package com.company;

import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCP.KeyStore.HDImage.HDImageStore;
import ru.CryptoPro.ssl.Provider;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.logging.Logger;

public class Main {

    private static final String URL =
            "https://stenddss.cryptopro.ru:4430/opensmeidp/ums/";


    public static void main(String[] args) throws Exception {
        System.setProperty("com.sun.security.enableCRLDP", "true");
        System.setProperty("com.ibm.security.enableCRLDP", "true");
        System.setProperty("com.sun.security.enableAIAcaIssuers", "true");
        System.setProperty("ru.CryptoPro.reprov.enableAIAcaIssuers", "true");
        System.setProperty("javax.net.ssl.keyStoreProvider", "JCP");
        System.setProperty("javax.net.ssl.keyStoreType", "HDImageStore");
        //System.setProperty("javax.net.ssl.trustStore", "/etc/ssl/certs/java/cacerts");
        //System.setProperty("javax.net.ssl.trustStoreType", "CertStore");
        //System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
        /*Security.setProperty("ssl.SocketFactory.provider", "ru.CryptoPro.ssl.SSLSocketFactoryImpl");
        Security.setProperty("ssl.ServerSocketFactory.provider", "ru.CryptoPro.ssl.SSLServerSocketFactoryImpl");
        //System.setProperty("javax.net.debug", "ssl,handshake,data,trustmanager");

        System.setProperty("javax.net.ssl.keyStoreType", "HDImageStore");
        //System.setProperty("javax.net.ssl.keyStore",
        //        "client_exch");
        ////System.setProperty("javax.net.ssl.keyStorePassword", "password");

        System.setProperty("javax.net.ssl.trustStoreType", "HDImageStore");
*/

        final String keystoreName = "HDImageStore";
        final String keystorePass = "password";
        final String keystorePath = "/path/to/keysDir";
        final String certPath = "/path/to/our.cer";
        final String rootCertPath = "/path/to/root/4BC6DC14D97010C41A26E058AD851F81C842415A.cer";
        final String alias = "Cert";


//Запись сертификата в хранилище
        KeyStore ks=addCert(certPath, JCP.HD_STORE_NAME, keystorePass, keystorePath, alias);
        //KeyStore ts=addCert(rootCertPath, JCP.HD_STORE_NAME, "null", "null", "root");

        Certificate rootCert=loadCertificate(new File(rootCertPath));
        KeyStore rootks = KeyStore.getInstance("HDImageStore");
        rootks.load(null,"root".toCharArray());
        rootks.setCertificateEntry("root",rootCert);

        sendTest(ks,keystorePass,rootks);

        System.out.println(HDImageStore.getDir());


        //delCert(keystoreName, keystorePass, keystorePath, alias);
    }

    private static Certificate loadCertificate(File certificateFile) throws Exception{
        try (FileInputStream inputStream = new FileInputStream(certificateFile)) {
            return (Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
        }
    }

    public static void sendTest(KeyStore keyStore, String keystorePass, KeyStore trustStore) throws Exception {
        // Загрузка хранилища доверенных корневых
        // сертификатов.

        char[] KEY_STORE_PASSWORD = null;
        if (!"null".equalsIgnoreCase(keystorePass)) {
            KEY_STORE_PASSWORD = keystorePass.toCharArray();
        }

        //KeyStore trustStore = KeyStore.getInstance("Corp CA");
        //trustStore.load(null,"changeit".toCharArray());

        KeyManagerFactory kmFactory = KeyManagerFactory.getInstance(Provider.KEYMANGER_ALG);
        kmFactory.init(keyStore, KEY_STORE_PASSWORD);

        TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(Provider.TRUSTMANGER_ALG);
        tmFactory.init(trustStore);
        Certificate root=trustStore.getCertificate("root");
        // Инициализация SSL контекста.

        SSLContext sslContext = SSLContext.getInstance(Provider.ALGORITHM);
        sslContext.init(kmFactory.getKeyManagers(), tmFactory.getTrustManagers(), null);

        // Создание подключения.

        java.net.URL url = new URL(URL);
        System.out.println(url);

        HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
        connection.setSSLSocketFactory(sslContext.getSocketFactory());

        connection.setRequestMethod("POST");
        connection.setDoOutput(true);

        connection.setRequestProperty("Content-Type", "application/json");
        try (DataOutputStream wr = new DataOutputStream(connection.getOutputStream())) {
            wr.write("{\"Login\":\"RestTestUser\",\"Email\":\"test@cp.ru\",\"PhoneNumber\":\"+79150510528\"}".getBytes());
        }

        connection.connect();

        // Получение и вывод ответа.

        int responseCode = connection.getResponseCode();
        BufferedReader bufferedReader = null;

        try {

            if (responseCode != HttpURLConnection.HTTP_OK) {
                throw new IOException("Invalid http response: " + responseCode);
            }

