package hk.hku.cecid.edi.as2.module;

import hk.hku.cecid.ebms.pkg.Constants;
import hk.hku.cecid.edi.as2.AS2Exception;
import hk.hku.cecid.edi.as2.AS2Processor;
import hk.hku.cecid.edi.as2.dao.AS2DAOHandler;
import hk.hku.cecid.edi.as2.dao.PartnershipDVO;
import hk.hku.cecid.edi.as2.pkg.AS2Header;
import hk.hku.cecid.edi.as2.pkg.AS2Message;
import hk.hku.cecid.edi.as2.pkg.Disposition;
import hk.hku.cecid.edi.as2.pkg.DispositionNotification;
import hk.hku.cecid.edi.as2.pkg.DispositionNotificationOption;
import hk.hku.cecid.edi.as2.pkg.DispositionNotificationOptions;
import hk.hku.cecid.piazza.commons.security.KeyStoreManager;
import hk.hku.cecid.piazza.commons.security.SMimeMessage;
import java.util.Iterator;
import javax.mail.internet.MimeBodyPart;

/* JADX INFO: Access modifiers changed from: package-private */
/* JADX WARN: Classes with same name are omitted:
  input_file:hermes2_bin.zip:plugins/corvus-as2plus/corvus-as2plus.jar:hk/hku/cecid/edi/as2/module/IncomingMessage.class
 */
/* loaded from: input_file:hermes2_bin.zip:plugins/corvus-as2/corvus-as2.jar:hk/hku/cecid/edi/as2/module/IncomingMessage.class */
public class IncomingMessage {
    private AS2Message requestMessage;
    private SMimeMessage originalMessage;
    private SMimeMessage digestMessage;
    private SMimeMessage processedMessage;
    private Disposition disposition = new Disposition();
    private KeyStoreManager keyman;
    private AS2DAOHandler daoHandler;

    public IncomingMessage(AS2Message aS2Message, KeyStoreManager keyStoreManager, AS2DAOHandler aS2DAOHandler) {
        this.keyman = keyStoreManager;
        this.daoHandler = aS2DAOHandler;
        this.requestMessage = aS2Message;
    }

    public Disposition getDisposition() {
        return this.disposition;
    }

    public Disposition processSMime() throws AS2Exception {
        try {
            this.originalMessage = new SMimeMessage(this.requestMessage.getBodyPart(), this.keyman.getX509Certificate(), this.keyman.getPrivateKey());
            this.processedMessage = this.originalMessage;
            this.digestMessage = this.originalMessage;
            try {
                PartnershipDVO findPartnership = this.daoHandler.findPartnership(this.requestMessage, true);
                try {
                    if (findPartnership.isInboundEncryptRequired() && !this.processedMessage.isEncrypted()) {
                        throw new AS2Exception("Insufficient message security");
                    }
                    try {
                        if (this.processedMessage.isEncrypted()) {
                            AS2Processor.core.log.debug(this.requestMessage + " is encrypted");
                            this.processedMessage = this.processedMessage.decrypt();
                        }
                        for (int i = 0; i < 2; i++) {
                            try {
                                if (this.processedMessage.isCompressed()) {
                                    AS2Processor.core.log.debug(this.requestMessage + " is compressed");
                                    this.processedMessage = this.processedMessage.decompress();
                                }
                                if (i <= 0) {
                                    try {
                                        if (findPartnership.isInboundSignRequired() && !this.processedMessage.isSigned()) {
                                            throw new AS2Exception("Authentication failed");
                                        }
                                        try {
                                            if (this.processedMessage.isSigned()) {
                                                AS2Processor.core.log.debug(this.requestMessage + " is signed");
                                                this.processedMessage = this.processedMessage.verify(findPartnership.getEffectiveVerifyCertificate());
                                            }
                                            this.digestMessage = this.processedMessage;
                                        } catch (Exception e) {
                                            AS2Processor.core.log.error("Unable to verify " + this.requestMessage, e);
                                            this.disposition.setDescription(Disposition.DESC_AUTHENTICATION_FAILED);
                                            this.disposition.setModifier(Disposition.MODIFIER_ERROR);
                                            return this.disposition;
                                        }
                                    } catch (Exception e2) {
                                        AS2Processor.core.log.error("Signature enforcement check failed: " + this.requestMessage, e2);
                                        this.disposition.setDescription(Disposition.DESC_AUTHENTICATION_FAILED);
                                        this.disposition.setModifier(Disposition.MODIFIER_ERROR);
                                        return this.disposition;
                                    }
                                }
                            } catch (Exception e3) {
                                AS2Processor.core.log.error("Unable to decompress " + this.requestMessage, e3);
                                this.disposition.setDescription(Disposition.DESC_DECOMPRESSION_FAILED);
                                this.disposition.setModifier(Disposition.MODIFIER_ERROR);
                                return this.disposition;
                            }
                        }
                        return this.disposition;
                    } catch (Exception e4) {
                        AS2Processor.core.log.error("Unable to decrypt " + this.requestMessage, e4);
                        this.disposition.setDescription(Disposition.DESC_DECRYPTION_FAILED);
                        this.disposition.setModifier(Disposition.MODIFIER_ERROR);
                        return this.disposition;
                    }
                } catch (Exception e5) {
                    AS2Processor.core.log.error("Encryption enforcement check failed: " + this.requestMessage, e5);
                    this.disposition.setDescription(Disposition.DESC_INSUFFICIENT_MESSAGE_SECURITY);
                    this.disposition.setModifier(Disposition.MODIFIER_ERROR);
                    return this.disposition;
                }
            } catch (Exception e6) {
                AS2Processor.core.log.error("Partnership check failed: " + this.requestMessage, e6);
                this.disposition.setDescription(Disposition.DESC_AUTHENTICATION_FAILED);
                this.disposition.setModifier(Disposition.MODIFIER_ERROR);
                return this.disposition;
            }
        } catch (Exception e7) {
            throw new AS2Exception("Error in processing S/MIME of message: " + this.requestMessage.getMessageID(), e7);
        }
        throw new AS2Exception("Error in processing S/MIME of message: " + this.requestMessage.getMessageID(), e7);
    }

    public AS2Message generateReceipt() throws AS2Exception {
        MimeBodyPart bodyPart;
        try {
            AS2Processor.core.log.info(this.requestMessage + " requested " + (this.requestMessage.isReceiptSynchronous() ? "synchronous" : "asynchronous (URL: " + this.requestMessage.getHeader(AS2Header.RECEIPT_DELIVERY_OPTION) + ")") + " receipt");
            if (this.digestMessage == null) {
                throw new AS2Exception("Message not processed yet.");
            }
            AS2Message reply = this.requestMessage.reply();
            DispositionNotification dispositionNotification = new DispositionNotification();
            dispositionNotification.replyTo(this.requestMessage, AS2Processor.getModuleGroup().getSystemModule().getName());
            dispositionNotification.setDisposition(this.disposition);
            DispositionNotificationOptions dispositionNotificationOptions = this.requestMessage.getDispositionNotificationOptions();
            if (dispositionNotificationOptions == null) {
                bodyPart = dispositionNotification.getBodyPart();
            } else {
                AS2Processor.core.log.info(this.requestMessage + " requested a signed receipt");
                DispositionNotificationOption option = dispositionNotificationOptions.getOption(DispositionNotificationOptions.SIGNED_RECEIPT_PROTOCOL);
                if (option != null && option.isRequired() && !DispositionNotificationOption.SIGNED_RECEIPT_PROTOCOL_PKCS7.equalsIgnoreCase(option.getValue())) {
                    AS2Processor.core.log.warn("Unsupported MDN signature requested: " + option);
                }
                String str = SMimeMessage.DIGEST_ALG_SHA1;
                String str2 = "sha1";
                DispositionNotificationOption option2 = dispositionNotificationOptions.getOption(DispositionNotificationOptions.SIGNED_RECEIPT_MICALG);
                if (option2 != null) {
                    AS2Processor.core.log.info(this.requestMessage + " has shown preference on MIC algorithm: " + option2);
                    boolean z = false;
                    Iterator values = option2.getValues();
                    while (values.hasNext() && !z) {
                        String str3 = (String) values.next();
                        if ("sha1".equalsIgnoreCase(str3)) {
                            AS2Processor.core.log.debug("MIC algorithm accepted: " + str3);
                            str = SMimeMessage.DIGEST_ALG_SHA1;
                            str2 = "sha1";
                            z = true;
                        } else if ("md5".equalsIgnoreCase(str3)) {
                            AS2Processor.core.log.debug("MIC algorithm accepted: " + str3);
                            str = SMimeMessage.DIGEST_ALG_MD5;
                            str2 = "md5";
                            z = true;
                        }
                    }
                    if (!z) {
                        AS2Processor.core.log.warn("Unsupported MIC algorithm requested: " + option2);
                    }
                }
                String digest = this.digestMessage.digest(str, this.originalMessage.isSigned() || this.originalMessage.isCompressed() || this.originalMessage.isEncrypted());
                dispositionNotification.setReceivedContentMIC(digest, str2);
                AS2Processor.core.log.info(this.requestMessage + " has an MIC: " + digest);
                bodyPart = new SMimeMessage(dispositionNotification.getBodyPart(), this.keyman.getX509Certificate(), this.keyman.getPrivateKey()).sign().getBodyPart();
            }
            reply.setBodyPart(bodyPart);
            return reply;
        } catch (Exception e) {
            throw new AS2Exception("Unable to generate AS2 receipt for message: " + this.requestMessage.getMessageID(), e);
        }
    }

    public void dispatchMessage() throws AS2Exception {
        try {
            this.requestMessage.setBodyPart(this.processedMessage.getBodyPart());
            String[] header = this.requestMessage.getBodyPart().getHeader(Constants.CONTENT_TRANSFER_ENCODING);
            AS2Processor.core.log.debug("Dispatching " + this.requestMessage + " Content-type: " + this.requestMessage.getContentType() + " Content-Transfer-Encoding: " + ((header == null || header.length < 1) ? "null" : header[0]));
            PayloadCache createPayloadCache = AS2Processor.getIncomingPayloadRepository().createPayloadCache(this.requestMessage.getMessageID(), this.requestMessage.getFromPartyID(), this.requestMessage.getToPartyID(), this.requestMessage.getContentType());
            createPayloadCache.save(this.requestMessage.getInputStream());
            createPayloadCache.checkIn();
        } catch (Exception e) {
            throw new AS2Exception("Error in dispatching incoming AS2 message: " + this.requestMessage.getMessageID(), e);
        }
    }
}
