/*! \page mod_dcmtls dcmtls: security extensions for the network library This module contains classes that implement DICOM network communication tunneled through a Transport Layer Security (TLS) connection, conforming to the DICOM "Security Enhancements One" extension (formerly Supplement 31). This module requires the external OpenSSL library. The main interface classes are: \li \b DcmTLSTransportLayer \li \b DcmTLSConnection \section Files The following files provide further documentation: \li \ref dcmtls_certstore \li \ref file_ciphers \li \ref file_randseed \section Examples The following example shows a code fragment that enables TLS for an association requestor application. The complete network initialization code is not shown here and most error checking code is omitted for brevity. \code T_ASC_Network *net; // network initialization code not shown, T_ASC_Parameters *params; // we just assume these pointers to be valid DcmTLSTransportLayer::initializeOpenSSL(); // initialize OpenSSL library // create TLS object that initializes the random generator through a file // "random.dat" containing random data (1 kByte is sufficient). DcmTLSTransportLayer *tLayer = new DcmTLSTransportLayer( NET_REQUESTOR, "random.dat"); if (tLayer->setPrivateKeyFile("privkey.pem", SSL_FILETYPE_PEM).bad()) { cerr << "unable to load private key" << endl; return; } if (tLayer->setCertificateFile("certificate.pem", SSL_FILETYPE_PEM).bad()) { cerr << "unable to load certificate" << endl; return; } // enable the ciphersuites for the BCP 195 secure transport profile tLayer->setTLSProfile(TSP_Profile_BCP195); tLayer->activateCipherSuites(); // accept any certificate from the remote site (not recommended) tLayer->setCertificateVerification(DCV_ignoreCertificate); // register and activate TLS layer ASC_setTransportLayer(net, tLayer, 1); ASC_setTransportLayerType(params, 1); \endcode */ /*! \page file_ciphers ciphers.txt file \verbinclude ciphers.txt */ /*! \page file_randseed randseed.txt file \verbinclude randseed.txt */