From 2425d9c6f730a6253914167867fb5f1c36ba7735 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Wed, 30 Aug 2023 14:36:54 +0200
Subject: [PATCH] Add missing utility methods to MessageMetadata class

---
 .../MessageMetadata.java                      | 83 +++++++++++--------
 1 file changed, 47 insertions(+), 36 deletions(-)

diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java
index 041a5437..1f7a5b03 100644
--- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java
@@ -21,6 +21,7 @@ import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
 import org.pgpainless.authentication.CertificateAuthenticity;
 import org.pgpainless.authentication.CertificateAuthority;
 import org.pgpainless.exception.MalformedOpenPgpMessageException;
+import org.pgpainless.key.OpenPgpFingerprint;
 import org.pgpainless.key.SubkeyIdentifier;
 import org.pgpainless.util.SessionKey;
 
@@ -35,42 +36,6 @@ public class MessageMetadata {
         this.message = message;
     }
 
-    /**
-     * Convert this {@link MessageMetadata} object into a legacy {@link OpenPgpMetadata} object.
-     * This method is intended to be used for a transition period between the 1.3 / 1.4+ branches.
-     * TODO: Remove in 1.6.X
-     *
-     * @return converted {@link OpenPgpMetadata} object
-     */
-    public @Nonnull OpenPgpMetadata toLegacyMetadata() {
-        OpenPgpMetadata.Builder resultBuilder = OpenPgpMetadata.getBuilder();
-        resultBuilder.setCompressionAlgorithm(getCompressionAlgorithm());
-        resultBuilder.setModificationDate(getModificationDate());
-        resultBuilder.setFileName(getFilename());
-        resultBuilder.setFileEncoding(getLiteralDataEncoding());
-        resultBuilder.setSessionKey(getSessionKey());
-        resultBuilder.setDecryptionKey(getDecryptionKey());
-
-        for (SignatureVerification accepted : getVerifiedDetachedSignatures()) {
-            resultBuilder.addVerifiedDetachedSignature(accepted);
-        }
-        for (SignatureVerification.Failure rejected : getRejectedDetachedSignatures()) {
-            resultBuilder.addInvalidDetachedSignature(rejected.getSignatureVerification(), rejected.getValidationException());
-        }
-
-        for (SignatureVerification accepted : getVerifiedInlineSignatures()) {
-            resultBuilder.addVerifiedInbandSignature(accepted);
-        }
-        for (SignatureVerification.Failure rejected : getRejectedInlineSignatures()) {
-            resultBuilder.addInvalidInbandSignature(rejected.getSignatureVerification(), rejected.getValidationException());
-        }
-        if (message.isCleartextSigned()) {
-            resultBuilder.setCleartextSigned();
-        }
-
-        return resultBuilder.build();
-    }
-
     public boolean isUsingCleartextSignatureFramework() {
         return message.isCleartextSigned();
     }
@@ -240,6 +205,28 @@ public class MessageMetadata {
         return isVerifiedInlineSignedBy(keys) || isVerifiedDetachedSignedBy(keys);
     }
 
+    /**
+     * Return true, if the message was verifiable signed by a certificate that either has the given fingerprint
+     * as primary key, or as the signing subkey.
+     *
+     * @param fingerprint fingerprint
+     * @return true if message was signed by a cert identified by the given fingerprint
+     */
+    public boolean isVerifiedSignedBy(@Nonnull OpenPgpFingerprint fingerprint) {
+        List<SignatureVerification> verifications = getVerifiedSignatures();
+        for (SignatureVerification verification : verifications) {
+            if (verification.getSigningKey() == null) {
+                continue;
+            }
+
+            if (fingerprint.equals(verification.getSigningKey().getPrimaryKeyFingerprint()) ||
+                    fingerprint.equals(verification.getSigningKey().getSubkeyFingerprint())) {
+                return true;
+            }
+        }
+        return false;
+    }
+
     public List<SignatureVerification> getVerifiedSignatures() {
         List<SignatureVerification> allVerifiedSignatures = getVerifiedInlineSignatures();
         allVerifiedSignatures.addAll(getVerifiedDetachedSignatures());
@@ -269,6 +256,30 @@ public class MessageMetadata {
         return message.getRejectedDetachedSignatures();
     }
 
+    /**
+     * Return a list of all rejected signatures.
+     *
+     * @return rejected signatures
+     */
+    public @Nonnull List<SignatureVerification.Failure> getRejectedSignatures() {
+        List<SignatureVerification.Failure> rejected = new ArrayList<>();
+        rejected.addAll(getRejectedInlineSignatures());
+        rejected.addAll(getRejectedDetachedSignatures());
+        return rejected;
+    }
+
+    public boolean hasRejectedSignatures() {
+        return !getRejectedSignatures().isEmpty();
+    }
+
+    /**
+     * Return true, if the message contains any (verified or rejected) signature.
+     * @return true if message has signature
+     */
+    public boolean hasSignature() {
+        return isVerifiedSigned() || hasRejectedSignatures();
+    }
+
     public boolean isVerifiedInlineSignedBy(@Nonnull PGPKeyRing keys) {
         return containsSignatureBy(getVerifiedInlineSignatures(), keys);
     }