Cannot configure MDN signing

[yaskovdev]

Good afternoon and thank you for your library.

I still cannot configure MDN signing (see #98). I suspect there can be a bug in the library.

I run AS2 Client and AS2 Server locally. AS2 Client represents a company A, the sender. AS2 Server represents a company B, the receiver. AS2 Client has public and private keys of company A and public key of company B. AS2 Server has public and private keys of company B and public key of company A.

A sends an AS2 message to B. An unexpected exception happens when B tries to sign the MDN.

Steps to reproduce:

1. Run both AS2 Client and AS2 Server on the same machine. AS2 Server should run in debug mode.
2. Put the breakpoint to the AS2 Server to the com.helger.as2lib.util.AS2Helper#createMDNData method, ex.terminate (); line.
3. Send a message from AS Client to AS Server by executing curl -X POST http://localhost:8081/outgoing in a command line.

Expected: the breakpoint from the 2nd step is not reached. Actual: the breakpoint is reached because the com.helger.as2lib.cert.KeyNotFoundException happens.

[phax]

Thanks for your detailed explanation and the links to all the details. I was trying it, and getting the following exception:

2019-11-08 15:06:29.605 ERROR 16764 --- [nio-8081-exec-1] com.helger.as2lib.client.AS2Client       : Error sending AS2 message

java.lang.IllegalArgumentException: name
        at sun.misc.URLClassPath$Loader.findResource(URLClassPath.java:703) ~[na:1.8.0_212]
        at sun.misc.URLClassPath.findResource(URLClassPath.java:225) ~[na:1.8.0_212]
        at java.net.URLClassLoader$2.run(URLClassLoader.java:572) ~[na:1.8.0_212]
        at java.net.URLClassLoader$2.run(URLClassLoader.java:570) ~[na:1.8.0_212]
        at java.security.AccessController.doPrivileged(Native Method) ~[na:1.8.0_212]
        at java.net.URLClassLoader.findResource(URLClassLoader.java:569) ~[na:1.8.0_212]
        at org.springframework.boot.loader.LaunchedURLClassLoader.findResource(LaunchedURLClassLoader.java:58) ~[as2-client-0.0.1-SNAPSHOT.jar:0.0.1-SNAPSHOT]
        at java.lang.ClassLoader.getResource(ClassLoader.java:1096) ~[na:1.8.0_212]
        at org.apache.catalina.loader.WebappClassLoaderBase.getResource(WebappClassLoaderBase.java:1048) ~[tomcat-embed-core-9.0.26.jar!/:9.0.26]
        at com.helger.commons.lang.ClassLoaderHelper.getResource(ClassLoaderHelper.java:131) ~[ph-commons-9.3.7.jar!/:9.3.7]
        at com.helger.commons.url.URLHelper.getClassPathURL(URLHelper.java:1085) ~[ph-commons-9.3.7.jar!/:9.3.7]
        at com.helger.commons.io.resource.ClassPathResource._getAsURL(ClassPathResource.java:325) ~[ph-commons-9.3.7.jar!/:9.3.7]
        at com.helger.commons.io.resource.ClassPathResource.getAsURL(ClassPathResource.java:341) ~[ph-commons-9.3.7.jar!/:9.3.7]
        at com.helger.commons.io.resource.ClassPathResource.getInputStream(ClassPathResource.java:273) ~[ph-commons-9.3.7.jar!/:9.3.7]
        at com.helger.commons.io.resourceprovider.IReadableResourceProvider.getInputStream(IReadableResourceProvider.java:73) ~[ph-commons-9.3.7.jar!/:9.3.7]
        at com.helger.commons.io.resourceprovider.ReadableResourceProviderChain.getInputStream(ReadableResourceProviderChain.java:96) ~[ph-commons-9.3.7.jar!/:9.3.7]
        at com.helger.as2lib.cert.IStorableCertificateFactory.load(IStorableCertificateFactory.java:101) ~[as2-lib-4.4.8.jar!/:4.4.8]
        at com.helger.as2lib.cert.IStorableCertificateFactory.load(IStorableCertificateFactory.java:96) ~[as2-lib-4.4.8.jar!/:4.4.8]
        at com.helger.as2lib.client.AS2Client.initCertificateFactory(AS2Client.java:257) ~[as2-lib-4.4.8.jar!/:4.4.8]
        at com.helger.as2lib.client.AS2Client.sendSynchronous(AS2Client.java:383) ~[as2-lib-4.4.8.jar!/:4.4.8]
        at com.yaskovdev.as2sandbox.CustomAs2Client.sendSynchronous(CustomAs2Client.java:49) [classes!/:0.0.1-SNAPSHOT]

that is some weird issue with the Spring Classloader (at least on Windows). I added a fix in ph-commons 9.3.9 to capture this exception internally. As a work around I copied the keystore file to the root folder of my drive.

Next thing I stumbled upon was the same names of the keystore (keystore.p12) so I renamed them to have unique names.

Than I had an issue finding the correct certificate, because the code was looking for "A" and Portecle showed me only "b", and because PKCS12 keystore aliases are case sensitive, it failed. I directly used the latest SNAPSHOT. I'm continuing my investigation from there.... takes some time

[yaskovdev]

Thank you for quick response. :)

In theory no additional changes should be needed in order to run the examples. I just tried in the below way.

Run the AS2 Client: cd ./as2-client mvn clean package java -jar ./target/as2-client-0.0.1-SNAPSHOT.jar

Run the AS2 Server: cd ./as2-server mvn clean package java -jar ./target/as2-server-0.0.1-SNAPSHOT.jar

Make AS2 Client to send the request: curl -X POST http://localhost:8081/outgoing

Of course if you build the jar files and then run them from the command line it is a bit trickier to use the debugger with them. But probably the debugger is not needed even, it is possible to just add some logging, say, before the ex.terminate (); line (see the issue description).

As for the aliases, I am not sure there is a problem with them in the example. I always use the upper case naming for aliases, see here and here. And in the code is looking for them in upper case, see here for AS2 Client. For AS2 Server I believe that your library uses sender and receiver IDs as the aliases, which are in upper cases as well.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[phax]

The problem was a partnership factory overwriting partnership configuration with an old value, because of some fake name. This fixed in 4.5.4