Search in sources :

Example 26 with AS2Exception

use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.

the class AS2ReceiverHandler method handleIncomingMessage.

/**
 * This method can be used to handle an incoming HTTP message AFTER the
 * headers where extracted.
 *
 * @param sClientInfo
 *        Client connection info
 * @param aMsgData
 *        The message body
 * @param aMsg
 *        The AS2 message that will be filled by this method
 * @param aResponseHandler
 *        The response handler which handles HTTP error messages as well as
 *        synchronous MDN.
 */
public void handleIncomingMessage(@Nonnull final String sClientInfo, @Nonnull final DataSource aMsgData, @Nonnull final AS2Message aMsg, @Nonnull final IAS2HttpResponseHandler aResponseHandler) {
    // handler, to avoid the decrypted content gets removed (see issue #135)
    try (final AS2ResourceHelper aResHelper = new AS2ResourceHelper()) {
        try {
            final IAS2Session aSession = m_aReceiverModule.getSession();
            try {
                // Put received data in a MIME body part
                final String sReceivedContentType = AS2HttpHelper.getCleanContentType(aMsg.getHeader(CHttpHeader.CONTENT_TYPE));
                final MimeBodyPart aReceivedPart = new MimeBodyPart();
                aReceivedPart.setDataHandler(new DataHandler(aMsgData));
                // Header must be set AFTER the DataHandler!
                aReceivedPart.setHeader(CHttpHeader.CONTENT_TYPE, sReceivedContentType);
                aMsg.setData(aReceivedPart);
            } catch (final Exception ex) {
                throw new AS2DispositionException(DispositionType.createError("unexpected-processing-error"), AbstractActiveNetModule.DISP_PARSING_MIME_FAILED, ex);
            }
            // update the message
            try {
                final String sAS2From = aMsg.getAS2From();
                aMsg.partnership().setSenderAS2ID(sAS2From);
                final String sAS2To = aMsg.getAS2To();
                aMsg.partnership().setReceiverAS2ID(sAS2To);
                // Fill all partnership attributes etc.
                aSession.getPartnershipFactory().updatePartnership(aMsg, false);
            } catch (final AS2Exception ex) {
                throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("authentication-failed"), () -> AbstractActiveNetModule.DISP_PARTNERSHIP_NOT_FOUND);
            }
            // Per RFC5402 compression is always before encryption but can be before
            // or after signing of message but only in one place
            final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
            boolean bIsDecompressed = false;
            // Decrypt and verify signature of the data, and attach data to the
            // message
            decrypt(aMsg, aResHelper);
            if (aCryptoHelper.isCompressed(aMsg.getContentType())) {
                if (LOGGER.isTraceEnabled())
                    LOGGER.trace("Decompressing received message before checking signature...");
                decompress(aMsg);
                bIsDecompressed = true;
            }
            verify(aMsg, aResHelper);
            if (aCryptoHelper.isCompressed(aMsg.getContentType())) {
                // or after signing of message but only in one place
                if (bIsDecompressed) {
                    throw new AS2DispositionException(DispositionType.createError("decompression-failed"), AbstractActiveNetModule.DISP_DECOMPRESSION_ERROR, new Exception("Message has already been decompressed. Per RFC5402 it cannot occur twice."));
                }
                if (LOGGER.isTraceEnabled())
                    if (aMsg.attrs().containsKey(AS2Message.ATTRIBUTE_RECEIVED_SIGNED))
                        LOGGER.trace("Decompressing received message after verifying signature...");
                    else
                        LOGGER.trace("Decompressing received message after decryption...");
                decompress(aMsg);
                bIsDecompressed = true;
            }
            if (LOGGER.isTraceEnabled())
                try {
                    LOGGER.trace("SMIME Decrypted Content-Disposition: " + aMsg.getContentDisposition() + "\n      Content-Type received: " + aMsg.getContentType() + "\n      HEADERS after decryption: " + aMsg.getData().getAllHeaders() + "\n      Content-Disposition in MSG detData() MIMEPART after decryption: " + aMsg.getData().getContentType());
                } catch (final MessagingException ex) {
                    if (LOGGER.isErrorEnabled())
                        LOGGER.error("Failed to trace message: " + aMsg, ex);
                }
            // Validate the received message before storing
            try {
                aSession.getMessageProcessor().handle(IProcessorStorageModule.DO_VALIDATE_BEFORE_STORE, aMsg, null);
