 
    Console.WriteLine(e.Patient.Name.Full) 
    Console.WriteLine(e.Study.AccessionNumber) 
    Console.WriteLine(e.Series.Number) 
    Console.WriteLine(e.Instance.SOPInstanceUID) 
    Console.WriteLine("==========================================") 
End Sub 
 
Private Sub retrieveSeriesSecure_AfterCMove(ByVal sender As Object, ByVal e As AfterCMoveEventArgs) 
    Console.WriteLine("After CMove") 
    Console.WriteLine(Constants.vbTab & "{0} Completed", e.Completed) 
    Console.WriteLine(Constants.vbTab & "{0} Failed", e.Failed) 
    Console.WriteLine(Constants.vbTab & "{0} Warning", e.Warning) 
    Console.WriteLine(Constants.vbTab & "Status: {0}", e.Status) 
End Sub

Requirements

Target Platforms

Reference

QueryRetrieveScu Class

QueryRetrieveScu Members

Leadtools.Dicom.Scu Namespace

Download our FREE evaluation

Help Version 20.0.2020.3.31

Leadtools.Dicom.Scu Assembly

Introduction

Getting Started

Namespaces

Leadtools.Dicom.Scu Namespace

Leadtools.Dicom.Scu.Common Namespace

Leadtools.Dicom.Scu.Queries Namespace

Assemblies