            InputStreamReader inputStreamReader = new InputStreamReader(
                    connection.getInputStream(), "UTF-8");

            bufferedReader = new BufferedReader(inputStreamReader);
            String input;

            while ((input = bufferedReader.readLine()) != null) {
                System.out.println(input);
            }

        } finally {

            if (bufferedReader != null) {
                bufferedReader.close();
            }

            connection.disconnect();

        }
    }

    public static KeyStore addCert(String certPath, String keystoreName,
                                   String keystorePass,
                                   String keystorePath, String alias) throws Exception {
        final CertificateFactory cf = CertificateFactory.getInstance("X509");

        final Certificate rootCert = cf.generateCertificate(
                new BufferedInputStream(new FileInputStream(certPath)));


        /*final KeyStore ks = KeyStore.getInstance(keystoreName);
        char[] KeyStorePass = null;
        if (!"null".equalsIgnoreCase(keystorePass)) {
            KeyStorePass = keystorePass.toCharArray();
        }
        InputStream is = null;
        if (!"null".equalsIgnoreCase(keystorePath)) {
            is = new FileInputStream(keystorePath);
        }
        ks.load(is, KeyStorePass);

        ks.setCertificateEntry(alias, rootCert);

        OutputStream os = null;
        if (!"null".equalsIgnoreCase(keystorePath)) {
            os = new FileOutputStream(keystorePath);
        }
        ks.store(os, KeyStorePass);*/
        HDImageStore.setDir(keystorePath);
        KeyStore ks = KeyStore.getInstance("HDImageStore");

        char[] KeyStorePass = null;
        if (!"null".equalsIgnoreCase(keystorePass)) {
            KeyStorePass = keystorePass.toCharArray();
        }

        ks.load(null,KeyStorePass);
        ks.setCertificateEntry(alias, rootCert);

        Logger.getLogger("LOGGER").info(
                "Recording of a Certificate named \"" + alias + "\" to " +
                        keystoreName + " is completed.");
        return ks;
    }
    /**
     * Удаление сертификата из хранилища
     *
     * @param keystoreName тип хранилища
     * @param keystorePass пароль на хранилище
     * @param keystorePath путь к хранилищу
     * @param alias имя
     * @throws Exception е
     */
    public static void delCert(String keystoreName,
                               String keystorePass,
                               String keystorePath, String alias) throws Exception {

        final KeyStore ks = KeyStore.getInstance(keystoreName);
        char[] KeyStorePass = null;
        if (!"null".equalsIgnoreCase(keystorePass)) {
            KeyStorePass = keystorePass.toCharArray();
        }
        InputStream is = null;
        if (!"null".equalsIgnoreCase(keystorePath)) {
            is = new FileInputStream(keystorePath);
        }
        ks.load(is, KeyStorePass);

        if (ks.isCertificateEntry(alias)) ks.deleteEntry(alias);

        OutputStream os = null;
        if (!"null".equalsIgnoreCase(keystorePath)) {
            os = new FileOutputStream(keystorePath);
        }
        ks.store(os, KeyStorePass);
        Logger.getLogger("LOGGER").info(
                "Deleting of a Certificate named \"" + alias + "\" to " +
                        keystoreName + " is completed.");

    }
}

package com.company;

import org.apache.commons.codec.cli.Digest;
import org.apache.commons.codec.digest.DigestUtils;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCP.KeyStore.HDImage.HDImageStore;
import ru.CryptoPro.ssl.Provider;

import javax.crypto.SecretKey;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.bind.DatatypeConverter;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.util.logging.Logger;

public class Main {

    private static final String URL =
            "https://stenddss.cryptopro.ru:4430/opensmeidp/ums/"
            ;

    public static String getCertThumbprint(Certificate cert) throws CertificateEncodingException {
        return  DatatypeConverter.printHexBinary(DigestUtils.getSha1Digest().digest(cert.getEncoded()));
    }

    public static void main(String[] args) throws Exception {
        System.setProperty("com.sun.security.enableCRLDP", "true");
        System.setProperty("com.ibm.security.enableCRLDP", "true");
        System.setProperty("com.sun.security.enableAIAcaIssuers", "true");
        System.setProperty("ru.CryptoPro.reprov.enableAIAcaIssuers", "true");

        final String keystoreName = "HDImageStore";
        final String keystorePass = "1234567890";
        final String keystorePath = "/path/to/cert/main.000/";
        final String certPath = "/path/to/cert/main.cer";
        final String rootCertPath = "/path/to/rootcert/4BC6DC14D97010C41A26E058AD851F81C842415A.cer";
        final String alias = "Cert";


        //Запись сертификата в хранилище
        KeyStore ks=addCert(certPath, JCP.HD_STORE_NAME, keystorePass, keystorePath, alias);
        //KeyStore ts=addCert(rootCertPath, JCP.HD_STORE_NAME, "null", "null", "root");