            } catch (final AS2NoModuleException ex) {
            // No module installed - ignore
            } catch (final AS2Exception ex) {
                // Issue 90 - use CRLF as separator
                throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("unexpected-processing-error"), () -> StringHelper.getConcatenatedOnDemand(AbstractActiveNetModule.DISP_VALIDATION_FAILED, CHttp.EOL, _getDispositionText(ex)));
            }
            // Store the received message
            try {
                aSession.getMessageProcessor().handle(IProcessorStorageModule.DO_STORE, aMsg, null);
            } catch (final AS2NoModuleException ex) {
            // No module installed - ignore
            } catch (final AS2Exception ex) {
                // Issue 90 - use CRLF as separator
                throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("unexpected-processing-error"), () -> StringHelper.getConcatenatedOnDemand(AbstractActiveNetModule.DISP_STORAGE_FAILED, CHttp.EOL, _getDispositionText(ex)));
            }
            // Validate the received message after storing
            try {
                aSession.getMessageProcessor().handle(IProcessorStorageModule.DO_VALIDATE_AFTER_STORE, aMsg, null);
            } catch (final AS2NoModuleException ex) {
            // No module installed - ignore
            } catch (final AS2Exception ex) {
                // Issue 90 - use CRLF as separator
                throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("unexpected-processing-error"), () -> StringHelper.getConcatenatedOnDemand(AbstractActiveNetModule.DISP_VALIDATION_FAILED, CHttp.EOL, _getDispositionText(ex)));
            }
            try {
                if (aMsg.isRequestingMDN()) {
                    if (LOGGER.isTraceEnabled())
                        LOGGER.trace("AS2 message is requesting an MDN");
                    // Transmit a success MDN if requested
                    sendMDN(sClientInfo, aResponseHandler, aMsg, DispositionType.createSuccess(), AbstractActiveNetModule.DISP_SUCCESS, ESuccess.SUCCESS);
                } else {
                    if (LOGGER.isTraceEnabled())
                        LOGGER.trace("AS2 message is not requesting an MDN - just sending HTTP 200 (OK)");
                    // Just send a HTTP OK
                    HTTPHelper.sendSimpleHTTPResponse(aResponseHandler, CHttp.HTTP_OK);
                    if (LOGGER.isInfoEnabled())
                        LOGGER.info("sent HTTP OK " + sClientInfo + aMsg.getLoggingText());
                }
            } catch (final Exception ex) {
                throw new AS2Exception("Error creating and returning MDN, message was stilled processed", ex);
            }
        } catch (final AS2DispositionException ex) {
            sendMDN(sClientInfo, aResponseHandler, aMsg, ex.getDisposition(), ex.getText(), ESuccess.FAILURE);
            m_aReceiverModule.handleError(aMsg, ex);
        } catch (final AS2Exception ex) {
            m_aReceiverModule.handleError(aMsg, ex);
        } finally {
            // close the temporary shared stream if it exists
            final TempSharedFileInputStream sis = aMsg.getTempSharedFileInputStream();
            if (null != sis) {
                try {
                    sis.closeAll();
                } catch (final IOException e) {
                    LOGGER.error("Exception while closing TempSharedFileInputStream", e);
                }
            }
        }
    }
}
Also used : MessagingException(javax.mail.MessagingException) TempSharedFileInputStream(com.helger.as2lib.util.http.TempSharedFileInputStream) DataHandler(javax.activation.DataHandler) IOException(java.io.IOException) ICryptoHelper(com.helger.as2lib.crypto.ICryptoHelper) MessagingException(javax.mail.MessagingException) AS2NoModuleException(com.helger.as2lib.processor.AS2NoModuleException) AS2DispositionException(com.helger.as2lib.disposition.AS2DispositionException) AS2ProcessorException(com.helger.as2lib.processor.AS2ProcessorException) CMSException(org.bouncycastle.cms.CMSException) AS2Exception(com.helger.as2lib.exception.AS2Exception) WrappedAS2Exception(com.helger.as2lib.exception.WrappedAS2Exception) IOException(java.io.IOException) SMIMEException(org.bouncycastle.mail.smime.SMIMEException) AS2ComponentNotFoundException(com.helger.as2lib.session.AS2ComponentNotFoundException) IAS2Session(com.helger.as2lib.session.IAS2Session) AS2ResourceHelper(com.helger.as2lib.util.AS2ResourceHelper) AS2DispositionException(com.helger.as2lib.disposition.AS2DispositionException) AS2NoModuleException(com.helger.as2lib.processor.AS2NoModuleException) AS2Exception(com.helger.as2lib.exception.AS2Exception) WrappedAS2Exception(com.helger.as2lib.exception.WrappedAS2Exception) MimeBodyPart(javax.mail.internet.MimeBodyPart)

