Mercurial > hg > orthanc
diff OrthancServer/OrthancInitialization.cpp @ 2022:fefbe71c2272
Possibility to use PKCS#11 authentication for hardware security modules with Orthanc peers
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Fri, 17 Jun 2016 17:09:50 +0200 |
parents | a0bd8cd55da7 |
children | fabf7820d1f1 0ad32aeae9f3 |
line wrap: on
line diff
--- a/OrthancServer/OrthancInitialization.cpp Wed Jun 15 17:20:52 2016 +0200 +++ b/OrthancServer/OrthancInitialization.cpp Fri Jun 17 17:09:50 2016 +0200 @@ -424,6 +424,48 @@ } + static void ConfigurePkcs11(const Json::Value& config) + { + if (config.type() != Json::objectValue || + !config.isMember("Module") || + config["Module"].type() != Json::stringValue) + { + LOG(ERROR) << "No path to the PKCS#11 module (DLL or .so) is provided for HTTPS client authentication"; + throw OrthancException(ErrorCode_BadFileFormat); + } + + std::string pin; + if (config.isMember("Pin")) + { + if (config["Pin"].type() == Json::stringValue) + { + pin = config["Pin"].asString(); + } + else + { + LOG(ERROR) << "The PIN number in the PKCS#11 configuration must be a string"; + throw OrthancException(ErrorCode_BadFileFormat); + } + } + + bool verbose = false; + if (config.isMember("Verbose")) + { + if (config["Verbose"].type() == Json::booleanValue) + { + verbose = config["Verbose"].asBool(); + } + else + { + LOG(ERROR) << "The Verbose option in the PKCS#11 configuration must be a Boolean"; + throw OrthancException(ErrorCode_BadFileFormat); + } + } + + HttpClient::InitializePkcs11(config["Module"].asString(), pin, verbose); + } + + void OrthancInitialize(const char* configurationFile) { @@ -435,10 +477,6 @@ SSL_load_error_strings(); OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); - - curl_global_init(CURL_GLOBAL_ALL); -#else - curl_global_init(CURL_GLOBAL_ALL & ~CURL_GLOBAL_SSL); #endif InitializeServerEnumerations(); @@ -447,6 +485,11 @@ ReadGlobalConfiguration(configurationFile); ValidateGlobalConfiguration(); + if (configuration_.isMember("Pkcs11")) + { + ConfigurePkcs11(configuration_["Pkcs11"]); + } + HttpClient::GlobalInitialize(); RegisterUserMetadata(); @@ -488,8 +531,6 @@ DJDecoderRegistration::cleanup(); #endif - curl_global_cleanup(); - #if ORTHANC_SSL_ENABLED == 1 // Finalize OpenSSL // https://wiki.openssl.org/index.php/Library_Initialization#Cleanup