dcmtls/include/tlslayer.h

/*
 *
 *  Copyright (C) 1998-2003, OFFIS
 *
 *  This software and supporting documentation were developed by
 *
 *    Kuratorium OFFIS e.V.
 *    Healthcare Information and Communication Systems
 *    Escherweg 2
 *    D-26121 Oldenburg, Germany
 *
 *  THIS SOFTWARE IS MADE AVAILABLE,  AS IS,  AND OFFIS MAKES NO  WARRANTY
 *  REGARDING  THE  SOFTWARE,  ITS  PERFORMANCE,  ITS  MERCHANTABILITY  OR
 *  FITNESS FOR ANY PARTICULAR USE, FREEDOM FROM ANY COMPUTER DISEASES  OR
 *  ITS CONFORMITY TO ANY SPECIFICATION. THE ENTIRE RISK AS TO QUALITY AND
 *  PERFORMANCE OF THE SOFTWARE IS WITH THE USER.
 *
 *  Module: dcmtls
 *
 *  Author: Marco Eichelberg
 *
 *  Purpose:
 *    classes: DcmTLSTransportLayer
 *
 *  Last Update:      $Author: joergr $
 *  Update Date:      $Date: 2003/12/05 10:38:55 $
 *  CVS/RCS Revision: $Revision: 1.5 $
 *  Status:           $State: Exp $
 *
 *  CVS/RCS Log at end of file
 *
 */

#ifndef TLSLAYER_H
#define TLSLAYER_H

#include "osconfig.h"    /* make sure OS specific configuration is included first */
#include "dcmlayer.h"    /* for DcmTransportLayer */
#include "ofstream.h"    /* for ostream */

#ifdef WITH_OPENSSL
BEGIN_EXTERN_C
#include <openssl/ssl.h>
END_EXTERN_C

enum DcmCertificateVerification
{
  DCV_requireCertificate,

  DCV_checkCertificate,

  DCV_ignoreCertificate
};


class DcmTLSTransportLayer: public DcmTransportLayer
{
public:

  DcmTLSTransportLayer(int networkRole, const char *randFile);

  virtual ~DcmTLSTransportLayer();

  virtual DcmTransportConnection *createConnection(int openSocket, OFBool useSecureLayer);

  DcmTransportLayerStatus setPrivateKeyFile(const char *fileName, int fileType);

  DcmTransportLayerStatus setCertificateFile(const char *fileName, int fileType);

  OFBool checkPrivateKeyMatchesCertificate();

  DcmTransportLayerStatus addTrustedCertificateFile(const char *fileName, int fileType);

  DcmTransportLayerStatus addTrustedCertificateDir(const char *pathName, int fileType);

  DcmTransportLayerStatus setCipherSuites(const char *suites);

  static unsigned long getNumberOfCipherSuites();

  static const char *getTLSCipherSuiteName(unsigned long idx);

  static const char *getOpenSSLCipherSuiteName(unsigned long idx);

  static const char *findOpenSSLCipherSuiteName(const char *tlsCipherSuiteName);

  OFBool canWriteRandomSeed() { return canWriteRandseed; }

  OFBool writeRandomSeed(const char *randFile);

  void seedPRNG(const char *randFile);

  void addPRNGseed(void *buf, size_t bufSize);

  void setCertificateVerification(DcmCertificateVerification vtype);

  void setPrivateKeyPasswd(const char *thePasswd);

  void setPrivateKeyPasswdFromConsole();

  OFBool setTempDHParameters(const char *filename);

  static void printX509Certificate(ostream &out, X509 *peerCertificate);

private:

  DcmTLSTransportLayer(const DcmTLSTransportLayer&);

  DcmTLSTransportLayer& operator=(const DcmTLSTransportLayer&);

  SSL_CTX *transportLayerContext;

  OFBool canWriteRandseed;

  OFString privateKeyPasswd;

};

#endif /* WITH_OPENSSL */

#endif

/*
 *  $Log: tlslayer.h,v $
 *  Revision 1.5  2003/12/05 10:38:55  joergr
 *  Removed leading underscore characters from preprocessor symbols (reserved
 *  symbols).
 *
 *  Revision 1.4  2003/07/04 13:28:32  meichel
 *  Added include for ofstream.h, to make sure ofstream is correctly defined
 *
 *  Revision 1.3  2001/06/01 15:51:12  meichel
 *  Updated copyright header
 *
 *  Revision 1.2  2000/10/10 12:13:31  meichel
 *  Added routines for printing certificates and connection parameters.
 *
 *  Revision 1.1  2000/08/10 14:50:26  meichel
 *  Added initial OpenSSL support.
 *
 *
 */

---

Generated on 4 Nov 2004 for OFFIS DCMTK Version 3.5.3 by Doxygen 1.3.8