Mercurial > hg > orthanc

comparison OrthancServer/OrthancInitialization.cpp @ 2022:fefbe71c2272

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Possibility to use PKCS#11 authentication for hardware security modules with Orthanc peers
author Sebastien Jodogne <s.jodogne@gmail.com>
date Fri, 17 Jun 2016 17:09:50 +0200
parents a0bd8cd55da7
children fabf7820d1f1 0ad32aeae9f3
comparison
equal deleted inserted replaced
2021:bd143a77eb7a 2022:fefbe71c2272
422 FromDcmtkBridge::RegisterDictionaryTag(tag, vr, name, minMultiplicity, maxMultiplicity); 422 FromDcmtkBridge::RegisterDictionaryTag(tag, vr, name, minMultiplicity, maxMultiplicity);
423 } 423 }
424 } 424 }
425 425
426 426
427 static void ConfigurePkcs11(const Json::Value& config)
428 {
429 if (config.type() != Json::objectValue ||
430 !config.isMember("Module") ||
431 config["Module"].type() != Json::stringValue)
432 {
433 LOG(ERROR) << "No path to the PKCS#11 module (DLL or .so) is provided for HTTPS client authentication";
434 throw OrthancException(ErrorCode_BadFileFormat);
435 }
436
437 std::string pin;
438 if (config.isMember("Pin"))
439 {
440 if (config["Pin"].type() == Json::stringValue)
441 {
442 pin = config["Pin"].asString();
443 }
444 else
445 {
446 LOG(ERROR) << "The PIN number in the PKCS#11 configuration must be a string";
447 throw OrthancException(ErrorCode_BadFileFormat);
448 }
449 }
450
451 bool verbose = false;
452 if (config.isMember("Verbose"))
453 {
454 if (config["Verbose"].type() == Json::booleanValue)
455 {
456 verbose = config["Verbose"].asBool();
457 }
458 else
459 {
460 LOG(ERROR) << "The Verbose option in the PKCS#11 configuration must be a Boolean";
461 throw OrthancException(ErrorCode_BadFileFormat);
462 }
463 }
464
465 HttpClient::InitializePkcs11(config["Module"].asString(), pin, verbose);
466 }
467
468
427 469
428 void OrthancInitialize(const char* configurationFile) 470 void OrthancInitialize(const char* configurationFile)
429 { 471 {
430 boost::recursive_mutex::scoped_lock lock(globalMutex_); 472 boost::recursive_mutex::scoped_lock lock(globalMutex_);
431 473
433 // https://wiki.openssl.org/index.php/Library_Initialization 475 // https://wiki.openssl.org/index.php/Library_Initialization
434 SSL_library_init(); 476 SSL_library_init();
435 SSL_load_error_strings(); 477 SSL_load_error_strings();
436 OpenSSL_add_all_algorithms(); 478 OpenSSL_add_all_algorithms();
437 ERR_load_crypto_strings(); 479 ERR_load_crypto_strings();
438
439 curl_global_init(CURL_GLOBAL_ALL);
440 #else
441 curl_global_init(CURL_GLOBAL_ALL & ~CURL_GLOBAL_SSL);
442 #endif 480 #endif
443 481
444 InitializeServerEnumerations(); 482 InitializeServerEnumerations();
445 483
446 // Read the user-provided configuration 484 // Read the user-provided configuration
447 ReadGlobalConfiguration(configurationFile); 485 ReadGlobalConfiguration(configurationFile);
448 ValidateGlobalConfiguration(); 486 ValidateGlobalConfiguration();
487
488 if (configuration_.isMember("Pkcs11"))
489 {
490 ConfigurePkcs11(configuration_["Pkcs11"]);
491 }
449 492
450 HttpClient::GlobalInitialize(); 493 HttpClient::GlobalInitialize();
451 494
452 RegisterUserMetadata(); 495 RegisterUserMetadata();
453 RegisterUserContentType(); 496 RegisterUserContentType();
485 528
486 #if ORTHANC_JPEG_ENABLED == 1 529 #if ORTHANC_JPEG_ENABLED == 1
487 // Unregister JPEG codecs 530 // Unregister JPEG codecs
488 DJDecoderRegistration::cleanup(); 531 DJDecoderRegistration::cleanup();
489 #endif 532 #endif
490
491 curl_global_cleanup();
492 533
493 #if ORTHANC_SSL_ENABLED == 1 534 #if ORTHANC_SSL_ENABLED == 1
494 // Finalize OpenSSL 535 // Finalize OpenSSL
495 // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup 536 // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup
496 FIPS_mode_set(0); 537 FIPS_mode_set(0);