api-docs/4.16.0/_mime_j4_message_parser_8java_source.html

 /*

  * Autopsy Forensic Browser

  *

  * Copyright 2019 Basis Technology Corp.

  * Contact: carrier <at> sleuthkit <dot> org

  *

  * Licensed under the Apache License, Version 2.0 (the "License");

  * you may not use this file except in compliance with the License.

  * You may obtain a copy of the License at

  *

  *     http://www.apache.org/licenses/LICENSE-2.0

  *

  * Unless required by applicable law or agreed to in writing, software

  * distributed under the License is distributed on an "AS IS" BASIS,

  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  * See the License for the specific language governing permissions and

  * limitations under the License.

  */

 package org.sleuthkit.autopsy.thunderbirdparser;


 import java.io.BufferedReader;

 import java.io.File;

 import java.io.FileOutputStream;

 import java.io.IOException;

 import java.util.ArrayList;

 import java.util.List;

 import java.util.UUID;

 import java.util.logging.Level;

 import org.apache.james.mime4j.dom.Body;

 import org.apache.james.mime4j.dom.Entity;

 import org.apache.james.mime4j.dom.Message;

 import org.apache.james.mime4j.dom.Multipart;

 import org.apache.james.mime4j.dom.SingleBody;

 import org.apache.james.mime4j.dom.TextBody;

 import org.apache.james.mime4j.dom.address.AddressList;

 import org.apache.james.mime4j.dom.address.Mailbox;

 import org.apache.james.mime4j.dom.address.MailboxList;

 import org.apache.james.mime4j.dom.field.ContentDispositionField;

 import org.apache.james.mime4j.dom.field.ContentTypeField;

 import org.apache.james.mime4j.message.DefaultMessageBuilder;

 import org.apache.james.mime4j.stream.Field;

 import org.apache.james.mime4j.stream.MimeConfig;

 import org.openide.util.NbBundle;

 import org.sleuthkit.autopsy.casemodule.NoCurrentCaseException;

 import org.sleuthkit.autopsy.coreutils.FileUtil;

 import org.sleuthkit.autopsy.coreutils.Logger;

 import org.sleuthkit.datamodel.EncodedFileOutputStream;

 import org.sleuthkit.datamodel.TskData;


 class MimeJ4MessageParser {


     private static final Logger logger = Logger.getLogger(MimeJ4MessageParser.class.getName());


     private static final String HTML_TYPE = "text/html"; //NON-NLS

     private DefaultMessageBuilder messageBuilder = null;

     private final List<String> errorList = new ArrayList<>();


     private String localPath;


     DefaultMessageBuilder getMessageBuilder() {

         if (messageBuilder == null) {

             messageBuilder = new DefaultMessageBuilder();

             MimeConfig config = MimeConfig.custom().setMaxLineLen(-1).setMaxHeaderLen(-1).setMaxHeaderCount(-1).build();

             // disable line length checks.

             messageBuilder.setMimeEntityConfig(config);

         }


         return messageBuilder;

     }


     final void setLocalPath(String localPath) {

         this.localPath = localPath;

     }


     String getLocalPath() {

         return localPath;

     }


     String getErrors() {

         String result = "";

         for (String msg : errorList) {

             result += "<li>" + msg + "</li>";

         }

         return result;

     }


     void addErrorMessage(String msg) {

         errorList.add(msg);

     }


     EmailMessage extractEmail(Message msg, String localPath, long sourceFileID) {

         EmailMessage email = new EmailMessage();

         // Basic Info

         email.setSender(getAddresses(msg.getFrom()));

         email.setRecipients(getAddresses(msg.getTo()));

         email.setBcc(getAddresses(msg.getBcc()));

         email.setCc(getAddresses(msg.getCc()));

         email.setSubject(msg.getSubject());

         email.setSentDate(msg.getDate());

         email.setLocalPath(localPath);

         email.setMessageID(msg.getMessageId());


         Field field = msg.getHeader().getField("in-reply-to"); //NON-NLS

         String inReplyTo = null;


         if (field != null) {

             inReplyTo = field.getBody();

             email.setInReplyToID(inReplyTo);

         }


         field = msg.getHeader().getField("references");

         if (field != null) {

             List<String> references = new ArrayList<>();

             for (String id : field.getBody().split(">")) {

                 references.add(id.trim() + ">");

             }


             if (!references.contains(inReplyTo)) {

                 references.add(inReplyTo);

             }


             email.setReferences(references);

         }


         // Body

         if (msg.isMultipart()) {

             handleMultipart(email, (Multipart) msg.getBody(), sourceFileID);

         } else {

             handleTextBody(email, (TextBody) msg.getBody(), msg.getMimeType(), msg.getHeader().getFields());

         }


         return email;

     }


     EmailMessage extractPartialEmail(Message msg) {

         EmailMessage email = new EmailMessage();

         email.setSubject(msg.getSubject());

         email.setMessageID(msg.getMessageId());


         Field field = msg.getHeader().getField("in-reply-to"); //NON-NLS

         String inReplyTo = null;


         if (field != null) {

             inReplyTo = field.getBody();

             email.setInReplyToID(inReplyTo);

         }


         field = msg.getHeader().getField("references");

         if (field != null) {

             List<String> references = new ArrayList<>();

             for (String id : field.getBody().split(">")) {

                 references.add(id.trim() + ">");

             }


             if (!references.contains(inReplyTo)) {

                 references.add(inReplyTo);

