protected void decompress(@Nonnull final IMessage aMsg) throws DispositionException {
try {
if (aMsg.getPartnership().isDisableDecompress()) {
s_aLogger.info(
"Message claims to be compressed but decompression is disabled"
+ aMsg.getLoggingText());
} else {
if (s_aLogger.isDebugEnabled()) s_aLogger.debug("Decompressing a compressed AS2 message");
final SMIMECompressed aCompressed = new SMIMECompressed(aMsg.getData());
// decompression step MimeBodyPart
final MimeBodyPart aDecompressedPart =
SMIMEUtil.toMimeBodyPart(aCompressed.getContent(new ZlibExpanderProvider()));
// Update the message object
aMsg.setData(aDecompressedPart);
// Remember that message was decompressed
aMsg.setAttribute(AS2Message.ATTRIBUTE_RECEIVED_COMPRESSED, Boolean.TRUE.toString());
s_aLogger.info("Successfully decompressed incoming AS2 message" + aMsg.getLoggingText());
}
} catch (final Exception ex) {
s_aLogger.error("Error decompressing received message", ex);
throw new DispositionException(
DispositionType.createError("unexpected-processing-error"),
AbstractActiveNetModule.DISP_DECOMPRESSION_ERROR,
ex);
}
}
protected void decrypt(@Nonnull final IMessage aMsg) throws OpenAS2Exception {
final ICertificateFactory aCertFactory = m_aReceiverModule.getSession().getCertificateFactory();
final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
try {
final boolean bDisableDecrypt = aMsg.getPartnership().isDisableDecrypt();
final boolean bMsgIsEncrypted = aCryptoHelper.isEncrypted(aMsg.getData());
final boolean bForceDecrypt = aMsg.getPartnership().isForceDecrypt();
if (bMsgIsEncrypted && bDisableDecrypt) {
s_aLogger.info(
"Message claims to be encrypted but decryption is disabled" + aMsg.getLoggingText());
} else if (bMsgIsEncrypted || bForceDecrypt) {
// Decrypt
if (bForceDecrypt && !bMsgIsEncrypted)
s_aLogger.info("Forced decrypting" + aMsg.getLoggingText());
else if (s_aLogger.isDebugEnabled()) s_aLogger.debug("Decrypting" + aMsg.getLoggingText());
final X509Certificate aReceiverCert =
aCertFactory.getCertificate(aMsg, ECertificatePartnershipType.RECEIVER);
final PrivateKey aReceiverKey = aCertFactory.getPrivateKey(aMsg, aReceiverCert);
final MimeBodyPart aDecryptedData =
aCryptoHelper.decrypt(aMsg.getData(), aReceiverCert, aReceiverKey, bForceDecrypt);
aMsg.setData(aDecryptedData);
// Remember that message was encrypted
aMsg.setAttribute(AS2Message.ATTRIBUTE_RECEIVED_ENCRYPTED, Boolean.TRUE.toString());
s_aLogger.info("Successfully decrypted incoming AS2 message" + aMsg.getLoggingText());
}
} catch (final Exception ex) {
s_aLogger.error("Error decrypting " + aMsg.getLoggingText() + ": " + ex.getMessage());
throw new DispositionException(
DispositionType.createError("decryption-failed"),
AbstractActiveNetModule.DISP_DECRYPTION_ERROR,
ex);
}
}
protected void verify(@Nonnull final IMessage aMsg) throws OpenAS2Exception {
final ICertificateFactory aCertFactory = m_aReceiverModule.getSession().getCertificateFactory();
final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
try {
final boolean bDisableVerify = aMsg.getPartnership().isDisableVerify();
final boolean bMsgIsSigned = aCryptoHelper.isSigned(aMsg.getData());
final boolean bForceVerify = aMsg.getPartnership().isForceVerify();
if (bMsgIsSigned && bDisableVerify) {
s_aLogger.info(
"Message claims to be signed but signature validation is disabled"
+ aMsg.getLoggingText());
} else if (bMsgIsSigned || bForceVerify) {
if (bForceVerify && !bMsgIsSigned)
s_aLogger.info("Forced verify signature" + aMsg.getLoggingText());
else if (s_aLogger.isDebugEnabled())
s_aLogger.debug("Verifying signature" + aMsg.getLoggingText());
final X509Certificate aSenderCert =
aCertFactory.getCertificateOrNull(aMsg, ECertificatePartnershipType.SENDER);
boolean bUseCertificateInBodyPart;
final ETriState eUseCertificateInBodyPart =
aMsg.getPartnership().getVerifyUseCertificateInBodyPart();
if (eUseCertificateInBodyPart.isDefined()) {
// Use per partnership