Example 27 with AS2Exception

use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.

the class AS2ReceiverHandler method verify.

protected void verify(@Nonnull final IMessage aMsg, @Nonnull final AS2ResourceHelper aResHelper) throws AS2Exception {
    final ICertificateFactory aCertFactory = m_aReceiverModule.getSession().getCertificateFactory();
    final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
    try {
        final boolean bDisableVerify = aMsg.partnership().isDisableVerify();
        final boolean bMsgIsSigned = aCryptoHelper.isSigned(aMsg.getData());
        final boolean bForceVerify = aMsg.partnership().isForceVerify();
        if (bMsgIsSigned && bDisableVerify) {
            if (LOGGER.isInfoEnabled())
                LOGGER.info("Message claims to be signed but signature validation is disabled" + aMsg.getLoggingText());
        } else if (bMsgIsSigned || bForceVerify) {
            if (bForceVerify && !bMsgIsSigned) {
                if (LOGGER.isInfoEnabled())
                    LOGGER.info("Forced verify signature" + aMsg.getLoggingText());
            } else if (LOGGER.isDebugEnabled())
                LOGGER.debug("Verifying signature" + aMsg.getLoggingText());
            final X509Certificate aSenderCert = aCertFactory.getCertificateOrNull(aMsg, ECertificatePartnershipType.SENDER);
            boolean bUseCertificateInBodyPart;
            final ETriState eUseCertificateInBodyPart = aMsg.partnership().getVerifyUseCertificateInBodyPart();
            if (eUseCertificateInBodyPart.isDefined()) {
                // Use per partnership
                bUseCertificateInBodyPart = eUseCertificateInBodyPart.getAsBooleanValue();
            } else {
                // Use global value
                bUseCertificateInBodyPart = m_aReceiverModule.getSession().isCryptoVerifyUseCertificateInBodyPart();
            }
            final Wrapper<X509Certificate> aCertHolder = new Wrapper<>();
            final MimeBodyPart aVerifiedData = aCryptoHelper.verify(aMsg.getData(), aSenderCert, bUseCertificateInBodyPart, bForceVerify, aCertHolder::set, aResHelper);
            final Consumer<X509Certificate> aExternalConsumer = getVerificationCertificateConsumer();
            if (aExternalConsumer != null)
                aExternalConsumer.accept(aCertHolder.get());
            aMsg.setData(aVerifiedData);
            // Remember that message was signed and verified
            aMsg.attrs().putIn(AS2Message.ATTRIBUTE_RECEIVED_SIGNED, true);
            // Remember the PEM encoded version of the X509 certificate that was
            // used for verification
            aMsg.attrs().putIn(AS2Message.ATTRIBUTE_RECEIVED_SIGNATURE_CERTIFICATE, CertificateHelper.getPEMEncodedCertificate(aCertHolder.get()));
            if (LOGGER.isInfoEnabled())
                LOGGER.info("Successfully verified signature of incoming AS2 message" + aMsg.getLoggingText());
        }
    } catch (final Exception ex) {
        if (LOGGER.isErrorEnabled())
            LOGGER.error("Error verifying signature " + aMsg.getLoggingText() + ": " + ex.getMessage());
        throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("integrity-check-failed"), () -> AbstractActiveNetModule.DISP_VERIFY_SIGNATURE_FAILED);
    }
}
Also used : Wrapper(com.helger.commons.wrapper.Wrapper) ETriState(com.helger.commons.state.ETriState) Consumer(java.util.function.Consumer) ICertificateFactory(com.helger.as2lib.cert.ICertificateFactory) ICryptoHelper(com.helger.as2lib.crypto.ICryptoHelper) MimeBodyPart(javax.mail.internet.MimeBodyPart) X509Certificate(java.security.cert.X509Certificate) MessagingException(javax.mail.MessagingException) AS2NoModuleException(com.helger.as2lib.processor.AS2NoModuleException) AS2DispositionException(com.helger.as2lib.disposition.AS2DispositionException) AS2ProcessorException(com.helger.as2lib.processor.AS2ProcessorException) CMSException(org.bouncycastle.cms.CMSException) AS2Exception(com.helger.as2lib.exception.AS2Exception) WrappedAS2Exception(com.helger.as2lib.exception.WrappedAS2Exception) IOException(java.io.IOException) SMIMEException(org.bouncycastle.mail.smime.SMIMEException) AS2ComponentNotFoundException(com.helger.as2lib.session.AS2ComponentNotFoundException)

