This module contains classes that implement DICOM network communication tunneled through a Transport Layer Security (TLS) connection, conforming to the DICOM "Security Enhancements One" extension (formerly Supplement 31). This module requires the external OpenSSL library.
The main interface classes are:
Files
The following files provide further documentation:
Examples
The following example shows a code fragment that enables TLS for an association requestor application. The complete network initialization code is not shown here and most error checking code is omitted for brevity.
NET_REQUESTOR, "random.dat");
{
cerr << "unable to load private key" << endl;
return;
}
{
cerr << "unable to load certificate" << endl;
return;
}
ASC_setTransportLayer(net, tLayer, 1);
ASC_setTransportLayerType(params, 1);
factory class which creates secure TLS transport layer connections and maintains the parameters commo...
Definition: tlslayer.h:107
void setCertificateVerification(DcmCertificateVerification vtype)
defines how peer certificates should be treated when negotiating a TLS connection.
OFCondition activateCipherSuites()
activate the current list of ciphersuites by transferring to the OpenSSL layer This method needs to b...
OFCondition setPrivateKeyFile(const char *fileName, DcmKeyFileFormat fileType)
loads the private key used for authentication of this application from a file.
OFCondition setTLSProfile(DcmTLSSecurityProfile profile)
replace the current list of ciphersuites by the list of ciphersuites for the given profile.
static void initializeOpenSSL()
Initialize OpenSSL Library.
OFCondition setCertificateFile(const char *fileName, DcmKeyFileFormat fileType, DcmTLSSecurityProfile profile)
loads the certificate (public key) used for authentication of this application from a file.
OFBool bad() const
check if the status is not OK, i.e. error or failure.
Definition: ofcond.h:321
@ TSP_Profile_BCP_195_RFC_8996
DICOM BCP 195 RFC 8996 TLS Profile, based on RFC 8996 and RFC 9325.
Definition: tlsciphr.h:108
@ DCV_ignoreCertificate
do not check peer certificate
Definition: tlslayer.h:77