bUseCertificateInBodyPart = eUseCertificateInBodyPart.getAsBooleanValue();
} else {
// Use global value
bUseCertificateInBodyPart =
m_aReceiverModule.getSession().isCryptoVerifyUseCertificateInBodyPart();
}
final MimeBodyPart aVerifiedData =
aCryptoHelper.verify(
aMsg.getData(), aSenderCert, bUseCertificateInBodyPart, bForceVerify);
aMsg.setData(aVerifiedData);
// Remember that message was signed and verified
aMsg.setAttribute(AS2Message.ATTRIBUTE_RECEIVED_SIGNED, Boolean.TRUE.toString());
s_aLogger.info(
"Successfully verified signature of incoming AS2 message" + aMsg.getLoggingText());
}
} catch (final Exception ex) {
s_aLogger.error(
"Error verifying signature " + aMsg.getLoggingText() + ": " + ex.getMessage());
throw new DispositionException(
DispositionType.createError("integrity-check-failed"),
AbstractActiveNetModule.DISP_VERIFY_SIGNATURE_FAILED,
ex);
}
}
private void _sendAsyncMDN(@Nonnull final AS2Message aMsg) throws OpenAS2Exception {
s_aLogger.info("Async MDN submitted" + aMsg.getLoggingText());
final DispositionType aDisposition = DispositionType.createSuccess();
try {
final IMessageMDN aMdn = aMsg.getMDN();
// Create a HTTP connection
final String sUrl = aMsg.getAsyncMDNurl();
final boolean bOutput = true;
final boolean bInput = true;
final boolean bUseCaches = false;
final HttpURLConnection aConn =
getConnection(sUrl, bOutput, bInput, bUseCaches, "POST", getSession().getHttpProxy());
try {
s_aLogger.info("connected to " + sUrl + aMsg.getLoggingText());
aConn.setRequestProperty(CAS2Header.HEADER_CONNECTION, CAS2Header.DEFAULT_CONNECTION);
aConn.setRequestProperty(CAS2Header.HEADER_USER_AGENT, CAS2Header.DEFAULT_USER_AGENT);
// Copy all the header from mdn to the RequestProperties of conn
final Enumeration<?> aHeaders = aMdn.getHeaders().getAllHeaders();
while (aHeaders.hasMoreElements()) {
final Header aHeader = (Header) aHeaders.nextElement();
final String sHeaderValue =
aHeader.getValue().replace('\t', ' ').replace('\n', ' ').replace('\r', ' ');
aConn.setRequestProperty(aHeader.getName(), sHeaderValue);
}
// Note: closing this stream causes connection abort errors on some AS2
// servers
final OutputStream aMessageOS = aConn.getOutputStream();
// Transfer the data
final InputStream aMessageIS = aMdn.getData().getInputStream();
final StopWatch aSW = StopWatch.createdStarted();
final long nBytes = IOHelper.copy(aMessageIS, aMessageOS);
aSW.stop();
s_aLogger.info(
"transferred " + IOHelper.getTransferRate(nBytes, aSW) + aMsg.getLoggingText());
// Check the HTTP Response code
final int nResponseCode = aConn.getResponseCode();
if (nResponseCode != HttpURLConnection.HTTP_OK
&& nResponseCode != HttpURLConnection.HTTP_CREATED
&& nResponseCode != HttpURLConnection.HTTP_ACCEPTED
&& nResponseCode != HttpURLConnection.HTTP_PARTIAL
&& nResponseCode != HttpURLConnection.HTTP_NO_CONTENT) {
s_aLogger.error(
"sent AsyncMDN [" + aDisposition.getAsString() + "] Fail " + aMsg.getLoggingText());
throw new HttpResponseException(sUrl, nResponseCode, aConn.getResponseMessage());
}
s_aLogger.info(
"sent AsyncMDN [" + aDisposition.getAsString() + "] OK " + aMsg.getLoggingText());
// log & store mdn into backup folder.
try {
getSession()
.getMessageProcessor()
.handle(IProcessorStorageModule.DO_STOREMDN, aMsg, null);
} catch (final ComponentNotFoundException ex) {
// May be
}
} finally {
aConn.disconnect();
}
} catch (final HttpResponseException ex) {
// Resend if the HTTP Response has an error code
ex.terminate();
_resend(aMsg, ex);
} catch (final IOException ex) {
// Resend if a network error occurs during transmission
final OpenAS2Exception wioe = WrappedOpenAS2Exception.wrap(ex);
wioe.addSource(OpenAS2Exception.SOURCE_MESSAGE, aMsg);
wioe.terminate();
_resend(aMsg, wioe);
} catch (final Exception ex) {
// Propagate error if it can't be handled by a resend
throw WrappedOpenAS2Exception.wrap(ex);
}
}
/**
* This method can be used to handle an incoming HTTP message AFTER the headers where extracted.
*
* @param sClientInfo Client connection info
* @param aMsgData The message body
* @param aMsg The AS2 message that will be filled by this method
* @param aResponseHandler The response handler which handles HTTP error messages as well as
* synchronous MDN.
*/
public void handleIncomingMessage(
@Nonnull final String sClientInfo,
@Nonnull final byte[] aMsgData,
@Nonnull final AS2Message aMsg,
@Nonnull final IAS2HttpResponseHandler aResponseHandler) {
// TODO store HTTP request, headers, and data to file in Received folder
// -> use message-id for filename?
try {
final IAS2Session aSession = m_aReceiverModule.getSession();
try {
// Put received data in a MIME body part
final ContentType aReceivedContentType =
new ContentType(aMsg.getHeader(CAS2Header.HEADER_CONTENT_TYPE));
final String sReceivedContentType = aReceivedContentType.toString();
final MimeBodyPart aReceivedPart = new MimeBodyPart();
aReceivedPart.setDataHandler(
new DataHandler(new ByteArrayDataSource(aMsgData, sReceivedContentType, null)));
// Header must be set AFTER the DataHandler!
aReceivedPart.setHeader(CAS2Header.HEADER_CONTENT_TYPE, sReceivedContentType);
aMsg.setData(aReceivedPart);
} catch (final Exception ex) {
throw new DispositionException(
DispositionType.createError("unexpected-processing-error"),
AbstractActiveNetModule.DISP_PARSING_MIME_FAILED,
ex);
}
// Extract AS2 ID's from header, find the message's partnership and
// update the message
try {
final String sAS2From = aMsg.getAS2From();
aMsg.getPartnership().setSenderAS2ID(sAS2From);
final String sAS2To = aMsg.getAS2To();
aMsg.getPartnership().setReceiverAS2ID(sAS2To);
// Fill all partnership attributes etc.
aSession.getPartnershipFactory().updatePartnership(aMsg, false);
} catch (final OpenAS2Exception ex) {
throw new DispositionException(
DispositionType.createError("authentication-failed"),
AbstractActiveNetModule.DISP_PARTNERSHIP_NOT_FOUND,
ex);
}
// Per RFC5402 compression is always before encryption but can be before
// or after signing of message but only in one place
final ICryptoHelper aCryptoHelper = AS2Helper.getCryptoHelper();
boolean bIsDecompressed = false;
// Decrypt and verify signature of the data, and attach data to the
// message
decrypt(aMsg);
if (aCryptoHelper.isCompressed(aMsg.getContentType())) {
if (s_aLogger.isTraceEnabled())
s_aLogger.trace("Decompressing received message before checking signature...");
decompress(aMsg);
bIsDecompressed = true;
}
verify(aMsg);
if (aCryptoHelper.isCompressed(aMsg.getContentType())) {
// Per RFC5402 compression is always before encryption but can be before
// or after signing of message but only in one place
if (bIsDecompressed) {
throw new DispositionException(
DispositionType.createError("decompression-failed"),
AbstractActiveNetModule.DISP_DECOMPRESSION_ERROR,
new Exception(
"Message has already been decompressed. Per RFC5402 it cannot occur twice."));
}
if (s_aLogger.isTraceEnabled())
if (aMsg.containsAttribute(AS2Message.ATTRIBUTE_RECEIVED_SIGNED))
s_aLogger.trace("Decompressing received message after verifying signature...");
else s_aLogger.trace("Decompressing received message after decryption...");
decompress(aMsg);
bIsDecompressed = true;
}
if (s_aLogger.isTraceEnabled())
try {
s_aLogger.trace(
"SMIME Decrypted Content-Disposition: "
+ aMsg.getContentDisposition()
+ "\n Content-Type received: "
+ aMsg.getContentType()
+ "\n HEADERS after decryption: "
+ aMsg.getData().getAllHeaders()
+ "\n Content-Disposition in MSG detData() MIMEPART after decryption: "
+ aMsg.getData().getContentType());
} catch (final MessagingException ex) {
s_aLogger.error("Failed to trace message: " + aMsg, ex);
}
// Validate the received message before storing
try {
aSession
.getMessageProcessor()
.handle(IProcessorStorageModule.DO_VALIDATE_BEFORE_STORE, aMsg, null);
} catch (final NoModuleException ex) {
// No module installed - ignore
} catch (final OpenAS2Exception ex) {
throw new DispositionException(
DispositionType.createError("unexpected-processing-error"),
AbstractActiveNetModule.DISP_VALIDATION_FAILED
