00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030 #ifndef TLSLAYER_H
00031 #define TLSLAYER_H
00032
00033 #include "dcmtk/config/osconfig.h"
00034 #include "dcmtk/dcmnet/dcmlayer.h"
00035 #include "dcmtk/ofstd/ofstream.h"
00036 #include "dcmtk/oflog/oflog.h"
00037
00038 #ifdef WITH_OPENSSL
00039 BEGIN_EXTERN_C
00040 #include <openssl/ssl.h>
00041 END_EXTERN_C
00042
00043 OFLogger DCM_dcmtlsGetLogger();
00044
00045 #define DCMTLS_TRACE(msg) OFLOG_TRACE(DCM_dcmtlsGetLogger(), msg)
00046 #define DCMTLS_DEBUG(msg) OFLOG_DEBUG(DCM_dcmtlsGetLogger(), msg)
00047 #define DCMTLS_INFO(msg) OFLOG_INFO(DCM_dcmtlsGetLogger(), msg)
00048 #define DCMTLS_WARN(msg) OFLOG_WARN(DCM_dcmtlsGetLogger(), msg)
00049 #define DCMTLS_ERROR(msg) OFLOG_ERROR(DCM_dcmtlsGetLogger(), msg)
00050 #define DCMTLS_FATAL(msg) OFLOG_FATAL(DCM_dcmtlsGetLogger(), msg)
00051
00056 enum DcmCertificateVerification
00057 {
00060 DCV_requireCertificate,
00061
00064 DCV_checkCertificate,
00065
00068 DCV_ignoreCertificate
00069 };
00070
00071
00079 class DcmTLSTransportLayer: public DcmTransportLayer
00080 {
00081 public:
00082
00088 DcmTLSTransportLayer(int networkRole, const char *randFile);
00089
00091 virtual ~DcmTLSTransportLayer();
00092
00104 virtual DcmTransportConnection *createConnection(int openSocket, OFBool useSecureLayer);
00105
00111 DcmTransportLayerStatus setPrivateKeyFile(const char *fileName, int fileType);
00112
00118 DcmTransportLayerStatus setCertificateFile(const char *fileName, int fileType);
00119
00124 OFBool checkPrivateKeyMatchesCertificate();
00125
00131 DcmTransportLayerStatus addTrustedCertificateFile(const char *fileName, int fileType);
00132
00139 DcmTransportLayerStatus addTrustedCertificateDir(const char *pathName, int fileType);
00140
00148 DcmTransportLayerStatus setCipherSuites(const char *suites);
00149
00153 static unsigned long getNumberOfCipherSuites();
00154
00159 static const char *getTLSCipherSuiteName(unsigned long idx);
00160
00165 static const char *getOpenSSLCipherSuiteName(unsigned long idx);
00166
00171 static const char *findOpenSSLCipherSuiteName(const char *tlsCipherSuiteName);
00172
00177 OFBool canWriteRandomSeed() { return canWriteRandseed; }
00178
00183 OFBool writeRandomSeed(const char *randFile);
00184
00193 void seedPRNG(const char *randFile);
00194
00200 void addPRNGseed(void *buf, size_t bufSize);
00201
00206 void setCertificateVerification(DcmCertificateVerification vtype);
00207
00214 void setPrivateKeyPasswd(const char *thePasswd);
00215
00219 void setPrivateKeyPasswdFromConsole();
00220
00226 OFBool setTempDHParameters(const char *filename);
00227
00232 static OFString dumpX509Certificate(X509 *peerCertificate);
00233
00234 private:
00235
00237 DcmTLSTransportLayer(const DcmTLSTransportLayer&);
00238
00240 DcmTLSTransportLayer& operator=(const DcmTLSTransportLayer&);
00241
00243 SSL_CTX *transportLayerContext;
00244
00246 OFBool canWriteRandseed;
00247
00249 OFString privateKeyPasswd;
00250
00251 };
00252
00253 #endif
00254
00255 #endif
00256
00257
00258
00259
00260
00261
00262
00263
00264
00265
00266
00267
00268
00269
00270
00271
00272
00273
00274
00275
00276
00277
00278
00279
00280
00281
00282
00283
00284
00285
00286
00287
00288
00289
00290