use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.
the class AS2ReceiverHandler method handleIncomingMessage.
/**
* This method can be used to handle an incoming HTTP message AFTER the
* headers where extracted.
*
* @param sClientInfo
* Client connection info
* @param aMsgData
* The message body
* @param aMsg
* The AS2 message that will be filled by this method
* @param aResponseHandler
* The response handler which handles HTTP error messages as well as
* synchronous MDN.
*/
public void handleIncomingMessage(@Nonnull final String sClientInfo, @Nonnull final DataSource aMsgData, @Nonnull final AS2Message aMsg, @Nonnull final IAS2HttpResponseHandler aResponseHandler) {
// handler, to avoid the decrypted content gets removed (see issue #135)
try (final AS2ResourceHelper aResHelper = new AS2ResourceHelper()) {
try {
final IAS2Session aSession = m_aReceiverModule.getSession();
try {
// Put received data in a MIME body part
final String sReceivedContentType = AS2HttpHelper.getCleanContentType(aMsg.getHeader(CHttpHeader.CONTENT_TYPE));
final MimeBodyPart aReceivedPart = new MimeBodyPart();
aReceivedPart.setDataHandler(new DataHandler(aMsgData));
// Header must be set AFTER the DataHandler!
aReceivedPart.setHeader(CHttpHeader.CONTENT_TYPE, sReceivedContentType);
aMsg.setData(aReceivedPart);
} catch (final Exception ex) {
throw new AS2DispositionException(DispositionType.createError("unexpected-processing-error"), AbstractActiveNetModule.DISP_PARSING_MIME_FAILED, ex);
}
// update the message
try {
final String sAS2From = aMsg.getAS2From();
aMsg.partnership().setSenderAS2ID(sAS2From);
final String sAS2To = aMsg.getAS2To();
aMsg.partnership().setReceiverAS2ID(sAS2To);
// Fill all partnership attributes etc.
aSession.getPartnershipFactory().updatePartnership(aMsg, false);
} catch (final AS2Exception ex) {
throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("authentication-failed"), () -> AbstractActiveNetModule.DISP_PARTNERSHIP_NOT_FOUND);
}
// Per RFC5402 compression is always before encryption but can be before
// or after signing of message but only in one place
final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
boolean bIsDecompressed = false;
// Decrypt and verify signature of the data, and attach data to the
// message
decrypt(aMsg, aResHelper);
if (aCryptoHelper.isCompressed(aMsg.getContentType())) {
if (LOGGER.isTraceEnabled())
LOGGER.trace("Decompressing received message before checking signature...");
decompress(aMsg);
bIsDecompressed = true;
}
verify(aMsg, aResHelper);
if (aCryptoHelper.isCompressed(aMsg.getContentType())) {
// or after signing of message but only in one place
if (bIsDecompressed) {
throw new AS2DispositionException(DispositionType.createError("decompression-failed"), AbstractActiveNetModule.DISP_DECOMPRESSION_ERROR, new Exception("Message has already been decompressed. Per RFC5402 it cannot occur twice."));
}
if (LOGGER.isTraceEnabled())
if (aMsg.attrs().containsKey(AS2Message.ATTRIBUTE_RECEIVED_SIGNED))
LOGGER.trace("Decompressing received message after verifying signature...");
else
LOGGER.trace("Decompressing received message after decryption...");
decompress(aMsg);
bIsDecompressed = true;
}
if (LOGGER.isTraceEnabled())
try {
LOGGER.trace("SMIME Decrypted Content-Disposition: " + aMsg.getContentDisposition() + "\n Content-Type received: " + aMsg.getContentType() + "\n HEADERS after decryption: " + aMsg.getData().getAllHeaders() + "\n Content-Disposition in MSG detData() MIMEPART after decryption: " + aMsg.getData().getContentType());
} catch (final MessagingException ex) {
if (LOGGER.isErrorEnabled())
LOGGER.error("Failed to trace message: " + aMsg, ex);
}
// Validate the received message before storing
try {
aSession.getMessageProcessor().handle(IProcessorStorageModule.DO_VALIDATE_BEFORE_STORE, aMsg, null);
} catch (final AS2NoModuleException ex) {
// No module installed - ignore
} catch (final AS2Exception ex) {
// Issue 90 - use CRLF as separator
throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("unexpected-processing-error"), () -> StringHelper.getConcatenatedOnDemand(AbstractActiveNetModule.DISP_VALIDATION_FAILED, CHttp.EOL, _getDispositionText(ex)));
}
// Store the received message
try {
aSession.getMessageProcessor().handle(IProcessorStorageModule.DO_STORE, aMsg, null);
} catch (final AS2NoModuleException ex) {
// No module installed - ignore
} catch (final AS2Exception ex) {
// Issue 90 - use CRLF as separator
throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("unexpected-processing-error"), () -> StringHelper.getConcatenatedOnDemand(AbstractActiveNetModule.DISP_STORAGE_FAILED, CHttp.EOL, _getDispositionText(ex)));
