use of com.helger.as2lib.cert.ICertificateFactory in project as2-lib by phax.
the class AS2MDNReceiverHandler method receiveMDN.
// Asynch MDN 2007-03-12
/**
* method for receiving and processing Async MDN sent from receiver.
*
* @param aMsg
* The MDN message
* @param aData
* The MDN content
* @param aResponseHandler
* The HTTP response handler for setting the correct HTTP response code
* @param aResHelper
* Resource helper
* @throws AS2Exception
* In case of error
* @throws IOException
* In case of IO error
*/
protected final void receiveMDN(@Nonnull final AS2Message aMsg, final byte[] aData, @Nonnull final IAS2HttpResponseHandler aResponseHandler, @Nonnull final AS2ResourceHelper aResHelper) throws AS2Exception, IOException {
try {
// Create a MessageMDN and copy HTTP headers
final IMessageMDN aMDN = new AS2MessageMDN(aMsg);
// copy headers from msg to MDN from msg
aMDN.headers().setAllHeaders(aMsg.headers());
final MimeBodyPart aPart = new MimeBodyPart(AS2HttpHelper.getAsInternetHeaders(aMDN.headers()), aData);
aMDN.setData(aPart);
// get the MDN partnership info
aMDN.partnership().setSenderAS2ID(aMDN.getHeader(CHttpHeader.AS2_FROM));
aMDN.partnership().setReceiverAS2ID(aMDN.getHeader(CHttpHeader.AS2_TO));
// Set the appropriate keystore aliases
aMDN.partnership().setSenderX509Alias(aMsg.partnership().getReceiverX509Alias());
aMDN.partnership().setReceiverX509Alias(aMsg.partnership().getSenderX509Alias());
// Update the partnership
getModule().getSession().getPartnershipFactory().updatePartnership(aMDN, false);
final ICertificateFactory aCertFactory = getModule().getSession().getCertificateFactory();
final X509Certificate aSenderCert = aCertFactory.getCertificate(aMDN, ECertificatePartnershipType.SENDER);
final boolean bUseCertificateInBodyPart;
final ETriState eUseCertificateInBodyPart = aMsg.partnership().getVerifyUseCertificateInBodyPart();
if (eUseCertificateInBodyPart.isDefined()) {
// Use per partnership
bUseCertificateInBodyPart = eUseCertificateInBodyPart.getAsBooleanValue();
} else {
// Use global value
bUseCertificateInBodyPart = getModule().getSession().isCryptoVerifyUseCertificateInBodyPart();
}
AS2Helper.parseMDN(aMsg, aSenderCert, bUseCertificateInBodyPart, getVerificationCertificateConsumer(), aResHelper);
// in order to name & save the mdn with the original AS2-From + AS2-To +
// Message id.,
// the 3 msg attributes have to be reset before calling MDNFileModule
aMsg.partnership().setSenderAS2ID(aMDN.getHeader(CHttpHeader.AS2_TO));
aMsg.partnership().setReceiverAS2ID(aMDN.getHeader(CHttpHeader.AS2_FROM));
getModule().getSession().getPartnershipFactory().updatePartnership(aMsg, false);
aMsg.setMessageID(aMDN.attrs().getAsString(AS2MessageMDN.MDNA_ORIG_MESSAGEID));
try {
getModule().getSession().getMessageProcessor().handle(IProcessorStorageModule.DO_STOREMDN, aMsg, null);
} catch (final AS2ComponentNotFoundException | AS2NoModuleException ex) {
// No message processor found
// Or no module found in message processor
}
// check if the mic (message integrity check) is correct
final boolean bMICMatch = checkAsyncMDN(aMsg);
HTTPHelper.sendSimpleHTTPResponse(aResponseHandler, bMICMatch ? CHttp.HTTP_OK : CHttp.HTTP_NOT_FOUND);
final String sDisposition = aMDN.attrs().getAsString(AS2MessageMDN.MDNA_DISPOSITION);
if (m_aIncomingMDNCallback != null)
m_aIncomingMDNCallback.onIncomingMDN(false, aMDN, aMDN.getHeader(CHttpHeader.AS2_FROM), aMDN.getHeader(CHttpHeader.AS2_TO), sDisposition, aMDN.attrs().getAsString(AS2MessageMDN.MDNA_MIC), aMDN.attrs().getAsString(AS2MessageMDN.MDNA_ORIG_MESSAGEID), aMDN.attrs().getAsBoolean(AS2Message.ATTRIBUTE_RECEIVED_SIGNED, false), bMICMatch);
DispositionType.createFromString(sDisposition).validate(aMsg, aMDN.getText());
} catch (final IOException ex) {
HTTPHelper.sendSimpleHTTPResponse(aResponseHandler, CHttp.HTTP_BAD_REQUEST);
throw ex;
} catch (final Exception ex) {
HTTPHelper.sendSimpleHTTPResponse(aResponseHandler, CHttp.HTTP_BAD_REQUEST);
throw WrappedAS2Exception.wrap(ex).setSourceMsg(aMsg);
}
}
use of com.helger.as2lib.cert.ICertificateFactory in project as2-lib by phax.
the class AS2SenderModule method secure.
@Nonnull
protected MimeBodyPart secure(@Nonnull final IMessage aMsg, @Nonnull final EContentTransferEncoding eCTE) throws Exception {
final Partnership aPartnership = aMsg.partnership();
final ICertificateFactory aCertFactory = getSession().getCertificateFactory();
// Get compression parameters
// If compression is enabled, by default is is compressed before signing
ECompressionType eCompressionType = null;
boolean bCompressBeforeSign = true;
Consumer<MimeBodyPart> aCompressBeforeSignCallback = null;
{
final String sCompressionType = aPartnership.getCompressionType();
if (sCompressionType != null) {
eCompressionType = ECompressionType.getFromIDCaseInsensitiveOrNull(sCompressionType);
if (eCompressionType == null)
throw new AS2Exception("The compression type '" + sCompressionType + "' is not supported!");
bCompressBeforeSign = aPartnership.isCompressBeforeSign();
if (bCompressBeforeSign) {
// Replace the message data, because it is the basis for the MIC
aCompressBeforeSignCallback = aMsg::setData;
}
}
}
// Get signing parameters
ECryptoAlgorithmSign eSignAlgorithm = null;
X509Certificate aSenderCert = null;
PrivateKey aSenderKey = null;
boolean bIncludeCertificateInSignedContent = false;
boolean bUseRFC3851MICAlg = false;
boolean bRemoveCmsAlgorithmProtect = false;
{
final String sSignAlgorithm = aPartnership.getSigningAlgorithm();
if (sSignAlgorithm != null) {
aSenderCert = aCertFactory.getCertificate(aMsg, ECertificatePartnershipType.SENDER);
aSenderKey = aCertFactory.getPrivateKey(aSenderCert);
eSignAlgorithm = ECryptoAlgorithmSign.getFromIDOrNull(sSignAlgorithm);
if (eSignAlgorithm == null)
throw new AS2Exception("The signing algorithm '" + sSignAlgorithm + "' is not supported!");
// Include certificate in signed content?
final ETriState eIncludeCertificateInSignedContent = aMsg.partnership().getIncludeCertificateInSignedContent();
if (eIncludeCertificateInSignedContent.isDefined()) {
// Use per partnership
bIncludeCertificateInSignedContent = eIncludeCertificateInSignedContent.getAsBooleanValue();
} else {
// Use global value
bIncludeCertificateInSignedContent = getSession().isCryptoSignIncludeCertificateInBodyPart();
}
// Use old MIC algorithms?
bUseRFC3851MICAlg = aPartnership.isRFC3851MICAlgs();
// Remove CMS attributes?
bRemoveCmsAlgorithmProtect = aPartnership.isRemoveCmsAlgorithmProtect();
}
}
// Get encryption parameters
ECryptoAlgorithmCrypt eCryptAlgorithm = null;
X509Certificate aReceiverCert = null;
{
final String sCryptAlgorithm = aPartnership.getEncryptAlgorithm();
if (sCryptAlgorithm != null) {
aReceiverCert = aCertFactory.getCertificate(aMsg, ECertificatePartnershipType.RECEIVER);
eCryptAlgorithm = ECryptoAlgorithmCrypt.getFromIDOrNull(sCryptAlgorithm);
if (eCryptAlgorithm == null)
throw new AS2Exception("The crypting algorithm '" + sCryptAlgorithm + "' is not supported!");
}
}
// Set CTE once here - required for stream creation later on!
aMsg.headers().setHeader(CHttpHeader.CONTENT_TRANSFER_ENCODING, eCTE.getID());
if (eCompressionType != null || eCryptAlgorithm != null) {
// Header is needed when compression or encryption is enabled
if (aMsg.getData().getHeader(CHttpHeader.CONTENT_TRANSFER_ENCODING) == null)
aMsg.getData().setHeader(CHttpHeader.CONTENT_TRANSFER_ENCODING, eCTE.getID());
}
if (eCompressionType != null && eSignAlgorithm == null && eCryptAlgorithm == null) {
// Compression only - set the respective content type
aMsg.headers().setHeader(CHttpHeader.CONTENT_TYPE, CMimeType.APPLICATION_OCTET_STREAM.getAsStringWithoutParameters());
}
return secureMimeBodyPart(aMsg.getData(), eCTE, eCompressionType, bCompressBeforeSign, aCompressBeforeSignCallback, eSignAlgorithm, aSenderCert, aSenderKey, bIncludeCertificateInSignedContent, bUseRFC3851MICAlg, bRemoveCmsAlgorithmProtect, eCryptAlgorithm, aReceiverCert, aMsg.getLoggingText());
}
use of com.helger.as2lib.cert.ICertificateFactory in project as2-server by phax.
the class AS2ServerXMLSession method loadCertificates.
protected void loadCertificates(@Nonnull final IMicroElement aElement) throws OpenAS2Exception {
LOGGER.info(" loading certificates");
final ICertificateFactory certFx = AS2XMLHelper.createComponent(aElement, ICertificateFactory.class, this, m_sBaseDirectory);
setCertificateFactory(certFx);
}
use of com.helger.as2lib.cert.ICertificateFactory in project as2-lib by phax.
the class AS2ServerXMLSession method loadCertificates.
protected void loadCertificates(@Nonnull final IMicroElement aElement) throws AS2Exception {
LOGGER.info(" loading certificates");
final ICertificateFactory certFx = AS2XMLHelper.createComponent(aElement, ICertificateFactory.class, this, m_sBaseDirectory);
setCertificateFactory(certFx);
}
use of com.helger.as2lib.cert.ICertificateFactory in project as2-lib by phax.
the class AS2ServletXMLSession method _loadCertificateFactory.
private void _loadCertificateFactory(@Nonnull final IMicroElement aElement) throws AS2Exception {
LOGGER.info("Loading certificates");
final ICertificateFactory aFactory = AS2XMLHelper.createComponent(aElement, ICertificateFactory.class, this, m_sBaseDirectory);
setCertificateFactory(aFactory);
}
Aggregations