This file is indexed.

/usr/include/dcmtk/dcmtls/tlsscu.h is in libdcmtk-dev 3.6.1~20150924-5.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
/*
 *
 *  Copyright (C) 2010-2013, OFFIS e.V.
 *  All rights reserved.  See COPYRIGHT file for details.
 *
 *  This software and supporting documentation were developed by
 *
 *    OFFIS e.V.
 *    R&D Division Health
 *    Escherweg 2
 *    D-26121 Oldenburg, Germany
 *
 *
 *  Module:  dcmtls
 *
 *  Author:  Michael Onken
 *
 *  Purpose: Base class for TLS-enabled Service Class Users (SCUs)
 *
 */

#ifndef TLSSCU_H
#define TLSSCU_H

#include "dcmtk/config/osconfig.h" /* make sure OS specific configuration is included first */

#ifdef WITH_OPENSSL
#include "dcmtk/dcmnet/scu.h"
#include "dcmtk/dcmtls/tlstrans.h"
#include "dcmtk/dcmtls/tlslayer.h"
#include "dcmtk/dcmtls/tlsdefin.h"


/** Base class for implementing DICOM TLS-enabled Service Class User functionality. This
 *  class is derived from the general DcmSCU class and just adds the corresponding TLS
 *  capabilities.
 *  @warning This class is EXPERIMENTAL. Be careful to use it in production environment.
 */
class DCMTK_DCMTLS_EXPORT DcmTLSSCU : public DcmSCU
{

public:

  /** Constructor, just initializes internal class members
   */
  DcmTLSSCU();

  /** Initialize SCU with connection peer information
   *  @param peerHost [in] The hostname or IP of the host to talk to
   *  @param peerAETtitle [in] AETitle of peer host to be used
   *  @param portNum [in] TCP/IP port number to talk to
   */
  DcmTLSSCU(const OFString& peerHost,
            const OFString& peerAETitle,
            const Uint16 portNum);

  /** Virtual destructor
    */
  virtual ~DcmTLSSCU();

  /** Initialize network, i.e. prepare for association negotiation.
   *  @return EC_Normal if initialization was successful, otherwise error code
   */
  virtual OFCondition initNetwork();

  /** Negotiate association by using presentation contexts and parameters
   *  as defined by earlier function calls.
   *  @return EC_Normal if negotiation was successful, otherwise error code
   */
  virtual OFCondition negotiateAssociation();

  /** Closes the association of this SCU
   *  @deprecated The use of this method is deprecated. Please use
   *    DcmSCU::releaseAssociation() or DcmSCU::abortAssociation() instead.
   *  @param closeType [in] Define whether to release or abort the association
   */
  virtual void closeAssociation(const DcmCloseAssociationType closeType);

  /** TODO: Not documented yet
   *  @param str [in] Not documented yet
   */
  virtual void addTrustedCertFile(const OFString& str);

  /** TODO: Not documented yet
   *  @param certDir [in] Not documented yet
   */
  virtual void addTrustedCertDir(const OFString& certDir);

  /** TODO: Not documented yet
   *  @param privateKey    [in] File with private key to authenticate with
   *  @param certFile      [in] File with certificate to authenticate with
   *  @param passphrase    [in] Password to access key. NULL asks user on console.
   *                            "" will send empty password. Default is asking the
   *                            user to enter password.
   *  @param privKeyFormat [in] Format of private key parameter. Default is
   *                            SSL_FILETYPE_PEM.
   *  @param certFormat    [in] Format of certificate file parameter. Default is
   *                            SSL_FILETYPE_PEM.
   */
  virtual void enableAuthentication(const OFString& privateKey,
                                    const OFString& certFile,
                                    const char* passphrase = NULL,
                                    const int privKeyFormat = SSL_FILETYPE_PEM,
                                    const int certFormat = SSL_FILETYPE_PEM);

  /** Disables authentication. However, DcmTLSSCU will try to establish secured connection
   *  in terms of encrypting data. Default is that authentication is disabled.
   */
  virtual void disableAuthentication();

  /** TODO: Not documented yet
   *  @param cs [in] TODO: Not documented yet
   */
  virtual void addCiphersuite(const OFString& cs);

