// Copyright (C) 2002 IAIK
// https://sic.tech
//
// Copyright (C) 2003 - 2025 Stiftung Secure Information and 
//                           Communication Technologies SIC
// https://sic.tech
//
// All rights reserved.
//
// This source is provided for inspection purposes and recompilation only,
// unless specified differently in a contract with IAIK. This source has to
// be kept in strict confidence and must not be disclosed to any third party
// under any circumstances. Redistribution in source and binary forms, with
// or without modification, are <not> permitted in any case!
//
// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
// ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
// SUCH DAMAGE.
//
// $Header: /IAIK-CMS/current/src/demo/smime/basic/SMimeShowDemo.java 30    12.02.25 17:58 Dbratko $
// $Revision: 30 $
//

package demo.smime.basic;

import iaik.smime.TrustVerifier;
import iaik.x509.X509Certificate;

import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.Date;

import jakarta.mail.Address;
import jakarta.mail.FetchProfile;
import jakarta.mail.Flags;
import jakarta.mail.Folder;
import jakarta.mail.Message;
import jakarta.mail.MessagingException;
import jakarta.mail.Session;
import jakarta.mail.Store;
import jakarta.mail.URLName;

import demo.DemoSMimeUtil;
import demo.DemoUtil;
import demo.cms.ecc.ECCDemoUtil;
import demo.keystore.CMSKeyStore;
import demo.smime.DumpMessage;

/**
 * This class demonstrates the usage of the IAIK S/MIME implementation for downloading
 * and verifying/decrypting signed and/or encrypted emails from some mail server.
 * <p>
 * To run this demo the following packages are required:
 * <ul>
 *    <li>
 *       <code>iaik_cms.jar</code> (IAIK-CMS/SMIME)
 *    </li>
 *    <li>
 *       <code>iaik_jce(_full).jar</code> (<a href="https://sic.tech/products/core-crypto-toolkits/jca-jce/" target="_blank">IAIK-JCE Core Crypto Library</a>).
 *    </li>
 *    <li>
 *       <code>iaik_eccelerate.jar</code> (<a href="https://sic.tech/products/core-crypto-toolkits/eccelerate/" target="_blank">IAIK ECC Library</a>, if you want to use Elliptic Curve Cryptography).
 *    </li>
 *    <li>
 *       <a href="https://jakarta.ee/specifications/mail/" target="_blank">Jakarta</a>/<a href="https://eclipse-ee4j.github.io/angus-mail/" target="_blank">Angus</a> Mail
 *    </li>   
 *    <li>
 *       <a href="https://jakarta.ee/specifications/activation/" target="_blank">Jakarta Activation Framework</a>
 *    </li> 
 * </ul>
 *
 * <b>Usage:</b>
 * <pre>
 * SMimeShow [-L url] [-T protocol] [-H host] [-U user] [-P password] [-f mailbox] [msgnum] [-v]
 * </pre>
 * <b>Example</b> to display message 2:
 * <pre>
 * SMimeShow -T imap -H mailhost -U test -P test -f INBOX 2
 * </pre>
 *
 * @see iaik.smime.EncryptedContent
 * @see iaik.smime.SignedContent
 */
public class SMimeShowDemo {

  String from;
  String protocol;
  String host = null;
  String user = null;
  String password = null;
  String mbox = "INBOX";
  String url = null;
  boolean verbose = false;
  
  /**
   * Simple trust verifier.
   */
  private static TrustVerifier trustVerifier_ = null;
  
  
  
  /**
   * Default constructor. Reads certificates and keys from the demo keystore.
   */
  public SMimeShowDemo() {
    
    System.out.println();
    System.out.println("******************************************************************************************");
    System.out.println("*                                 SMimeShow demo                                         *");
    System.out.println("*     (shows how to parse and verify/decrypt signed and/or encrypted S/MIME messages)    *");
    System.out.println("******************************************************************************************");
    System.out.println();

    
    trustVerifier_ = new TrustVerifier();
    // set demo CAs as trusted
    trustVerifier_.addTrustedCertificate(CMSKeyStore.getCaCertificate(CMSKeyStore.RSA));
    trustVerifier_.addTrustedCertificate(CMSKeyStore.getCaCertificate(CMSKeyStore.DSA));
    trustVerifier_.addTrustedCertificate(CMSKeyStore.getCaCertificate(CMSKeyStore.RSAPSS));
    
