From 80eba1fbc23a9c15078bef543726b70499405faa Mon Sep 17 00:00:00 2001 From: christianpaquin <> Date: Mon, 29 Jul 2024 12:44:15 +0000 Subject: [PATCH] daily dir and audit snapshot --- logs/daily_audit.json | 62 ++++++++++---------- logs/daily_dir_snapshot.json | 108 +++++++++++++++++++++++------------ 2 files changed, 101 insertions(+), 69 deletions(-) diff --git a/logs/daily_audit.json b/logs/daily_audit.json index cbc0d20..7fb76cc 100644 --- a/logs/daily_audit.json +++ b/logs/daily_audit.json @@ -1,6 +1,6 @@ { "directory": "https://raw.githubusercontent.com/the-commons-project/vci-directory/main/vci-issuers.json", - "auditTime": "2024-07-28T12:32:33Z", + "auditTime": "2024-07-29T12:35:52Z", "issuerCount": 634, "issuersWithErrors": [ { @@ -81,6 +81,18 @@ "Issuer key endpoint does not contain a CORS 'access-control-allow-origin' header" ] }, + { + "issuer": { + "iss": "https://s.bilh.org/healthcard/issuer", + "name": "Beth Israel Lahey Health", + "website": "https://www.bilh.org/patient-portal" + }, + "keys": [], + "crls": [], + "errors": [ + "TimeoutError: Timeout awaiting 'request' for 5000ms" + ] + }, { "issuer": { "iss": "https://ccpintconfg.ohiohealth.com/Interconnect-PRD-MUAPI/api/epic/2021/Security/Open/EcKeys/32001/SHC", @@ -364,7 +376,17 @@ "name": "Houston Methodist", "website": "https://mychart.houstonmethodist.org/mychart-prod/" }, - "keys": [], + "keys": [ + { + "x": "eVXPEAN8cSBXkLkDZjYummMTu6QVY2Yy85F2wCala40", + "y": "2M7ZLV2U3wA-8GCV-0rzk9f6EVsjfwJJjRBmiu7g4hg", + "kid": "SArj0J9FU7dr183eb1Sd_n6-WsFayMhxjrc1EIDvps4", + "use": "sig", + "kty": "EC", + "alg": "ES256", + "crv": "P-256" + } + ], "tlsDetails": { "version": "TLSv1.2", "cipher": "ECDHE-RSA-AES256-GCM-SHA384", @@ -375,7 +397,7 @@ }, "crls": [], "errors": [ - "HTTPError: Response code 500 (Internal Server Error)" + "Issuer key endpoint's CORS 'access-control-allow-origin' header *, * does not match the requested origin" ] }, { @@ -631,18 +653,6 @@ "RequestError: unable to verify the first certificate" ] }, - { - "issuer": { - "iss": "https://soap.crmcwy.org/fhirproxy/api/epic/2021/Security/Open/EcKeys/32001/SHC", - "name": "Cheyenne Regional Medical Center", - "website": "https://www.cheyenneregional.org/" - }, - "keys": [], - "crls": [], - "errors": [ - "TimeoutError: Timeout awaiting 'request' for 5000ms" - ] - }, { "issuer": { "iss": "https://www.gnb.ca/smarthealth", @@ -1126,7 +1136,7 @@ "keys": [], "crls": [], "errors": [ - "RequestError: read ECONNRESET" + "RequestError: Client network socket disconnected before secure TLS connection was established" ] }, { @@ -1268,7 +1278,7 @@ "keys": [], "crls": [], "errors": [ - "RequestError: write EPROTO 140154178717568:error:14094458:SSL routines:ssl3_read_bytes:tlsv1 unrecognized name:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1563:SSL alert number 112\n" + "RequestError: write EPROTO 139933797586816:error:14094458:SSL routines:ssl3_read_bytes:tlsv1 