package at.gv.util.demo; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.net.Socket; import java.security.Key; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.Provider; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; import java.util.Base64; import java.util.Collections; import java.util.Map; import org.apache.commons.lang.StringUtils; import org.apache.http.HttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.ssl.PrivateKeyDetails; import org.apache.http.ssl.PrivateKeyStrategy; import org.apache.http.ssl.SSLContextBuilder; import org.apache.http.util.EntityUtils; import org.apache.log4j.lf5.util.StreamUtils; import at.gv.util.xsd.szr.pvp.sec.Security; public class ZuseSSLTest { public static void main(String[] args) { String keyStoreFile = "F:/Projekte/configs/mis/egiz.gv.at-816-2018-06-07.jks"; char[] keyStorePassword = "OSgmSn!".toCharArray(); char[] keyPassword = "nichts".toCharArray(); //String serviceURL = "https://pamgate2.portal.at/at.gv.usp.vdds-ws-q/Synchronisation?wsdl"; String serviceURL = "https://pamgate2.portal.at/at.gv.usp.vdds-ws-q/Synchronisation"; //serviceURL = "https://eid.egiz.gv.at/sslclientcertdemo/"; //String payLoadB64 = "PHNvYXA6RW52ZWxvcGUgeG1sbnM6c29hcD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvc29hcC9lbnZlbG9wZS8iPg0KCTxzb2FwOkJvZHk+DQoJCTxuczM6TGlzdE1hbmRhdGVzUmVxdWVzdCB4bWxuczpuczM9Imh0dHA6Ly9lYWkuYnJ6Lmd2LmF0L3NlcnZpY2VzL3ZkZHMvc3luYy1tc2dzIiB4bWxucz0iaHR0cDovL2VhaS5icnouZ3YuYXQvc2VydmljZXMvdmRkcy90b2tlbiIgeG1sbnM6bnMyPSJodHRwOi8vZWFpLmJyei5ndi5hdC9zZXJ2aWNlcy92ZGRzL2NvbW1vbiIgeG1sbnM6bnM0PSJodHRwOi8vcmVmZXJlbmNlLmUtZ292ZXJubWVudC5ndi5hdC9uYW1lc3BhY2UvbWFuZGF0ZXMvMjAwNDA3MDEjIiB4bWxuczpuczU9Imh0dHA6Ly9yZWZlcmVuY2UuZS1nb3Zlcm5tZW50Lmd2LmF0L25hbWVzcGFjZS9wZXJzb25kYXRhLzIwMDIwMjI4IyIgeG1sbnM6bnM2PSJodHRwOi8vd3d3LnVzcC5ndi5hdC9uYW1lc3BhY2UvbWFuZGF0ZXMvMjAxNjAzMDEjIiB4bWxuczpuczc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOm5zOD0iaHR0cDovL2VhaS5icnouZ3YuYXQvc2VydmljZXMvdmRkcy9zeW5jaHJvbmlzYXRpb24iPg0KCQkJPG5zMzpNYW5kYXRlQXR0cmlidXRlc1NlYXJjaEZpbHRlcj4NCgkJCQk8bnMzOkZpbHRlciB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiB4c2k6dHlwZT0ibnMzOlNlYXJjaENyaXRlcmlhVGVzdFR5cGUiPg0KCQkJCQk8bnMzOlNlYXJjaENyaXRlcmlhPg0KCQkJCQkJPG5zMzpSZXByZXNlbnRhdGl2ZUlEPg0KCQkJCQkJCTxuczU6VmFsdWU+Z2Q0dTRXTkRqVjN4QllNY3VCbWoydndoSDg4PTwvbnM1OlZhbHVlPg0KCQkJCQkJCTxuczU6VHlwZT51cm46cHVibGljaWQ6Z3YuYXQ6Y2RpZCtaUDwvbnM1OlR5cGU+DQoJCQkJCQk8L25zMzpSZXByZXNlbnRhdGl2ZUlEPg0KCQkJCQk8L25zMzpTZWFyY2hDcml0ZXJpYT4NCgkJCQk8L25zMzpGaWx0ZXI+DQoJCQk8L25zMzpNYW5kYXRlQXR0cmlidXRlc1NlYXJjaEZpbHRlcj4NCgkJPC9uczM6TGlzdE1hbmRhdGVzUmVxdWVzdD4NCgk8L3NvYXA6Qm9keT4NCjwvc29hcDpFbnZlbG9wZT4="; String payLoadB64 = "PHNvYXA6RW52ZWxvcGUgeG1sbnM6c29hcD0iaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvc29hcC9lbnZlbG9wZS8iPg0KCTxzb2FwOkJvZHk+DQoJCTxuczM6TGlzdE1hbmRhdGVzUmVxdWVzdCB4bWxuczpuczM9Imh0dHA6Ly9lYWkuYnJ6Lmd2LmF0L3NlcnZpY2VzL3ZkZHMvc3luYy1tc2dzIiB4bWxucz0iaHR0cDovL2VhaS5icnouZ3YuYXQvc2VydmljZXMvdmRkcy90b2tlbiIgeG1sbnM6bnMyPSJodHRwOi8vZWFpLmJyei5ndi5hdC9zZXJ2aWNlcy92ZGRzL2NvbW1vbiIgeG1sbnM6bnM0PSJodHRwOi8vcmVmZXJlbmNlLmUtZ292ZXJubWVudC5ndi5hdC9uYW1lc3BhY2UvbWFuZGF0ZXMvMjAwNDA3MDEjIiB4bWxuczpuczU9Imh0dHA6Ly9yZWZlcmVuY2UuZS1nb3Zlcm5tZW50Lmd2LmF0L25hbWVzcGFjZS9wZXJzb25kYXRhLzIwMDIwMjI4IyIgeG1sbnM6bnM2PSJodHRwOi8vd3d3LnVzcC5ndi5hdC9uYW1lc3BhY2UvbWFuZGF0ZXMvMjAxNjAzMDEjIiB4bWxuczpuczc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiIHhtbG5zOm5zOD0iaHR0cDovL2VhaS5icnouZ3YuYXQvc2VydmljZXMvdmRkcy9zeW5jaHJvbmlzYXRpb24iPg0KCQkJPG5zMzpNYW5kYXRlQXR0cmlidXRlc1NlYXJjaEZpbHRlcj4NCgkJCQk8bnMzOkZpbHRlcj4NCgkJCQkJPG5zMzpTZWFyY2hDcml0ZXJpYT4NCgkJCQkJCTxuczM6UmVwcmVzZW50YXRpdmVJRD4NCgkJCQkJCQk8bnM1OlZhbHVlPmdkNHU0V05EalYzeEJZTWN1Qm1qMnZ3aEg4OD08L25zNTpWYWx1ZT4NCgkJCQkJCQk8bnM1OlR5cGU+dXJuOnB1YmxpY2lkOmd2LmF0OmNkaWQrWlA8L25zNTpUeXBlPg0KCQkJCQkJPC9uczM6UmVwcmVzZW50YXRpdmVJRD4NCgkJCQkJPC9uczM6U2VhcmNoQ3JpdGVyaWE+DQoJCQkJPC9uczM6RmlsdGVyPg0KCQkJPC9uczM6TWFuZGF0ZUF0dHJpYnV0ZXNTZWFyY2hGaWx0ZXI+DQoJCTwvbnMzOkxpc3RNYW5kYXRlc1JlcXVlc3Q+DQoJPC9zb2FwOkJvZHk+DQo8L3NvYXA6RW52ZWxvcGU+"; try { SSLContextBuilder sslContext = new SSLContextBuilder(); KeyStore keyStore = KeyStore.getInstance("JKS", "SUN"); keyStore.load(new FileInputStream(new File(keyStoreFile)), keyStorePassword); PrivateKeyStrategy aliasStrategy = new PrivateKeyStrategy() { @Override public String chooseAlias(Map aliases, Socket socket) { if (aliases != null && !aliases.isEmpty()) return aliases.keySet().iterator().next(); return null; } }; sslContext.loadKeyMaterial(keyStore, keyPassword, aliasStrategy); sslContext.loadTrustMaterial(null, (certificate, authType) -> true); CloseableHttpClient client = HttpClients.custom() .setSSLContext(sslContext.build()) .setSSLHostnameVerifier(new NoopHostnameVerifier()) .build(); HttpPost httpGet = new HttpPost(serviceURL); //HttpGet httpGet = new HttpGet(serviceURL); //httpGet.setHeader("Accept", "application/xml"); httpGet.setHeader("SOAPAction", "ListMandates"); httpGet.setHeader("Accept", "*/*"); //PVP 1.x header httpGet.setHeader("X-VERSION", "1.8"); httpGet.setHeader("X-AUTHENTICATE-UserID", "egiz@egiz.gv.at"); httpGet.setHeader("X-AUTHENTICATE-GVGID", "gvGid"); httpGet.setHeader("X-AUTHENTICATE-PARTICIPANTID", "AT:B:111"); httpGet.setHeader("X-AUTHENTICATE-GVOUID", "EGIZ"); httpGet.setHeader("X-AUTHENTICATE-OU", "EGIZ"); httpGet.setHeader("X-AUTHENTICATE-GVFUNCTION", "gvFunctio"); httpGet.setHeader("X-AUTHORIZE-ROLES", "VDDS-USP-VDDS-PARTNER"); httpGet.setHeader("X-AUTHENTICATE-gvSecClass", "2"); httpGet.setHeader("X-AUTHENTICATE-cn","E-Government Innovationszentrum"); httpGet.setHeader("X-ACCOUNTING-CostCenterId", null); httpGet.setHeader("X-ACCOUNTING-InvoiceRecptId", null); //PVP 2.x header httpGet.setHeader("X-PVP-EGOVTOKEN-VERSION", "2.1.2"); httpGet.setHeader("X-PVP-USERID", "egiz@egiz.gv.at"); httpGet.setHeader("X-PVP-GID", "gvGid"); httpGet.setHeader("X-PVP-PARTICIPANT-ID", "AT:B:111"); httpGet.setHeader("X-PVP-OU-GV-OU-ID", "EGIZ"); httpGet.setHeader("X-PVP-OU", "EGIZ"); httpGet.setHeader("X-PVP-FUNCTION", "gvFunctio"); httpGet.setHeader("X-PVP-ROLES", "VDDS-USP-VDDS-PARTNER"); httpGet.setHeader("X-PVP-SECCLASS", "2"); httpGet.setHeader("X-PVP-PRINCIPAL-NAME","E-Government Innovationszentrum"); httpGet.setHeader("X-PVP-COST-CENTER-ID", null); httpGet.setHeader("X-PVP-INVOICE-RECPT-ID", null); httpGet.setHeader("X-PVP-BINDING", "http"); StringEntity se = new StringEntity(new String(Base64.getDecoder().decode(payLoadB64), "UTF-8")); httpGet.setEntity(se); System.out.println("Request: " + EntityUtils.toString(httpGet.getEntity())); HttpResponse response = client.execute(httpGet); System.out.println("HTTP StatusCode: " + response.getStatusLine().getStatusCode()); if (response.getEntity().getContent() != null ) System.out.println("Body: " + org.apache.commons.codec.binary.StringUtils.newStringUtf8(StreamUtils.getBytes(response.getEntity().getContent()))); System.out.println("Test finished"); } catch (Exception e) { e.printStackTrace(); } } }