    // if EC is available set EC demo CAs as trusted, too
    try {
      trustVerifier_.addTrustedCertificate(demo.cms.ecc.keystore.CMSEccKeyStore.getCaCertificate());
    } catch (Exception e) {
      System.err.println("Cannot add EC demo CAs (EC not available?): " + e.toString());
    }
  }
  
  /**
   * Connects to the mail server, downloads messages, verifies/decrypts
   * them (if they are signed/encrypted).
   *
   * @param argv optional parameters like mailhost, account name,...
   *
   * @throws IOException if an I/O related error occurs
   */
  public void show(String[] argv) throws IOException {
    
        int msgnum = -1;
        int optind = 0;
    
    // some defaults
    protocol = "pop3";
    host = "mailhost";
    verbose = true;

    if (argv.length > 0) {
          for (optind = 0; optind < argv.length; optind++) {
              if (argv[optind].equals("-T")) {
                  protocol = argv[++optind];
              } else if (argv[optind].equals("-H")) {
                      host = argv[++optind];
              } else if (argv[optind].equals("-U")) {
                  user = argv[++optind];
              } else if (argv[optind].equals("-P")) {
                      password = argv[++optind];
              } else if (argv[optind].equals("-v")) {
                  verbose = true;
              } else if (argv[optind].equals("-f")) {
                      mbox = argv[++optind];
              } else if (argv[optind].equals("-L")) {
                  url = argv[++optind];
              } else if (argv[optind].equals("--")) {
                  optind++;
                  break;
              } else if (argv[optind].startsWith("-")) {
                  System.out.println("Usage: SMimeShow [-L url] [-T protocol] [-H host] [-U user] [-P password] [-f mailbox] [msgnum] [-v]");
                      System.exit(1);
              } else {
                  break;
              }
            }
    } 

    try {
            if (optind < argv.length)
         msgnum = Integer.parseInt(argv[optind]);

            // get the default Session
            Session session = DemoSMimeUtil.getSession();

            // Get a Store object
            Store store = null;
            if (url != null) {
                URLName urln = new URLName(url);
                store = session.getStore(urln);
                store.connect();
            } else {
          if (protocol != null) {
                    store = session.getStore(protocol);
                  } else {
                    store = session.getStore();
          }
          // Connect
          if (host != null || user != null || password != null) {
                    store.connect(host, user, password);
          }     else {
                    store.connect();
                  }  
            }

            // Open the Folder
            Folder folder = store.getDefaultFolder();
            if (folder == null) {
        System.out.println("No default folder");
        System.exit(1);
            }

            folder = folder.getFolder(mbox);
            if (folder == null) {
        System.out.println("Invalid folder");
        System.exit(1);
            }

//          folder.open(Folder.READ_WRITE);
            folder.open(Folder.READ_ONLY);            // only READ for POP3
            int totalMessages = folder.getMessageCount();

            if (totalMessages == 0) {
                System.out.println("Empty folder");
                folder.close(false);
                store.close();
                System.exit(1);
            }

            if (verbose) {
                int newMessages = folder.getNewMessageCount();
                System.out.println("Total messages = " + totalMessages);
                System.out.println("New messages = " + newMessages);
                System.out.println("-------------------------------");
            }

            if (msgnum == -1) {
                // Attributes & Flags for all messages ..
                Message[] msgs = folder.getMessages();

                // Use a suitable FetchProfile
                FetchProfile fp = new FetchProfile();
                fp.add(FetchProfile.Item.ENVELOPE);
                fp.add(FetchProfile.Item.FLAGS);
                fp.add("X-Mailer");
                folder.fetch(msgs, fp);

                for (int i = 0; i < msgs.length; i++) {

                      System.out.println("--------------------------");
                      System.out.println("MESSAGE #" + (i + 1) + ":");
                      from = msgs[i].getFrom()[0].toString();
                      dump(msgs[i]);
          }
            } else {
          System.out.println("Getting message number: " + msgnum);
          Message m = folder.getMessage(msgnum);
          from = m.getFrom()[0].toString();
          dump(m);
            }

            folder.close(false);
            store.close();

          // System.in.read();
        } catch (Exception ex) {
            ex.printStackTrace();
            throw new RuntimeException(ex.toString());
        }

  }
  
  /**
   * Dumps the given object (message).
   *
   * @param o the object (message) to be dumped
   *
   * @throws Exception if some error occurs
   */
  public void dump(Object o) throws Exception {
    DumpMessage dumpMsg = new DumpMessage();
    dumpMsg.dump(o);
    
    // message signed and signer certs included?
    X509Certificate[] signerCerts = dumpMsg.getSignerCerts();
    if (signerCerts != null) {
      try {
        trustVerifier_.verifyCertificateChain(signerCerts);
        System.out.println("Certificate chain trusted!");
      } catch (CertificateException ex) {
        System.out.println("Certificate chain not trusted!");
      } 
      // is email in cert equal to email from From: header?
      // the email has to be formatted as an "addr-spec" as defined in RFC 822.
      // An addr-spec has the form "local-part@domain".
      if (trustVerifier_.checkEMail(from, signerCerts[0])) {
         System.out.println("EMail is ok!");
      } else {
         System.out.println("EMail not ok!");
      }
    }
  }
  
  /**
   * Prints the envelope of a message.
   * 
   * @param m the message
   * 
   * @throws MessagingException if an error occurs
   */
  public static void dumpEnvelope(Message m) throws MessagingException {
        System.out.println("This is the message envelope");
        System.out.println("---------------------------");
        Address[] a;
          // FROM
        if ((a = m.getFrom()) != null) {
            for (int j = 0; j < a.length; j++)
                System.out.println("FROM: " + a[j].toString());
        }

    // TO
    if ((a = m.getRecipients(Message.RecipientType.TO)) != null) {
            for (int j = 0; j < a.length; j++)
                System.out.println("TO: " + a[j].toString());
        }

        // SUBJECT
        System.out.println("SUBJECT: " + m.getSubject());

        // DATE
        Date d = m.getSentDate();
        System.out.println("SendDate: "+(d != null ? d.toString() : "UNKNOWN"));

    // SIZE
    System.out.println("Size: " + m.getSize());

        // FLAGS:
        Flags flags = m.getFlags();
        StringBuffer sb = new StringBuffer();
        Flags.Flag[] sf = flags.getSystemFlags(); // get the system flags

        boolean first = true;
          for (int i = 0; i < sf.length; i++) {
            String s;
            Flags.Flag f = sf[i];
            if (f == Flags.Flag.ANSWERED)
                s = "\\Answered";
            else if (f == Flags.Flag.DELETED)
                    s = "\\Deleted";
            else if (f == Flags.Flag.DRAFT)
                s = "\\Draft";
            else if (f == Flags.Flag.FLAGGED)
                    s = "\\Flagged";
            else if (f == Flags.Flag.RECENT)
                s = "\\Recent";
            else if (f == Flags.Flag.SEEN)
                    s = "\\Seen";
            else
                continue;       // skip it
            if (first)
                first = false;
            else
                    sb.append(' ');
            sb.append(s);
        }

        String[] uf = flags.getUserFlags(); // get the user flag strings
        for (int i = 0; i < uf.length; i++) {
            if (first)
                first = false;
            else
                    sb.append(' ');
            sb.append(uf[i]);
        }
          System.out.println("FLAGS = " + sb.toString());

        // X-MAILER
        String[] hdrs = m.getHeader("X-Mailer");
        if (hdrs != null)
            System.out.println("X-Mailer: " + hdrs[0]);
        else
            System.out.println("X-Mailer NOT available");
  }
  
  /** 
   * Main method.
   */
  public static void main(String argv[]) throws Exception {
    DemoSMimeUtil.initDemos();
    // add ECC provider    
    ECCDemoUtil.installIaikEccProvider();
    (new SMimeShowDemo()).show(argv);
    System.out.println("\nReady!");
    DemoUtil.waitKey();
  }
}