             }


             email.setReferences(references);

         }


         return email;

     }


     private void handleMultipart(EmailMessage email, Multipart multi, long fileID) {

         List<Entity> entities = multi.getBodyParts();

         for (int index = 0; index < entities.size(); index++) {

             Entity e = entities.get(index);

             if (e.isMultipart()) {

                 handleMultipart(email, (Multipart) e.getBody(), fileID);

             } else if (e.getDispositionType() != null

                     && e.getDispositionType().equals(ContentDispositionField.DISPOSITION_TYPE_ATTACHMENT)) {

                 handleAttachment(email, e, fileID, index);

             } else if ((e.getMimeType().equals(HTML_TYPE) && (email.getHtmlBody() == null || email.getHtmlBody().isEmpty()))

                     || (e.getMimeType().equals(ContentTypeField.TYPE_TEXT_PLAIN) && (email.getTextBody() == null || email.getTextBody().isEmpty()))) {

                 handleTextBody(email, (TextBody) e.getBody(), e.getMimeType(), e.getHeader().getFields());

             } else {

                 handleAttachment(email, e, fileID, index);

             }

         }

     }


     private void handleTextBody(EmailMessage email, TextBody tb, String type, List<Field> fields) {

         BufferedReader r;

         try {

             r = new BufferedReader(tb.getReader());

             StringBuilder bodyString = new StringBuilder();

             StringBuilder headersString = new StringBuilder();

             String line;

             while ((line = r.readLine()) != null) {

                 bodyString.append(line).append("\n");

             }


             headersString.append("\n-----HEADERS-----\n");

             for (Field field : fields) {

                 String nextLine = field.getName() + ": " + field.getBody();

                 headersString.append("\n").append(nextLine);

             }

             headersString.append("\n\n---END HEADERS--\n\n");


             email.setHeaders(headersString.toString());


             switch (type) {

                 case ContentTypeField.TYPE_TEXT_PLAIN:

                     email.setTextBody(bodyString.toString());

                     break;

                 case HTML_TYPE:

                     email.setHtmlBody(bodyString.toString());

                     break;

                 default:

                     // Not interested in other text types.

                     break;

             }

         } catch (IOException ex) {

             logger.log(Level.WARNING, "Error getting text body of mbox message", ex); //NON-NLS

         }

     }


     @NbBundle.Messages({"MimeJ4MessageParser.handleAttch.noOpenCase.errMsg=Exception while getting open case."})

     private static void handleAttachment(EmailMessage email, Entity e, long fileID, int index) {

         String outputDirPath;

         String relModuleOutputPath;

         try {

             outputDirPath = ThunderbirdMboxFileIngestModule.getModuleOutputPath() + File.separator;

             relModuleOutputPath = ThunderbirdMboxFileIngestModule.getRelModuleOutputPath() + File.separator;

         } catch (NoCurrentCaseException ex) {

             logger.log(Level.SEVERE, Bundle.MimeJ4MessageParser_handleAttch_noOpenCase_errMsg(), ex); //NON-NLS

             return;

         }

         String filename = e.getFilename();


         if (filename == null) {

             filename = "attachment" + e.hashCode();

             logger.log(Level.WARNING, String.format("Attachment has no file name using '%s'", filename));

         }


         filename = FileUtil.escapeFileName(filename);


         // also had some crazy long names, so make random one if we get those.

         // also from Japanese image that had encoded name

         if (filename.length() > 64) {

             filename = UUID.randomUUID().toString();

         }


         String uniqueFilename = fileID + "-" + index + "-" + email.getSentDate() + "-" + filename;

         String outPath = outputDirPath + uniqueFilename;


         Body body = e.getBody();

         if (body instanceof SingleBody) {

             try (EncodedFileOutputStream fos = new EncodedFileOutputStream(new FileOutputStream(outPath), TskData.EncodingType.XOR1)) {

                 ((SingleBody) body).writeTo(fos);

             } catch (IOException ex) {

                 logger.log(Level.WARNING, "Failed to create file output stream for: " + outPath, ex); //NON-NLS

                 return;

             }


             EmailMessage.Attachment attach = new EmailMessage.Attachment();

             attach.setName(filename);

             attach.setLocalPath(relModuleOutputPath + uniqueFilename);

             attach.setSize(new File(outPath).length());

             attach.setEncodingType(TskData.EncodingType.XOR1);

             email.addAttachment(attach);

         }


     }


     private static String getAddresses(MailboxList mailboxList) {

         if (mailboxList == null) {

             return "";

         }

         StringBuilder addresses = new StringBuilder();

         for (Mailbox m : mailboxList) {

             addresses.append(m.toString()).append("; ");

         }

         return addresses.toString();

     }


     private static String getAddresses(AddressList addressList) {

         return (addressList == null) ? "" : getAddresses(addressList.flatten());

     }

 }

org.sleuthkit

org.sleuthkit.autopsy.coreutils.FileUtil
Definition: FileUtil.java:31

org

org.sleuthkit.autopsy.casemodule
Definition: AddImageAction.java:19

org.sleuthkit.autopsy.coreutils
Definition: AppSQLiteDB.java:19

org.sleuthkit.autopsy.coreutils.Logger
Definition: Logger.java:36

org.sleuthkit.autopsy

org.sleuthkit.autopsy.casemodule.NoCurrentCaseException
Definition: NoCurrentCaseException.java:26