Example 28 with AS2Exception

use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.

the class AS2ReceiverHandler method decrypt.

protected void decrypt(@Nonnull final IMessage aMsg, @Nonnull final AS2ResourceHelper aResHelper) throws AS2Exception {
    final ICertificateFactory aCertFactory = m_aReceiverModule.getSession().getCertificateFactory();
    final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
    try {
        final boolean bDisableDecrypt = aMsg.partnership().isDisableDecrypt();
        final boolean bMsgIsEncrypted = aCryptoHelper.isEncrypted(aMsg.getData());
        final boolean bForceDecrypt = aMsg.partnership().isForceDecrypt();
        if (bMsgIsEncrypted && bDisableDecrypt) {
            if (LOGGER.isInfoEnabled())
                LOGGER.info("Message claims to be encrypted but decryption is disabled" + aMsg.getLoggingText());
        } else if (bMsgIsEncrypted || bForceDecrypt) {
            // Decrypt
            if (bForceDecrypt && !bMsgIsEncrypted) {
                if (LOGGER.isInfoEnabled())
                    LOGGER.info("Forced decrypting" + aMsg.getLoggingText());
            } else if (LOGGER.isDebugEnabled())
                LOGGER.debug("Decrypting" + aMsg.getLoggingText());
            final X509Certificate aReceiverCert = aCertFactory.getCertificate(aMsg, ECertificatePartnershipType.RECEIVER);
            final PrivateKey aReceiverKey = aCertFactory.getPrivateKey(aReceiverCert);
            final MimeBodyPart aDecryptedData = aCryptoHelper.decrypt(aMsg.getData(), aReceiverCert, aReceiverKey, bForceDecrypt, aResHelper);
            aMsg.setData(aDecryptedData);
            // Remember that message was encrypted
            aMsg.attrs().putIn(AS2Message.ATTRIBUTE_RECEIVED_ENCRYPTED, true);
            if (LOGGER.isInfoEnabled())
                LOGGER.info("Successfully decrypted incoming AS2 message" + aMsg.getLoggingText());
        }
    } catch (final AS2DispositionException ex) {
        // Re-throw "as is"
        throw ex;
    } catch (final Exception ex) {
        if (LOGGER.isErrorEnabled())
            LOGGER.error("Error decrypting " + aMsg.getLoggingText() + ": " + ex.getMessage());
        throw new AS2DispositionException(DispositionType.createError("decryption-failed"), AbstractActiveNetModule.DISP_DECRYPTION_ERROR, ex);
    }
}
Also used : AS2DispositionException(com.helger.as2lib.disposition.AS2DispositionException) PrivateKey(java.security.PrivateKey) ICertificateFactory(com.helger.as2lib.cert.ICertificateFactory) ICryptoHelper(com.helger.as2lib.crypto.ICryptoHelper) MimeBodyPart(javax.mail.internet.MimeBodyPart) X509Certificate(java.security.cert.X509Certificate) MessagingException(javax.mail.MessagingException) AS2NoModuleException(com.helger.as2lib.processor.AS2NoModuleException) AS2DispositionException(com.helger.as2lib.disposition.AS2DispositionException) AS2ProcessorException(com.helger.as2lib.processor.AS2ProcessorException) CMSException(org.bouncycastle.cms.CMSException) AS2Exception(com.helger.as2lib.exception.AS2Exception) WrappedAS2Exception(com.helger.as2lib.exception.WrappedAS2Exception) IOException(java.io.IOException) SMIMEException(org.bouncycastle.mail.smime.SMIMEException) AS2ComponentNotFoundException(com.helger.as2lib.session.AS2ComponentNotFoundException)

Example 29 with AS2Exception

use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.

the class IStorableCertificateFactory method load.