+ "\n"
+ StackTraceHelper.getStackAsString(ex),
ex);
}
// Store the received message
try {
aSession.getMessageProcessor().handle(IProcessorStorageModule.DO_STORE, aMsg, null);
} catch (final NoModuleException ex) {
// No module installed - ignore
} catch (final OpenAS2Exception ex) {
throw new DispositionException(
DispositionType.createError("unexpected-processing-error"),
AbstractActiveNetModule.DISP_STORAGE_FAILED + "\n" + ex.getMessage(),
ex);
}
// Validate the received message after storing
try {
aSession
.getMessageProcessor()
.handle(IProcessorStorageModule.DO_VALIDATE_AFTER_STORE, aMsg, null);
} catch (final NoModuleException ex) {
// No module installed - ignore
} catch (final OpenAS2Exception ex) {
throw new DispositionException(
DispositionType.createError("unexpected-processing-error"),
AbstractActiveNetModule.DISP_VALIDATION_FAILED
+ "\n"
+ StackTraceHelper.getStackAsString(ex),
ex);
}
try {
if (aMsg.isRequestingMDN()) {
// Transmit a success MDN if requested
sendSyncMDN(
sClientInfo,
aResponseHandler,
aMsg,
DispositionType.createSuccess(),
AbstractActiveNetModule.DISP_SUCCESS);
} else {
// Just send a HTTP OK
HTTPHelper.sendSimpleHTTPResponse(aResponseHandler, HttpURLConnection.HTTP_OK);
s_aLogger.info("sent HTTP OK " + sClientInfo + aMsg.getLoggingText());
}
} catch (final Exception ex) {
throw new WrappedOpenAS2Exception(
"Error creating and returning MDN, message was stilled processed", ex);
}
} catch (final DispositionException ex) {
sendSyncMDN(sClientInfo, aResponseHandler, aMsg, ex.getDisposition(), ex.getText());
m_aReceiverModule.handleError(aMsg, ex);
} catch (final OpenAS2Exception ex) {
m_aReceiverModule.handleError(aMsg, ex);
}
}
protected void sendSyncMDN(
@Nonnull final String sClientInfo,
@Nonnull final IAS2HttpResponseHandler aResponseHandler,
@Nonnull final AS2Message aMsg,
@Nonnull final DispositionType aDisposition,
@Nonnull final String sText) {
final boolean bMDNBlocked = aMsg.getPartnership().isBlockErrorMDN();
if (!bMDNBlocked) {
try {
final IAS2Session aSession = m_aReceiverModule.getSession();
final IMessageMDN aMdn = AS2Helper.createMDN(aSession, aMsg, aDisposition, sText);
if (aMsg.isRequestingAsynchMDN()) {
// if asyncMDN requested, close connection and initiate separate MDN
// send
final InternetHeaders aHeaders = new InternetHeaders();
aHeaders.setHeader(CAS2Header.HEADER_CONTENT_LENGTH, Integer.toString(0));
// Empty data
final NonBlockingByteArrayOutputStream aData = new NonBlockingByteArrayOutputStream();
aResponseHandler.sendHttpResponse(HttpURLConnection.HTTP_OK, aHeaders, aData);
s_aLogger.info(
"Setup to send asynch MDN ["
+ aDisposition.getAsString()
+ "] "
+ sClientInfo
+ aMsg.getLoggingText());
// trigger explicit sending
aSession.getMessageProcessor().handle(IProcessorSenderModule.DO_SENDMDN, aMsg, null);
} else {
// otherwise, send sync MDN back on same connection
s_aLogger.info(
"Sending back sync MDN ["
+ aDisposition.getAsString()
+ "] "
+ sClientInfo
+ aMsg.getLoggingText());
// Get data and therefore content length for sync MDN
final NonBlockingByteArrayOutputStream aData = new NonBlockingByteArrayOutputStream();
final MimeBodyPart aPart = aMdn.getData();
StreamHelper.copyInputStreamToOutputStream(aPart.getInputStream(), aData);
aMdn.setHeader(CAS2Header.HEADER_CONTENT_LENGTH, Integer.toString(aData.getSize()));
// start HTTP response
aResponseHandler.sendHttpResponse(HttpURLConnection.HTTP_OK, aMdn.getHeaders(), aData);
// Save sent MDN for later examination
try {
aSession.getMessageProcessor().handle(IProcessorStorageModule.DO_STOREMDN, aMsg, null);
} catch (final ComponentNotFoundException ex) {
// No message processor found
} catch (final NoModuleException ex) {
// No module found in message processor
}
s_aLogger.info(
"sent MDN ["
+ aDisposition.getAsString()
+ "] "
+ sClientInfo
+ aMsg.getLoggingText());
}
} catch (final Exception ex) {
final OpenAS2Exception we = WrappedOpenAS2Exception.wrap(ex);
we.addSource(OpenAS2Exception.SOURCE_MESSAGE, aMsg);
we.terminate();
}
}
}