#!/bin/sh

export PROGNAME=$( basename $0 )

tsdir=${HOME}/.xos/truststore

mkdir -p ${tsdir}/{private,certs} >/dev/null 2>&1

if [ $? -ne 0 ];  then
   echo "Error: cannot create directories 'private' and/or 'certs' under ${tsdir} for storing private key and XOS certificate."
   echo "Please check permissions on ${HOME}/.xos and any sub-directories."
  exit 1
fi

cdadistdir=/usr/share/java
cdalibdir=/usr/share/java

ignoreWrongCertificate=false
# If ignoreWrongCertificate is set to false, the client program exits during the SSL handshake if
# the CDA server presents a host certificate that doesn't belong to it
# This is determined by the certificate extension field subjectAltName
# having a  DNS:name entry different to the FQDN of the CDA server you are connecting to.
                                
# You can set ignoreWrongCertificate to true if you want to test the CDA client against a CDA server 
# This is only safe to do if you are running the CDA server
# in your own organisation and you don't have available a CDA server
# certificate with the sujbectAltName DNS:name extension for
# the host you are running the CDA server on.
# Do not set ignoreWrongCertificate=true in a production environment

ignore="-Dcdaclient.ignoreWrongCDACertificate=${ignoreWrongCertificate}"

conf="-Dcdaclient.confDir=${cdaconfdir}" 
conf="${conf} ${rootcert}"


jvmsettings="-ea"

# For debugging, add -Djavax.net.debug=ssl,handshake"

classpath=${cdadistdir}/cdaclient.jar:${cdalibdir}/bcprov.jar:${cdalibdir}/security-commons.jar:${cdalibdir}/gnu.getopt.jar:${cdalibdir}/commons-lang.jar
mainclass=eu.xtreemos.security.cda.client.CdaClient

#
# Set the source of randomness for JCE
#

random="-Dsecurerandom.source=file:/dev/urandom"


java  ${conf} ${ignore} ${jvmsettings}  ${random} -cp ${classpath} ${mainclass} $*
