package epsos.ccd.gnomon.configmanager; import java.io.IOException; import java.security.cert.CertificateException; import java.util.Enumeration; import java.util.Hashtable; import javax.xml.parsers.ParserConfigurationException; import org.apache.log4j.Logger; import org.w3c.dom.Document; import org.xml.sax.SAXException; /** * * Synchronizes the countries tsl content to the configuration parameters Read the list of countries from the configuration manager parameter name = ncp.countries For each country reads again the * configuration manager to find the property tsl.location.[country_code] It verifies the tsl file It parses the tsl file and extracts the endpoint wse and writes them to the configuration manager * Finally it exports all the xertificates and add them to the truststor * * @author Kostas Karkaletsis * @author Organization: Gnomon * @author mail:k.karkaletsis@gnomon.com.gr * @version 1.0, 2010, 30 Jun * */ public class TSLSynchronizer { static Logger logger = Logger.getLogger(TSLSynchronizer.class); public static void main(String[] args) throws ParserConfigurationException, SAXException, IOException, CertificateException { ConfigurationManagerService cms = ConfigurationManagerService.getInstance(); String ncp = cms.getProperty("ncp.country"); String ncpemail = cms.getProperty("ncp.email"); if (ncp.equals("")) { ncp = "GR-12"; cms.updateProperty("ncp.country", ncp); } if (ncpemail.equals("")) { ncpemail = "ncpgr@epsos.gr"; cms.updateProperty("ncp.email", ncpemail); } // read the country codes of the epSOS countries from the NCP configuration String[] countries = getCountriesList(cms).split(","); Hashtable serviceNames = null; String url = ""; // Loop through countries list for (int i = 0; i < countries.length; i++) { // read the country TSL from a known location logger.info(countries[i] + ": Reading tsl file"); url = cms.getProperty("tsl.location." + countries[i]); logger.info("URL: " + url); // verify the authenticity and integrity of tsl Document doc = TSLUtils.createDomFromURLUsingHttps(url); // boolean verifyTSL = TSLUtils.VerifyTSL(doc); boolean verifyTSL = true; if (verifyTSL) { logger.info(countries[i] + ": The tsl file has verified"); // Extract the service WSEs from the TSL and write them to the NCP configuration logger.info(countries[i] + ": Extracting service Endpoints"); serviceNames = TSLUtils.getServicesFromTSL(url); if (serviceNames.size() > 0) { Enumeration names; names = serviceNames.keys(); String str = ""; while (names.hasMoreElements()) { str = (String) names.nextElement(); // Correct the typo of PatientIdentification Service String str_corrected = ""; if (str.equals("PatientIdenitificationService")) { str_corrected = "PatientIdentificationService"; } else { str_corrected = str; } if (!serviceNames.get(str).toString().equals("")) { cms.setServiceWSE(countries[i], str_corrected.trim(), serviceNames.get(str).toString() .trim()); } logger.debug(countries[i] + ": Extracting " + str.trim() + " - " + serviceNames.get(str).toString().trim()); } // Extract the certificates from services, ipsec and ssl // Services logger.info(countries[i] + ": Extracting certificates"); TSLUtils.exportSSLFromTSL(url, countries[i]); TSLUtils.exportNCPSignFromTSL(url, countries[i]); sendAudit(ncp, ncpemail, "Central Cervices", "centralservices@epsos.eu"); } else { logger.info(countries[i] + ": Problem extracting service names"); } } else { logger.error("ERROR Validating TSL"); } } } /** * Reads the NCP Configuration and returns the list of ncp countries * * @param cms * the instance of configuration manager * @return the comma seperated list of ncp countries */ private static String getCountriesList(ConfigurationManagerService cms) { return cms.getProperty("ncp.countries"); } private static void sendAudit(String sc_fullname, String sc_email, String sp_fullname, String sp_email) { } }