}
// Validate the received message after storing
try {
aSession.getMessageProcessor().handle(IProcessorStorageModule.DO_VALIDATE_AFTER_STORE, aMsg, null);
} catch (final AS2NoModuleException ex) {
// No module installed - ignore
} catch (final AS2Exception ex) {
// Issue 90 - use CRLF as separator
throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("unexpected-processing-error"), () -> StringHelper.getConcatenatedOnDemand(AbstractActiveNetModule.DISP_VALIDATION_FAILED, CHttp.EOL, _getDispositionText(ex)));
}
try {
if (aMsg.isRequestingMDN()) {
if (LOGGER.isTraceEnabled())
LOGGER.trace("AS2 message is requesting an MDN");
// Transmit a success MDN if requested
sendMDN(sClientInfo, aResponseHandler, aMsg, DispositionType.createSuccess(), AbstractActiveNetModule.DISP_SUCCESS, ESuccess.SUCCESS);
} else {
if (LOGGER.isTraceEnabled())
LOGGER.trace("AS2 message is not requesting an MDN - just sending HTTP 200 (OK)");
// Just send a HTTP OK
HTTPHelper.sendSimpleHTTPResponse(aResponseHandler, CHttp.HTTP_OK);
if (LOGGER.isInfoEnabled())
LOGGER.info("sent HTTP OK " + sClientInfo + aMsg.getLoggingText());
}
} catch (final Exception ex) {
throw new AS2Exception("Error creating and returning MDN, message was stilled processed", ex);
}
} catch (final AS2DispositionException ex) {
sendMDN(sClientInfo, aResponseHandler, aMsg, ex.getDisposition(), ex.getText(), ESuccess.FAILURE);
m_aReceiverModule.handleError(aMsg, ex);
} catch (final AS2Exception ex) {
m_aReceiverModule.handleError(aMsg, ex);
} finally {
// close the temporary shared stream if it exists
final TempSharedFileInputStream sis = aMsg.getTempSharedFileInputStream();
if (null != sis) {
try {
sis.closeAll();
} catch (final IOException e) {
LOGGER.error("Exception while closing TempSharedFileInputStream", e);
}
}
}
}
}
use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.
the class AS2ReceiverHandler method verify.
protected void verify(@Nonnull final IMessage aMsg, @Nonnull final AS2ResourceHelper aResHelper) throws AS2Exception {
final ICertificateFactory aCertFactory = m_aReceiverModule.getSession().getCertificateFactory();
final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
try {
final boolean bDisableVerify = aMsg.partnership().isDisableVerify();
final boolean bMsgIsSigned = aCryptoHelper.isSigned(aMsg.getData());
final boolean bForceVerify = aMsg.partnership().isForceVerify();
if (bMsgIsSigned && bDisableVerify) {
if (LOGGER.isInfoEnabled())
LOGGER.info("Message claims to be signed but signature validation is disabled" + aMsg.getLoggingText());
} else if (bMsgIsSigned || bForceVerify) {
if (bForceVerify && !bMsgIsSigned) {
if (LOGGER.isInfoEnabled())
LOGGER.info("Forced verify signature" + aMsg.getLoggingText());
} else if (LOGGER.isDebugEnabled())
LOGGER.debug("Verifying signature" + aMsg.getLoggingText());
final X509Certificate aSenderCert = aCertFactory.getCertificateOrNull(aMsg, ECertificatePartnershipType.SENDER);
boolean bUseCertificateInBodyPart;
final ETriState eUseCertificateInBodyPart = aMsg.partnership().getVerifyUseCertificateInBodyPart();
if (eUseCertificateInBodyPart.isDefined()) {
// Use per partnership
bUseCertificateInBodyPart = eUseCertificateInBodyPart.getAsBooleanValue();
} else {
// Use global value
bUseCertificateInBodyPart = m_aReceiverModule.getSession().isCryptoVerifyUseCertificateInBodyPart();
}
final Wrapper<X509Certificate> aCertHolder = new Wrapper<>();
final MimeBodyPart aVerifiedData = aCryptoHelper.verify(aMsg.getData(), aSenderCert, bUseCertificateInBodyPart, bForceVerify, aCertHolder::set, aResHelper);
final Consumer<X509Certificate> aExternalConsumer = getVerificationCertificateConsumer();
if (aExternalConsumer != null)
aExternalConsumer.accept(aCertHolder.get());
aMsg.setData(aVerifiedData);
// Remember that message was signed and verified
aMsg.attrs().putIn(AS2Message.ATTRIBUTE_RECEIVED_SIGNED, true);
// Remember the PEM encoded version of the X509 certificate that was
// used for verification
aMsg.attrs().putIn(AS2Message.ATTRIBUTE_RECEIVED_SIGNATURE_CERTIFICATE, CertificateHelper.getPEMEncodedCertificate(aCertHolder.get()));
if (LOGGER.isInfoEnabled())
LOGGER.info("Successfully verified signature of incoming AS2 message" + aMsg.getLoggingText());
}
} catch (final Exception ex) {
if (LOGGER.isErrorEnabled())
LOGGER.error("Error verifying signature " + aMsg.getLoggingText() + ": " + ex.getMessage());
throw AS2DispositionException.wrap(ex, () -> DispositionType.createError("integrity-check-failed"), () -> AbstractActiveNetModule.DISP_VERIFY_SIGNATURE_FAILED);
}
}
use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.
the class AS2ReceiverHandler method decrypt.
protected void decrypt(@Nonnull final IMessage aMsg, @Nonnull final AS2ResourceHelper aResHelper) throws AS2Exception {
final ICertificateFactory aCertFactory = m_aReceiverModule.getSession().getCertificateFactory();
final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
try {
final boolean bDisableDecrypt = aMsg.partnership().isDisableDecrypt();
final boolean bMsgIsEncrypted = aCryptoHelper.isEncrypted(aMsg.getData());
final boolean bForceDecrypt = aMsg.partnership().isForceDecrypt();
if (bMsgIsEncrypted && bDisableDecrypt) {
if (LOGGER.isInfoEnabled())
LOGGER.info("Message claims to be encrypted but decryption is disabled" + aMsg.getLoggingText());
} else if (bMsgIsEncrypted || bForceDecrypt) {
// Decrypt
if (bForceDecrypt && !bMsgIsEncrypted) {
if (LOGGER.isInfoEnabled())
LOGGER.info("Forced decrypting" + aMsg.getLoggingText());
} else if (LOGGER.isDebugEnabled())
LOGGER.debug("Decrypting" + aMsg.getLoggingText());
final X509Certificate aReceiverCert = aCertFactory.getCertificate(aMsg, ECertificatePartnershipType.RECEIVER);
final PrivateKey aReceiverKey = aCertFactory.getPrivateKey(aReceiverCert);
final MimeBodyPart aDecryptedData = aCryptoHelper.decrypt(aMsg.getData(), aReceiverCert, aReceiverKey, bForceDecrypt, aResHelper);
aMsg.setData(aDecryptedData);
// Remember that message was encrypted
aMsg.attrs().putIn(AS2Message.ATTRIBUTE_RECEIVED_ENCRYPTED, true);
if (LOGGER.isInfoEnabled())
LOGGER.info("Successfully decrypted incoming AS2 message" + aMsg.getLoggingText());
}
} catch (final AS2DispositionException ex) {
// Re-throw "as is"
throw ex;
} catch (final Exception ex) {
if (LOGGER.isErrorEnabled())
LOGGER.error("Error decrypting " + aMsg.getLoggingText() + ": " + ex.getMessage());
throw new AS2DispositionException(DispositionType.createError("decryption-failed"), AbstractActiveNetModule.DISP_DECRYPTION_ERROR, ex);
}
}
use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.
the class IStorableCertificateFactory method load.
default void load(@Nonnull final String sFilename, @Nonnull final char[] aPassword) throws AS2Exception {
InputStream aFIS = null;
try {
aFIS = KeyStoreHelper.getResourceProvider().getInputStream(sFilename);
if (aFIS == null)
throw new AS2Exception("Failed to to open input stream from '" + sFilename + "'");
} catch (final RuntimeException ex) {
throw new AS2Exception("Failed to to open input stream from '" + sFilename + "'", ex);
}
load(aFIS, aPassword);
}
use of com.helger.as2lib.exception.AS2Exception in project as2-lib by phax.
the class AbstractActiveNetModule method handleError.
public void handleError(@Nonnull final IMessage aMsg, @Nonnull final AS2Exception aSrcEx) {
if (LOGGER.isTraceEnabled())
LOGGER.trace("Handling error in " + ClassHelper.getClassLocalName(this.getClass()) + " for message with ID " + aMsg.getMessageID() + " and exception " + ClassHelper.getClassLocalName(aSrcEx.getClass()) + " with error " + aSrcEx.getMessage());
aSrcEx.terminate(aMsg);
try {
final CompositeParameters aParams = new CompositeParameters(false).add("date", new DateParameters()).add("msg", new MessageParameters(aMsg));
final String sErrorFilename = aParams.format(getErrorFormat());
final String sErrorDirectory = aParams.format(getErrorDirectory());
if (StringHelper.hasText(sErrorDirectory)) {
final File aMsgErrorFile = AS2IOHelper.getUniqueFile(AS2IOHelper.getDirectoryFile(sErrorDirectory), FilenameHelper.getAsSecureValidFilename(sErrorFilename));
// Default false for backwards compatibility reason
final boolean bStoreBody = isErrorStoreBody();
try (final OutputStream aFOS = FileHelper.getOutputStream(aMsgErrorFile)) {
final String sMsgText = aMsg.getAsString();
aFOS.write(sMsgText.getBytes());
// Also store the body of the source message?
if (bStoreBody)
StreamHelper.copyInputStreamToOutputStream(aMsg.getData().getInputStream(), aFOS);
}
// make sure an error of this event is logged
new AS2InvalidMessageException("Stored invalid message to " + aMsgErrorFile.getAbsolutePath()).terminate();
} else {
LOGGER.warn("No error directory present, so ignoring the error");
}
} catch (final Exception ex) {
WrappedAS2Exception.wrap(ex).terminate(aMsg);
}
}
Aggregations