1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
|
.TH "echoscu" 1 "Fri Apr 22 2022" "Version 3.6.7" "OFFIS DCMTK" \" -*- nroff -*-
.nh
.SH NAME
echoscu \- DICOM verification (C-ECHO) SCU
.SH "SYNOPSIS"
.PP
.PP
.nf
echoscu [options] peer port
.fi
.PP
.SH "DESCRIPTION"
.PP
The \fBechoscu\fP application implements a Service Class User (SCU) for the Verification SOP Class\&. It sends a DICOM C-ECHO message to a Service Class Provider (SCP) and waits for a response\&. The application can be used to verify basic DICOM connectivity\&.
.SH "PARAMETERS"
.PP
.PP
.nf
peer hostname of DICOM peer
port tcp/ip port number of peer
.fi
.PP
.SH "OPTIONS"
.PP
.SS "general options"
.PP
.nf
-h --help
print this help text and exit
--version
print version information and exit
--arguments
print expanded command line arguments
-q --quiet
quiet mode, print no warnings and errors
-v --verbose
verbose mode, print processing details
-d --debug
debug mode, print debug information
-ll --log-level [l]evel: string constant
(fatal, error, warn, info, debug, trace)
use level l for the logger
-lc --log-config [f]ilename: string
use config file f for the logger
.fi
.PP
.SS "network options"
.PP
.nf
application entity titles:
-aet --aetitle [a]etitle: string
set my calling AE title (default: ECHOSCU)
-aec --call [a]etitle: string
set called AE title of peer (default: ANY-SCP)
association negotiation debugging:
-pts --propose-ts [n]umber: integer (1..38)
propose n transfer syntaxes
-ppc --propose-pc [n]umber: integer (1..128)
propose n presentation contexts
other network options:
-to --timeout [s]econds: integer (default: unlimited)
timeout for connection requests
-ts --socket-timeout [s]econds: integer (default: 60)
timeout for network socket (0 for none)
-ta --acse-timeout [s]econds: integer (default: 30)
timeout for ACSE messages
-td --dimse-timeout [s]econds: integer (default: unlimited)
timeout for DIMSE messages
-pdu --max-pdu [n]umber of bytes: integer (4096..131072)
set max receive pdu to n bytes (default: 16384)
--repeat [n]umber: integer
repeat n times
--abort
abort association instead of releasing it
.fi
.PP
.SS "transport layer security (TLS) options"
.PP
.nf
transport protocol stack:
-tls --disable-tls
use normal TCP/IP connection (default)
+tls --enable-tls [p]rivate key file, [c]ertificate file: string
use authenticated secure TLS connection
+tla --anonymous-tls
use secure TLS connection without certificate
private key password (only with --enable-tls):
+ps --std-passwd
prompt user to type password on stdin (default)
+pw --use-passwd [p]assword: string
use specified password
-pw --null-passwd
use empty string as password
key and certificate file format:
-pem --pem-keys
read keys and certificates as PEM file (default)
-der --der-keys
read keys and certificates as DER file
certification authority:
+cf --add-cert-file [f]ilename: string
add certificate file to list of certificates
+cd --add-cert-dir [d]irectory: string
add certificates in d to list of certificates
+crl --add-crl-file [f]ilename: string
add certificate revocation list file
(implies --enable-crl-vfy)
+crv --enable-crl-vfy
enable leaf CRL verification
+cra --enable-crl-all
enable full chain CRL verification
security profile:
+py --profile-bcp195-nd
Non-downgrading BCP 195 TLS Profile (default)
+px --profile-bcp195
BCP 195 TLS Profile
+pz --profile-bcp195-ex
Extended BCP 195 TLS Profile
+pb --profile-basic
Basic TLS Secure Transport Connection Profile (retired)
+pa --profile-aes
AES TLS Secure Transport Connection Profile (retired)
+pn --profile-null
Authenticated unencrypted communication
(retired, was used in IHE ATNA)
ciphersuite:
+cc --list-ciphers
show list of supported TLS ciphersuites and exit
+cs --cipher [c]iphersuite name: string
add ciphersuite to list of negotiated suites
pseudo random generator:
+rs --seed [f]ilename: string
seed random generator with contents of f
+ws --write-seed
write back modified seed (only with --seed)
+wf --write-seed-file [f]ilename: string (only with --seed)
write modified seed to file f
peer authentication:
-rc --require-peer-cert
verify peer certificate, fail if absent (default)
-ic --ignore-peer-cert
don't verify peer certificate
offline certificate verification:
+vc --verify-cert [f]ilename: string
verify certificate against CA settings
# Load a client certificate and check whether it would be accepted
# when received during a TLS handshake. Print result and exit.
+rc --is-root-cert [f]ilename: string
check if certificate is self-signed root CA
# Load a client certificate and check whether it is a valid,
# self-signed root CA certificate. Print result and exit.
.fi
.PP
.SH "NOTES"
.PP
.SS "DICOM Conformance"
The \fBechoscu\fP application supports the following SOP Classes as an SCU:
.PP
.PP
.nf
VerificationSOPClass 1.2.840.10008.1.1
.fi
.PP
.PP
Unless the \fI--propose-ts\fP option is used, the echoscu application will only propose the transfer syntax
.PP
.PP
.nf
LittleEndianImplicitTransferSyntax 1.2.840.10008.1.2
.fi
.PP
.SH "LOGGING"
.PP
The level of logging output of the various command line tools and underlying libraries can be specified by the user\&. By default, only errors and warnings are written to the standard error stream\&. Using option \fI--verbose\fP also informational messages like processing details are reported\&. Option \fI--debug\fP can be used to get more details on the internal activity, e\&.g\&. for debugging purposes\&. Other logging levels can be selected using option \fI--log-level\fP\&. In \fI--quiet\fP mode only fatal errors are reported\&. In such very severe error events, the application will usually terminate\&. For more details on the different logging levels, see documentation of module 'oflog'\&.
.PP
In case the logging output should be written to file (optionally with logfile rotation), to syslog (Unix) or the event log (Windows) option \fI--log-config\fP can be used\&. This configuration file also allows for directing only certain messages to a particular output stream and for filtering certain messages based on the module or application where they are generated\&. An example configuration file is provided in \fI<etcdir>/logger\&.cfg\fP\&.
.SH "COMMAND LINE"
.PP
All command line tools use the following notation for parameters: square brackets enclose optional values (0-1), three trailing dots indicate that multiple values are allowed (1-n), a combination of both means 0 to n values\&.
.PP
Command line options are distinguished from parameters by a leading '+' or '-' sign, respectively\&. Usually, order and position of command line options are arbitrary (i\&.e\&. they can appear anywhere)\&. However, if options are mutually exclusive the rightmost appearance is used\&. This behavior conforms to the standard evaluation rules of common Unix shells\&.
.PP
In addition, one or more command files can be specified using an '@' sign as a prefix to the filename (e\&.g\&. \fI@command\&.txt\fP)\&. Such a command argument is replaced by the content of the corresponding text file (multiple whitespaces are treated as a single separator unless they appear between two quotation marks) prior to any further evaluation\&. Please note that a command file cannot contain another command file\&. This simple but effective approach allows one to summarize common combinations of options/parameters and avoids longish and confusing command lines (an example is provided in file \fI<datadir>/dumppat\&.txt\fP)\&.
.SH "EXIT CODES"
.PP
The \fBechoscu\fP utility uses the following exit codes when terminating\&. This enables the user to check for the reason why the application terminated\&.
.SS "general"
.PP
.nf
EXITCODE_NO_ERROR 0
EXITCODE_COMMANDLINE_SYNTAX_ERROR 1
.fi
.PP
.SS "input file errors"
.PP
.nf
EXITCODE_CANNOT_READ_INPUT_FILE 20 (*)
EXITCODE_INVALID_INPUT_FILE 22
.fi
.PP
.SS "output file errors"
.PP
.nf
EXITCODE_CANNOT_WRITE_OUTPUT_FILE 40 (*)
.fi
.PP
.SS "network errors"
.PP
.nf
EXITCODE_CANNOT_INITIALIZE_NETWORK 60 (*)
EXITCODE_ASSOCIATION_ABORTED 70
.fi
.PP
.PP
(*) Actually, these codes are currently not used by \fBechoscu\fP but serve as a placeholder for the corresponding group of exit codes\&.
.SH "ENVIRONMENT"
.PP
The \fBechoscu\fP utility will attempt to load DICOM data dictionaries specified in the \fIDCMDICTPATH\fP environment variable\&. By default, i\&.e\&. if the \fIDCMDICTPATH\fP environment variable is not set, the file \fI<datadir>/dicom\&.dic\fP will be loaded unless the dictionary is built into the application (default for Windows)\&.
.PP
The default behavior should be preferred and the \fIDCMDICTPATH\fP environment variable only used when alternative data dictionaries are required\&. The \fIDCMDICTPATH\fP environment variable has the same format as the Unix shell \fIPATH\fP variable in that a colon (':') separates entries\&. On Windows systems, a semicolon (';') is used as a separator\&. The data dictionary code will attempt to load each file specified in the \fIDCMDICTPATH\fP environment variable\&. It is an error if no data dictionary can be loaded\&.
.SH "COPYRIGHT"
.PP
Copyright (C) 1994-2022 by OFFIS e\&.V\&., Escherweg 2, 26121 Oldenburg, Germany\&.
|