  /** TODO: Not documented yet
   *  @param seedFile [in] TODO: Not documented yet
   */
  virtual void setReadSeedFile(const OFString& seedFile);

  /** TODO: Not documented yet
   *  @param seedFile [in] TODO: Not documented yet
   */
  virtual void setWriteSeedFile(const OFString& seedFile);

  /** Set whether peer's certificate must be there, only is checked if there or is ignored
   *  @param cert [in] peer certificate verification mode. The following values are permitted:
   *                   DCV_requireCertificate, DCV_checkCertificate, DCV_ignoreCertificate
   */
  virtual void setPeerCertVerification(const DcmCertificateVerification cert);

  /** Not documented yet
   *  @param dhParam [in] TODO: Not documented yet
   */
  virtual void setDHParam(const OFString& dhParam);

  /** Returns OFTrue if authentication is enabled
   *  @param ... TODO: Not documented yet
   *  @return Return value OFTrue
   */
  virtual OFBool getAuthenticationParams(OFString& privKeyFile,
                                         OFString& certFile,
                                         const char*& passphrase,
                                         int& privKeyFormat,
                                         int& certFormat) const;

  /** TODO: Not documented yet
   *  @param files [out] TODO: Not documented yet
   */
  virtual void getTrustedCertFiles(OFList<OFString>& files /*out*/) const;

  /** TODO: Not documented yet
   *  @param trustedDirs [out] TODO: Not documented yet
   */
  virtual void getTrustedCertDirs(OFList<OFString>& trustedDirs /*out*/) const;

  /** TODO: Not documented yet
   *  @return TODO: Not documented yet
   */
  virtual OFString getCiphersuites() const;

  /** TODO: Not documented yet
   *  @return TODO: Not documented yet
   */
  virtual OFString getReadSeedFile() const;

  /** TODO: Not documented yet
   *  @return TODO: Not documented yet
   */
  virtual OFString getWriteSeedFile() const;

  /** TODO: Not documented yet
   *  @return TODO: Not documented yet
   */
  virtual OFString getDHParam() const;

private:

  /** Private undefined copy-constructor. Shall never be called.
   *  @param src Source object
   */
  DcmTLSSCU(const DcmTLSSCU &src);

  /** Private undefined operator=. Shall never be called.
   *  @param src Source object
   *  @return Reference to this
   */
  DcmTLSSCU &operator=(const DcmTLSSCU &src);

  /// The TLS layer responsible for all encryption/authentication stuff
  DcmTLSTransportLayer *m_tLayer;

  /// If enabled, authentication of client/server is enabled
  OFBool m_doAuthenticate;

  /// A list of directories containing trusted certificates (if authentication is enabled)
  OFList<OFString> m_trustedCertDirs;

  /// A list of files containing trusted certificates (if authentication is enabled)
  OFList<OFString> m_trustedCertFiles;

  /// The file containing the private key (if authentication is enabled)
  OFString m_privateKeyFile;

  /// Might be either "SSL_FILETYPE_PEM" (default) or "SSL_FILETYPE_ASN1"
  int m_privateKeyFileFormat;

  /// File containing the certificate the SCU should use for authentication
  OFString m_certificateFile;

  /// Might be either "SSL_FILETYPE_PEM" (default) or "SSL_FILETYPE_ASN1"
  int m_certKeyFileFormat;

  /// Password used for unlocking the private key file. If NULL, password is asked from
  /// STDIN. If empty string (""), password is sent empty. All others values are sent as
  /// given.
  char* m_passwd;

  /// String containing all cipher suites being (additionally? TODO) configured
  OFString m_ciphersuites;

  /// TODO: Not documented yet
  OFString m_readSeedFile;

  /// TODO: Not documented yet
  OFString m_writeSeedFile;

  /// Denotes how certificates are handled, i.e. whether they are required, validated or
  /// only validated if present
  DcmCertificateVerification m_certVerification;

  /// File containing Diffie-Hellman parameters to be used
  OFString m_dhparam;

};

#endif // WITH_OPENSSL

#endif // TLSSCU_H