default void load(@Nonnull final String sFilename, @Nonnull final char[] aPassword) throws AS2Exception {
    InputStream aFIS = null;
    try {
        aFIS = KeyStoreHelper.getResourceProvider().getInputStream(sFilename);
        if (aFIS == null)
            throw new AS2Exception("Failed to to open input stream from '" + sFilename + "'");
    } catch (final RuntimeException ex) {
        throw new AS2Exception("Failed to to open input stream from '" + sFilename + "'", ex);
    }
    load(aFIS, aPassword);
}
Also used : AS2Exception(com.helger.as2lib.exception.AS2Exception) InputStream(java.io.InputStream)

Example 30 with AS2Exception

use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.

the class AbstractActiveNetModule method handleError.

public void handleError(@Nonnull final IMessage aMsg, @Nonnull final AS2Exception aSrcEx) {
    if (LOGGER.isTraceEnabled())
        LOGGER.trace("Handling error in " + ClassHelper.getClassLocalName(this.getClass()) + " for message with ID " + aMsg.getMessageID() + " and exception " + ClassHelper.getClassLocalName(aSrcEx.getClass()) + " with error " + aSrcEx.getMessage());
    aSrcEx.terminate(aMsg);
    try {
        final CompositeParameters aParams = new CompositeParameters(false).add("date", new DateParameters()).add("msg", new MessageParameters(aMsg));
        final String sErrorFilename = aParams.format(getErrorFormat());
        final String sErrorDirectory = aParams.format(getErrorDirectory());
        if (StringHelper.hasText(sErrorDirectory)) {
            final File aMsgErrorFile = AS2IOHelper.getUniqueFile(AS2IOHelper.getDirectoryFile(sErrorDirectory), FilenameHelper.getAsSecureValidFilename(sErrorFilename));
            // Default false for backwards compatibility reason
            final boolean bStoreBody = isErrorStoreBody();
            try (final OutputStream aFOS = FileHelper.getOutputStream(aMsgErrorFile)) {
                final String sMsgText = aMsg.getAsString();
                aFOS.write(sMsgText.getBytes());
                // Also store the body of the source message?
                if (bStoreBody)
                    StreamHelper.copyInputStreamToOutputStream(aMsg.getData().getInputStream(), aFOS);
            }
            // make sure an error of this event is logged
            new AS2InvalidMessageException("Stored invalid message to " + aMsgErrorFile.getAbsolutePath()).terminate();
        } else {
            LOGGER.warn("No error directory present, so ignoring the error");
        }
    } catch (final Exception ex) {
        WrappedAS2Exception.wrap(ex).terminate(aMsg);
    }
}
Also used : CompositeParameters(com.helger.as2lib.params.CompositeParameters) OutputStream(java.io.OutputStream) MessageParameters(com.helger.as2lib.params.MessageParameters) DateParameters(com.helger.as2lib.params.DateParameters) File(java.io.File) AS2Exception(com.helger.as2lib.exception.AS2Exception) WrappedAS2Exception(com.helger.as2lib.exception.WrappedAS2Exception) IOException(java.io.IOException)

Aggregations

AS2Exception (com.helger.as2lib.exception.AS2Exception)42 WrappedAS2Exception (com.helger.as2lib.exception.WrappedAS2Exception)23 IOException (java.io.IOException)16 IMicroElement (com.helger.xml.microdom.IMicroElement)8 Nonnull (javax.annotation.Nonnull)8 AS2DispositionException (com.helger.as2lib.disposition.AS2DispositionException)7 AS2NoModuleException (com.helger.as2lib.processor.AS2NoModuleException)7 File (java.io.File)7 MimeBodyPart (javax.mail.internet.MimeBodyPart)7 AS2ComponentNotFoundException (com.helger.as2lib.session.AS2ComponentNotFoundException)6 X509Certificate (java.security.cert.X509Certificate)6 MessagingException (javax.mail.MessagingException)6 ICertificateFactory (com.helger.as2lib.cert.ICertificateFactory)5 IMicroDocument (com.helger.xml.microdom.IMicroDocument)5 InputStream (java.io.InputStream)5 SMIMEException (org.bouncycastle.mail.smime.SMIMEException)5 AS2InvalidParameterException (com.helger.as2lib.params.AS2InvalidParameterException)4 Partnership (com.helger.as2lib.partner.Partnership)4 AS2ProcessorException (com.helger.as2lib.processor.AS2ProcessorException)4 ETriState (com.helger.commons.state.ETriState)4