unrecognized name:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1563:SSL alert number 112\n" ] } ], @@ -1336,26 +1346,14 @@ "HCA National", "West Tennessee Healthcare" ], - "previousAuditTime": "2024-07-27T12:34:18Z", + "previousAuditTime": "2024-07-28T12:32:33Z", "newIssuerCount": 0, "deletedIssuerCount": 0, "removedKids": [ { - "iss": "https://api.ccf.org/mu/api/epic/2021/Security/Open/EcKeys/32001/SHC", - "kids": [ - "Gd7oOauG7qlj1t4lG0EfSs7mbY-EacAdvBNU-mY0HlU" - ] - }, - { - "iss": "https://epiclbsprxyprodpass.houstonmethodist.org/PRD-FHIR/api/epic/2021/Security/Open/EcKeys/32001/SHC", - "kids": [ - "SArj0J9FU7dr183eb1Sd_n6-WsFayMhxjrc1EIDvps4" - ] - }, - { - "iss": "https://soap.crmcwy.org/fhirproxy/api/epic/2021/Security/Open/EcKeys/32001/SHC", + "iss": "https://s.bilh.org/healthcard/issuer", "kids": [ - "BGitkgIyu9vcDNH9Kv_ojsN6ZzkRr7oG7PJ_TjWEuvY" + "Xsgwl-UeD61MtPj6wT4_6SasuHOdgGJ9oLVp2S5rTg0" ] } ] diff --git a/logs/daily_dir_snapshot.json b/logs/daily_dir_snapshot.json index 012d4bd..9125414 100644 --- a/logs/daily_dir_snapshot.json +++ b/logs/daily_dir_snapshot.json @@ -1,6 +1,6 @@ { "directory": "https://raw.githubusercontent.com/the-commons-project/vci-directory/main/vci-issuers.json", - "time": "2024-07-28T12:32:33Z", + "time": "2024-07-29T12:35:52Z", "issuerInfo": [ { "issuer": { @@ -5513,19 +5513,11 @@ "name": "Beth Israel Lahey Health", "website": "https://www.bilh.org/patient-portal" }, - "keys": [ - { - "kty": "EC", - "use": "sig", - "crv": "P-256", - "kid": "Xsgwl-UeD61MtPj6wT4_6SasuHOdgGJ9oLVp2S5rTg0", - "x": "HBdp5tF7PrXwUQS5_hEfWMi3FTDER3NNkMIgKzjo82k", - "y": "jLuqUhw4t6qAJScteDHxBoJHrLBWFryseUStatPbeyM", - "alg": "ES256" - } - ], + "keys": [], "crls": [], - "errors": [] + "errors": [ + "TimeoutError: Timeout awaiting 'request' for 5000ms" + ] }, { "issuer": { @@ -7575,6 +7567,14 @@ "crv": "P-256" } ], + "tlsDetails": { + "version": "TLSv1.3", + "cipher": "TLS_AES_256_GCM_SHA384", + "kexAlg": "ECDH, prime256v1, 256 bits", + "authAlg": "RSA-PSS", + "pubKeySize": "2048", + "compression": "NONE" + }, "crls": [], "errors": [] }, @@ -7679,6 +7679,14 @@ "crv": "P-256" } ], + "tlsDetails": { + "version": "TLSv1.2", + "cipher": "ECDHE-RSA-AES256-SHA384", + "kexAlg": "ECDH, prime256v1, 256 bits", + "authAlg": "RSA", + "pubKeySize": "2048", + "compression": "NONE" + }, "crls": [], "errors": [] }, @@ -8236,6 +8244,14 @@ "crv": "P-256" } ], + "tlsDetails": { + "version": "TLSv1.3", + "cipher": "TLS_AES_256_GCM_SHA384", + "kexAlg": "X25519, 253 bits", + "authAlg": "RSA-PSS", + "pubKeySize": "2048", + "compression": "NONE" + }, "crls": [], "errors": [] }, @@ -8277,9 +8293,9 @@ } ], "tlsDetails": { - "version": "TLSv1.2", - "cipher": "ECDHE-RSA-AES256-GCM-SHA384", - "kexAlg": "ECDH, secp384r1, 384 bits", + "version": "TLSv1.3", + "cipher": "TLS_AES_256_GCM_SHA384", + "kexAlg": "X25519, 253 bits", "authAlg": "RSA-PSS", "pubKeySize": "2048", "compression": "NONE" @@ -9800,14 +9816,6 @@ "crv": "P-256" } ], - "tlsDetails": { - "version": "TLSv1.2", - "cipher": "ECDHE-RSA-AES256-GCM-SHA384", - "kexAlg": "ECDH, secp521r1, 521 bits", - "authAlg": "RSA", - "pubKeySize": "2048", - "compression": "NONE" - }, "crls": [], "errors": [] }, @@ -10405,7 +10413,17 @@ "name": "Houston Methodist", "website": "https://mychart.houstonmethodist.org/mychart-prod/" }, - "keys": [], + "keys": [ + { + "x": "eVXPEAN8cSBXkLkDZjYummMTu6QVY2Yy85F2wCala40", + "y": "2M7ZLV2U3wA-8GCV-0rzk9f6EVsjfwJJjRBmiu7g4hg", + "kid": "SArj0J9FU7dr183eb1Sd_n6-WsFayMhxjrc1EIDvps4", + "use": "sig", + "kty": "EC", + "alg": "ES256", + "crv": "P-256" + } + ], "tlsDetails": { "version": "TLSv1.2", "cipher": "ECDHE-RSA-AES256-GCM-SHA384", @@ -10416,7 +10434,7 @@ }, "crls": [], "errors": [ - "HTTPError: Response code 500 (Internal Server Error)" + "Issuer key endpoint's CORS 'access-control-allow-origin' header *, * does not match the requested origin" ] }, { @@ -10765,8 +10783,8 @@ ], "tlsDetails": { "version": "TLSv1.2", - "cipher": "ECDHE-RSA-AES256-SHA384", - "kexAlg": "ECDH, secp521r1, 521 bits", + "cipher": "DHE-RSA-AES256-GCM-SHA384", + "kexAlg": "DH, 2048 bits", "authAlg": "RSA", "pubKeySize": "2048", "compression": "NONE" @@ -11195,9 +11213,9 @@ } ], "tlsDetails": { - "version": "TLSv1.3", - "cipher": "TLS_AES_256_GCM_SHA384", - "kexAlg": "X25519, 253 bits", + "version": "TLSv1.2", + "cipher": "ECDHE-RSA-AES256-GCM-SHA384", + "kexAlg": "ECDH, secp384r1, 384 bits", "authAlg": "RSA-PSS", "pubKeySize": "2048", "compression": "NONE" @@ -13182,11 +13200,27 @@ "name": "Cheyenne Regional Medical Center", "website": "https://www.cheyenneregional.org/" }, - "keys": [], + "keys": [ + { + "x": "2FHDJIZowkYRSilv243altDTVjkxfP5F7l4kfMyRMSA", + "y": "lRXMslfxqHgGdchKGWHo2YQ1oIXlR_2fj8R2J76Y7jQ", + "kid": "BGitkgIyu9vcDNH9Kv_ojsN6ZzkRr7oG7PJ_TjWEuvY", + "use": "sig", + "kty": "EC", + "alg": "ES256", + "crv": "P-256" + } + ], + "tlsDetails": { + "version": "TLSv1.2", + "cipher": "ECDHE-RSA-AES128-GCM-SHA256", + "kexAlg": "ECDH, prime256v1, 256 bits", + "authAlg": "RSA", + "pubKeySize": "2048", + "compression": "NONE" + }, "crls": [], - "errors": [ - "TimeoutError: Timeout awaiting 'request' for 5000ms" - ] + "errors": [] }, { "issuer": { @@ -17891,7 +17925,7 @@ "keys": [], "crls": [], "errors": [ - "RequestError: read ECONNRESET" + "RequestError: Client network socket disconnected before secure TLS connection was established" ] }, { @@ -19381,7 +19415,7 @@ "keys": [], "crls": [], "errors": [ - "RequestError: write EPROTO 140154178717568:error:14094458:SSL routines:ssl3_read_bytes:tlsv1 unrecognized name:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1563:SSL alert number 112\n" + "RequestError: write EPROTO 139933797586816:error:14094458:SSL routines:ssl3_read_bytes:tlsv1 unrecognized name:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1563:SSL alert number 112\n" ] }, {