        Certificate rootCert=loadCertificate(new File(rootCertPath));
        String thumbPrint=getCertThumbprint(loadCertificate(new File(certPath)));

        System.out.println(thumbPrint);
        KeyStore rootks = KeyStore.getInstance("CertStore");
        rootks.load(null,"root".toCharArray());
        rootks.setCertificateEntry("root",rootCert);

        sendTest(URL+thumbPrint,ks,keystorePass,rootks);

        System.out.println(HDImageStore.getDir());
    }


    public static void sendTest(String urlS,KeyStore keyStore, String keystorePass, KeyStore trustStore) throws Exception {
        KeyManagerFactory kmFactory = KeyManagerFactory.getInstance(Provider.KEYMANGER_ALG);
        kmFactory.init(keyStore, keystorePass.toCharArray());

        TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(Provider.TRUSTMANGER_ALG);
        tmFactory.init(trustStore);
        // Инициализация SSL контекста.

        SSLContext sslContext = SSLContext.getInstance(Provider.ALGORITHM);
        sslContext.init(kmFactory.getKeyManagers(), tmFactory.getTrustManagers(), null);

        // Создание подключения.

        java.net.URL url = new URL(urlS);
        System.out.println(url);

        HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
        connection.setSSLSocketFactory(sslContext.getSocketFactory());

        connection.setRequestMethod("POST");
        connection.setDoOutput(true);

        connection.setRequestProperty("Content-Type", "application/json");
        try (DataOutputStream wr = new DataOutputStream(connection.getOutputStream())) {
            wr.write("{\"Login\":\"RestTestUser\",\"Email\":\"test@cp.ru\",\"PhoneNumber\":\"+79150510528\"}".getBytes());
        }

        connection.connect();

        // Получение и вывод ответа.

        int responseCode = connection.getResponseCode();
        BufferedReader bufferedReader = null;

        try {

            if (responseCode != HttpURLConnection.HTTP_OK) {
                throw new IOException("Invalid http response: " + responseCode);
            }

            InputStreamReader inputStreamReader = new InputStreamReader(
                    connection.getInputStream(), "UTF-8");

            bufferedReader = new BufferedReader(inputStreamReader);
            String input;

            while ((input = bufferedReader.readLine()) != null) {
                System.out.println(input);
            }

        } finally {

            if (bufferedReader != null) {
                bufferedReader.close();
            }

            connection.disconnect();

        }
    }

    private static Certificate loadCertificate(File certificateFile) throws Exception{
        try (FileInputStream inputStream = new FileInputStream(certificateFile)) {
            return (Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
        }
    }

    public static KeyStore addCert(String certPath, String keystoreName,
                                   String keystorePass,
                                   String keystorePath, String alias) throws Exception {
        final CertificateFactory cf = CertificateFactory.getInstance("X509");
        HDImageStore.setDir(keystorePath);
        final Certificate rootCert = cf.generateCertificate(
                new BufferedInputStream(new FileInputStream(certPath)));

        KeyStore ks = KeyStore.getInstance("HDImageStore");

        char[] KeyStorePass = null;
        if (!"null".equalsIgnoreCase(keystorePass)) {
            KeyStorePass = keystorePass.toCharArray();
        }

        ks.load(null,KeyStorePass);

        /*SecretKey secretKey = getSecretKey();
        KeyStore.SecretKeyEntry secretKeyEntry = new KeyStore.SecretKeyEntry(secretKey);
        KeyStore.ProtectionParameter protectionParameter=new  KeyStore.ProtectionParameter();

        ks.setEntry("keyAlias2", secretKeyEntry, new KeyStore.PasswordProtection(KeyStorePass));*/

        ks.setCertificateEntry(alias, rootCert);

        Logger.getLogger("LOGGER").info(
                "Recording of a Certificate named \"" + alias + "\" to " +
                        keystoreName + " is completed.");
        return ks;
    }
}

    public static void main(String[] args) throws Exception {

        HttpClient httpClient = HttpClientBuilder.create().setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
                .build();
        try
        {

            //Define a postRequest request
            HttpPost postRequest = new HttpPost("https://ya.ru");

            //Set the API media type in http content-type header
            postRequest.addHeader("content-type", "application/xml");

            //Set the request post body
            StringEntity userEntity = new StringEntity("test");
            postRequest.setEntity(userEntity);

            //Send the request; It will immediately return the response in HttpResponse object if any
            HttpResponse response = httpClient.execute(postRequest);

            //verify the valid error code first
            int statusCode = response.getStatusLine().getStatusCode();
            if (statusCode != 201)
            {
                throw new RuntimeException("Failed with HTTP error code : " + statusCode);
            }
        }
        finally
        {
            //Important: Close the connect
            httpClient.getConnectionManager().shutdown();
        }

    }