Mercurial > hg > orthanc

diff OrthancServer/OrthancInitialization.cpp @ 2022:fefbe71c2272

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Possibility to use PKCS#11 authentication for hardware security modules with Orthanc peers
author Sebastien Jodogne <s.jodogne@gmail.com>
date Fri, 17 Jun 2016 17:09:50 +0200
parents a0bd8cd55da7
children fabf7820d1f1 0ad32aeae9f3
line wrap: on
line diff
--- a/OrthancServer/OrthancInitialization.cpp	Wed Jun 15 17:20:52 2016 +0200
+++ b/OrthancServer/OrthancInitialization.cpp	Fri Jun 17 17:09:50 2016 +0200
@@ -424,6 +424,48 @@
   }
 
 
+  static void ConfigurePkcs11(const Json::Value& config)
+  {
+    if (config.type() != Json::objectValue ||
+        !config.isMember("Module") ||
+        config["Module"].type() != Json::stringValue)
+    {
+      LOG(ERROR) << "No path to the PKCS#11 module (DLL or .so) is provided for HTTPS client authentication";
+      throw OrthancException(ErrorCode_BadFileFormat);
+    }
+
+    std::string pin;
+    if (config.isMember("Pin"))
+    {
+      if (config["Pin"].type() == Json::stringValue)
+      {
+        pin = config["Pin"].asString();
+      }
+      else
+      {
+        LOG(ERROR) << "The PIN number in the PKCS#11 configuration must be a string";
+        throw OrthancException(ErrorCode_BadFileFormat);
+      }
+    }
+
+    bool verbose = false;
+    if (config.isMember("Verbose"))
+    {
+      if (config["Verbose"].type() == Json::booleanValue)
+      {
+        verbose = config["Verbose"].asBool();
+      }
+      else
+      {
+        LOG(ERROR) << "The Verbose option in the PKCS#11 configuration must be a Boolean";
+        throw OrthancException(ErrorCode_BadFileFormat);
+      }
+    }
+
+    HttpClient::InitializePkcs11(config["Module"].asString(), pin, verbose);
+  }
+
+
 
   void OrthancInitialize(const char* configurationFile)
   {
@@ -435,10 +477,6 @@
     SSL_load_error_strings();
     OpenSSL_add_all_algorithms();
     ERR_load_crypto_strings();
-
-    curl_global_init(CURL_GLOBAL_ALL);
-#else
-    curl_global_init(CURL_GLOBAL_ALL & ~CURL_GLOBAL_SSL);
 #endif
 
     InitializeServerEnumerations();
@@ -447,6 +485,11 @@
     ReadGlobalConfiguration(configurationFile);
     ValidateGlobalConfiguration();
 
+    if (configuration_.isMember("Pkcs11"))
+    {
+      ConfigurePkcs11(configuration_["Pkcs11"]);
+    }
+
     HttpClient::GlobalInitialize();
 
     RegisterUserMetadata();
@@ -488,8 +531,6 @@
     DJDecoderRegistration::cleanup();
 #endif
 
-    curl_global_cleanup();
-
 #if ORTHANC_SSL_ENABLED == 1
     // Finalize OpenSSL
     // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup