#5: Support fixing MessageId

bbottema · bbottema · commit 84c908a8a94b · 2023-06-07T15:10:21.000+02:00
diff --git a/src/main/java/org/simplejavamail/utils/mail/smime/SmimeMessageIdFixingMimeMessage.java b/src/main/java/org/simplejavamail/utils/mail/smime/SmimeMessageIdFixingMimeMessage.java
@@ -0,0 +1,36 @@
+package org.simplejavamail.utils.mail.smime;
+
+import jakarta.mail.MessagingException;
+import jakarta.mail.Session;
+import jakarta.mail.internet.MimeMessage;
+import org.jetbrains.annotations.Nullable;
+
+import static java.lang.String.format;
+
+public class SmimeMessageIdFixingMimeMessage extends MimeMessage {
+    @Nullable
+    private final String messageId;
+
+    public SmimeMessageIdFixingMimeMessage(Session session, @Nullable String messageId) {
+        super(session);
+        this.messageId = messageId;
+    }
+
+    @Override
+    protected void updateMessageID() throws MessagingException {
+        if (messageId == null || messageId.length() == 0) {
+            super.updateMessageID();
+        } else {
+            setHeader("Message-ID", messageId);
+        }
+    }
+
+    @Override
+    public String toString() {
+        try {
+            return format("SmimeMimeMessage<id:%s, subject:%s>", super.getMessageID(), super.getSubject());
+        } catch (MessagingException e) {
+            throw new IllegalStateException("should not reach here");
+        }
+    }
+}
diff --git a/src/main/java/org/simplejavamail/utils/mail/smime/SmimeMessageIdFixingSMTPMessage.java b/src/main/java/org/simplejavamail/utils/mail/smime/SmimeMessageIdFixingSMTPMessage.java
@@ -0,0 +1,37 @@
+package org.simplejavamail.utils.mail.smime;
+
+import com.sun.mail.smtp.SMTPMessage;
+import jakarta.mail.MessagingException;
+import jakarta.mail.Session;
+import jakarta.mail.internet.MimeMessage;
+import org.jetbrains.annotations.Nullable;
+
+import static java.lang.String.format;
+
+public class SmimeMessageIdFixingSMTPMessage extends SMTPMessage {
+    @Nullable
+    private final String messageId;
+
+    public SmimeMessageIdFixingSMTPMessage(Session session, @Nullable String messageId) {
+        super(session);
+        this.messageId = messageId;
+    }
+
+    @Override
+    protected void updateMessageID() throws MessagingException {
+        if (messageId == null || messageId.length() == 0) {
+            super.updateMessageID();
+        } else {
+            setHeader("Message-ID", messageId);
+        }
+    }
+
+    @Override
+    public String toString() {
+        try {
+            return format("SmimeSMTPMessage<id:%s, subject:%s>", super.getMessageID(), super.getSubject());
+        } catch (MessagingException e) {
+            throw new IllegalStateException("should not reach here");
+        }
+    }
+}
diff --git a/src/main/java/org/simplejavamail/utils/mail/smime/SmimeUtil.java b/src/main/java/org/simplejavamail/utils/mail/smime/SmimeUtil.java
@@ -33,6 +33,7 @@
 import org.bouncycastle.operator.OutputEncryptor;
 import org.bouncycastle.operator.jcajce.JcaAlgorithmParametersConverter;
 import org.bouncycastle.util.Store;
+import org.jetbrains.annotations.Nullable;
 
 import javax.crypto.spec.OAEPParameterSpec;
 import javax.crypto.spec.PSource;
@@ -87,15 +88,14 @@ private static void updateMailcapCommandMap() {
     /**
      * Encrypts a MIME message and yields a new S/MIME encrypted MIME message.
      *
-     * @param session     The {@link Session} that is used in conjunction with the
-     *                    original {@link MimeMessage}.
+     * @param session     The {@link Session} that is used in conjunction with the original {@link MimeMessage}.
+     * @param messageId   Optional MessageID that should be preserved on the encrypted MimeMessage result.
      * @param mimeMessage The original {@link MimeMessage} to be encrypted.
-     * @param certificate The {@link X509Certificate} used to obtain the
-     *                    {@link PublicKey} to encrypt the original message with.
+     * @param certificate The {@link X509Certificate} used to obtain the {@link PublicKey} to encrypt the original message with.
      * @return The new S/MIME encrypted {@link MimeMessage}.
      */
-    public static MimeMessage encrypt(Session session, MimeMessage mimeMessage, X509Certificate certificate) {
-        return encrypt(session, mimeMessage, certificate, DEFAULT_KEY_ENCAPSULATION_ALGORITHM, DEFAULT_CIPHER);
+    public static MimeMessage encrypt(Session session, @Nullable String messageId, MimeMessage mimeMessage, X509Certificate certificate) {
+        return encrypt(session, mimeMessage, messageId, certificate, DEFAULT_KEY_ENCAPSULATION_ALGORITHM, DEFAULT_CIPHER);
     }
 
     /**
@@ -104,16 +104,17 @@ public static MimeMessage encrypt(Session session, MimeMessage mimeMessage, X509
      * @param session                   The {@link Session} that is used in conjunction with the
      *                                  original {@link MimeMessage}.
      * @param mimeMessage               The original {@link MimeMessage} to be encrypted.
+     * @param messageId                 Optional MessageID that should be preserved on the encrypted MimeMessage result.
      * @param certificate               The {@link X509Certificate} used to obtain the
      *                                  {@link PublicKey} to encrypt the original message with.
      * @param keyEncapsulationAlgorithm Algorithm used to encapsulate the symmetric encryption key.
      *                                  Currently, RSA RSA-OAEP with various SHA digest lengths are supported.
      * @param cmsAlgorithm              Encryption algorithm for symmetric content encryption.
      * @return The new S/MIME encrypted {@link MimeMessage}.
      */
-    public static MimeMessage encrypt(Session session, MimeMessage mimeMessage, X509Certificate certificate, KeyEncapsulationAlgorithm keyEncapsulationAlgorithm, ASN1ObjectIdentifier cmsAlgorithm) {
+    public static MimeMessage encrypt(Session session, MimeMessage mimeMessage, @Nullable String messageId, X509Certificate certificate, KeyEncapsulationAlgorithm keyEncapsulationAlgorithm, ASN1ObjectIdentifier cmsAlgorithm) {
         try {
-            MimeMessage encryptedMimeMessage = new MimeMessage(session);
+            MimeMessage encryptedMimeMessage = new SmimeMessageIdFixingMimeMessage(session, messageId);
             copyHeaders(mimeMessage, encryptedMimeMessage);
 
             SMIMEEnvelopedGenerator generator = prepareGenerator(certificate, keyEncapsulationAlgorithm);
@@ -408,34 +409,31 @@ private static JcaCertStore getCertificateStore(SmimeKey smimeKey) throws Certif
     /**
      * Signs a MIME message and yields a new S/MIME signed MIME message.
      *
-     * @param session     The {@link Session} that is used in conjunction with the
-     *                    original {@link MimeMessage}.
+     * @param session     The {@link Session} that is used in conjunction with the original {@link MimeMessage}.
+     * @param messageId   Optional MessageID that should be preserved on the signed MimeMessage.
      * @param mimeMessage The original {@link MimeMessage} or {@link SMTPMessage} to be signed.
-     * @param smimeKey    The {@link SmimeKey} used to obtain the {@link PrivateKey} to
-     *                    sign the original message with.
+     * @param smimeKey    The {@link SmimeKey} used to obtain the {@link PrivateKey} to sign the original message with.
      * @return The new S/MIME signed {@link MimeMessage} or {@link SMTPMessage}.
      */
-    public static <T extends MimeMessage> T sign(Session session, T mimeMessage, SmimeKey smimeKey) {
-        return sign(session, mimeMessage, smimeKey, DEFAULT_SIGNATURE_ALGORITHM_NAME);
+    public static <T extends MimeMessage> T sign(Session session, @Nullable String messageId, T mimeMessage, SmimeKey smimeKey) {
+        return sign(session, messageId, mimeMessage, smimeKey, DEFAULT_SIGNATURE_ALGORITHM_NAME);
     }
 
     /**
      * Signs a MIME message and yields a new S/MIME signed MIME message.
      *
-     * @param session       The {@link Session} that is used in conjunction with the
-     *                      original {@link MimeMessage}.
+     * @param session       The {@link Session} that is used in conjunction with the original {@link MimeMessage}.
+     * @param messageId     Optional MessageID that should be preserved on the signed MimeMessage.
      * @param mimeMessage   The original {@link MimeMessage} or {@link SMTPMessage} to be signed.
-     * @param smimeKey      The {@link SmimeKey} used to obtain the {@link PrivateKey} to
-     *                      sign the original message with.
-     * @param algorithmName The name of the signature algorithm to use. Must be an algorithm
-     *                      supported by the Bouncy Castle security provider.
+     * @param smimeKey      The {@link SmimeKey} used to obtain the {@link PrivateKey} to sign the original message with.
+     * @param algorithmName The name of the signature algorithm to use. Must be an algorithm supported by the Bouncy Castle security provider.
      * @return The new S/MIME signed {@link MimeMessage} or {@link SMTPMessage}.
      */
-    public static <T extends MimeMessage> T sign(Session session, T mimeMessage, SmimeKey smimeKey, String algorithmName) {
+    public static <T extends MimeMessage> T sign(Session session, @Nullable String messageId, T mimeMessage, SmimeKey smimeKey, String algorithmName) {
         //noinspection unchecked
         return (mimeMessage instanceof SMTPMessage)
-                ? sign(mimeMessage, (T) new SMTPMessage(session), smimeKey, algorithmName)
-                : sign(mimeMessage, (T) new MimeMessage(session), smimeKey, algorithmName);
+                ? sign(mimeMessage, (T) new SmimeMessageIdFixingSMTPMessage(session, messageId), smimeKey, algorithmName)
+                : sign(mimeMessage, (T) new SmimeMessageIdFixingMimeMessage(session, messageId), smimeKey, algorithmName);
     }
 
     private static <T extends MimeMessage> T sign(T mimeMessage, T signedMessage, SmimeKey smimeKey, String algorithmName) {
diff --git a/src/test/java/org/simplejavamail/utils/mail/smime/SmimeUtilTest.java b/src/test/java/org/simplejavamail/utils/mail/smime/SmimeUtilTest.java
@@ -54,7 +54,7 @@ private MimeMessage createTestMessage(String from, String to) throws MessagingEx
     public void SuccessfullySignAndValidate() throws MessagingException, IOException {
         MimeMessage testMessage = createTestMessage("alice@testcorp.com", "alice@testcorp.com");
         SmimeKey alicesKey = this.alicesKeyStore.getPrivateKey("alice", "alice".toCharArray());
-        MimeMessage signedMessage = SmimeUtil.sign(this.mailSession, testMessage, alicesKey);
+        MimeMessage signedMessage = SmimeUtil.sign(this.mailSession, null, testMessage, alicesKey);
         MimeMultipart multipartContent = (MimeMultipart) signedMessage.getContent();
         assertThat(SmimeUtil.getStatus(multipartContent)).isEqualTo(SmimeState.SIGNED);
         assertThat(SmimeUtil.checkSignature(multipartContent)).isTrue();
@@ -65,8 +65,8 @@ public void SuccessfullyEnvelopeAndDecryptDefault() throws MessagingException {
         MimeMessage testMessage = createTestMessage("alice@testcorp.com", "alice@testcorp.com");
         SmimeKey alicesKey = this.alicesKeyStore.getPrivateKey("alice", "alice".toCharArray());
         X509Certificate alicesCert = alicesKey.getCertificate();
-        MimeMessage encryptedMessage = SmimeUtil.encrypt(this.mailSession,
-                SmimeUtil.sign(this.mailSession, testMessage, alicesKey),
+        MimeMessage encryptedMessage = SmimeUtil.encrypt(this.mailSession, null,
+                SmimeUtil.sign(this.mailSession, null, testMessage, alicesKey),
                 alicesCert);
         assertThat(SmimeUtil.getStatus((encryptedMessage))).isEqualTo(SmimeState.ENCRYPTED);
         MimeMessage decryptedMessage = SmimeUtil.decrypt(this.mailSession, encryptedMessage, alicesKey);
@@ -79,8 +79,8 @@ public void SuccessfullyEnvelopeAndDecrypt() throws MessagingException {
         SmimeKey alicesKey = this.alicesKeyStore.getPrivateKey("alice", "alice".toCharArray());
         X509Certificate alicesCert = alicesKey.getCertificate();
         MimeMessage encryptedMessage = SmimeUtil.encrypt(this.mailSession,
-                SmimeUtil.sign(this.mailSession, testMessage, alicesKey, SignatureAlgorithmRsaPss),
-                alicesCert, KeyEncapsulationAlgorithm.RSA_OAEP_SHA256, CMSAlgorithm.AES256_CBC);
+                SmimeUtil.sign(this.mailSession, null, testMessage, alicesKey, SignatureAlgorithmRsaPss),
+                null, alicesCert, KeyEncapsulationAlgorithm.RSA_OAEP_SHA256, CMSAlgorithm.AES256_CBC);
         assertThat(SmimeUtil.getStatus((encryptedMessage))).isEqualTo(SmimeState.ENCRYPTED);
         MimeMessage decryptedMessage = SmimeUtil.decrypt(this.mailSession, encryptedMessage, alicesKey);
         assertThat(SmimeUtil.checkSignature(decryptedMessage)).isTrue();
@@ -93,8 +93,8 @@ public void AliceToBoEnvelopeAndDecrypt() throws MessagingException {
         SmimeKey bobsKey = this.bobsKeyStore.getPrivateKey("bob", "bob".toCharArray());
         X509Certificate bobsCert = bobsKey.getCertificate();
         MimeMessage encryptedMessage = SmimeUtil.encrypt(this.mailSession,
-                SmimeUtil.sign(this.mailSession, testMessage, alicesKey, SignatureAlgorithmRsaPss),
-                bobsCert, KeyEncapsulationAlgorithm.RSA_OAEP_SHA512, CMSAlgorithm.AES256_GCM);
+                SmimeUtil.sign(this.mailSession, null, testMessage, alicesKey, SignatureAlgorithmRsaPss),
+                null, bobsCert, KeyEncapsulationAlgorithm.RSA_OAEP_SHA512, CMSAlgorithm.AES256_GCM);
         assertThat(SmimeUtil.getStatus((encryptedMessage))).isEqualTo(SmimeState.ENCRYPTED);
         MimeMessage decryptedMessage = SmimeUtil.decrypt(this.mailSession, encryptedMessage, bobsKey);
         assertThat(SmimeUtil.checkSignature(decryptedMessage)).isTrue();
@@ -107,8 +107,8 @@ public void BobToAliceEnvelopeAndDecrypt() throws MessagingException {
         SmimeKey alicesKey = this.alicesKeyStore.getPrivateKey("alice", "alice".toCharArray());
         X509Certificate alicesCert = alicesKey.getCertificate();
         MimeMessage encryptedMessage = SmimeUtil.encrypt(this.mailSession,
-                SmimeUtil.sign(this.mailSession, testMessage, bobsKey, SignatureAlgorithmRsaPss),
-                alicesCert, KeyEncapsulationAlgorithm.RSA_OAEP_SHA384, CMSAlgorithm.AES192_CCM);
+                SmimeUtil.sign(this.mailSession, null, testMessage, bobsKey, SignatureAlgorithmRsaPss),
+                null, alicesCert, KeyEncapsulationAlgorithm.RSA_OAEP_SHA384, CMSAlgorithm.AES192_CCM);
         assertThat(SmimeUtil.getStatus((encryptedMessage))).isEqualTo(SmimeState.ENCRYPTED);
         MimeMessage decryptedMessage = SmimeUtil.decrypt(this.mailSession, encryptedMessage, alicesKey);
         assertThat(SmimeUtil.checkSignature(decryptedMessage)).isTrue();
