diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java index bb2f5c76..2cd2a6f2 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java +++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java @@ -91,16 +91,24 @@ public class MessageMetadata { }; } - public @Nonnull List getVerifiedSignatures() { + public List getVerifiedDetachedSignatures() { + return new ArrayList<>(message.verifiedDetachedSignatures); + } + + public List getRejectedDetachedSignatures() { + return new ArrayList<>(message.rejectedDetachedSignatures); + } + + public @Nonnull List getVerifiedInlineSignatures() { List verifications = new ArrayList<>(); - Iterator> verificationsByLayer = getVerifiedSignaturesByLayer(); + Iterator> verificationsByLayer = getVerifiedInlineSignaturesByLayer(); while (verificationsByLayer.hasNext()) { verifications.addAll(verificationsByLayer.next()); } return verifications; } - public @Nonnull Iterator> getVerifiedSignaturesByLayer() { + public @Nonnull Iterator> getVerifiedInlineSignaturesByLayer() { return new LayerIterator>(message) { @Override boolean matches(Nested layer) { @@ -114,21 +122,24 @@ public class MessageMetadata { @Override List getProperty(Layer last) { - return new ArrayList<>(last.getVerifiedSignatures()); + List list = new ArrayList<>(); + list.addAll(last.getVerifiedOnePassSignatures()); + list.addAll(last.getVerifiedPrependedSignatures()); + return list; } }; } - public @Nonnull List getRejectedSignatures() { + public @Nonnull List getRejectedInlineSignatures() { List rejected = new ArrayList<>(); - Iterator> rejectedByLayer = getRejectedSignaturesByLayer(); + Iterator> rejectedByLayer = getRejectedInlineSignaturesByLayer(); while (rejectedByLayer.hasNext()) { rejected.addAll(rejectedByLayer.next()); } return rejected; } - public @Nonnull Iterator> getRejectedSignaturesByLayer() { + public @Nonnull Iterator> getRejectedInlineSignaturesByLayer() { return new LayerIterator>(message) { @Override boolean matches(Nested layer) { @@ -142,7 +153,10 @@ public class MessageMetadata { @Override List getProperty(Layer last) { - return new ArrayList<>(last.getFailedSignatures()); + List list = new ArrayList<>(); + list.addAll(last.getRejectedOnePassSignatures()); + list.addAll(last.getRejectedPrependedSignatures()); + return list; } }; } @@ -169,8 +183,12 @@ public class MessageMetadata { } public abstract static class Layer { - protected final List verifiedSignatures = new ArrayList<>(); - protected final List failedSignatures = new ArrayList<>(); + protected final List verifiedDetachedSignatures = new ArrayList<>(); + protected final List rejectedDetachedSignatures = new ArrayList<>(); + protected final List verifiedOnePassSignatures = new ArrayList<>(); + protected final List rejectedOnePassSignatures = new ArrayList<>(); + protected final List verifiedPrependedSignatures = new ArrayList<>(); + protected final List rejectedPrependedSignatures = new ArrayList<>(); protected Nested child; public Nested getChild() { @@ -181,21 +199,54 @@ public class MessageMetadata { this.child = child; } - public List getVerifiedSignatures() { - return new ArrayList<>(verifiedSignatures); + public List getVerifiedDetachedSignatures() { + return new ArrayList<>(verifiedDetachedSignatures); } - public List getFailedSignatures() { - return new ArrayList<>(failedSignatures); + public List getRejectedDetachedSignatures() { + return new ArrayList<>(rejectedDetachedSignatures); } - void addVerifiedSignature(SignatureVerification signatureVerification) { - verifiedSignatures.add(signatureVerification); + void addVerifiedDetachedSignature(SignatureVerification signatureVerification) { + verifiedDetachedSignatures.add(signatureVerification); } - void addFailedSignature(SignatureVerification.Failure failure) { - failedSignatures.add(failure); + void addRejectedDetachedSignature(SignatureVerification.Failure failure) { + rejectedDetachedSignatures.add(failure); } + + public List getVerifiedOnePassSignatures() { + return new ArrayList<>(verifiedOnePassSignatures); + } + + public List getRejectedOnePassSignatures() { + return new ArrayList<>(rejectedOnePassSignatures); + } + + void addVerifiedOnePassSignature(SignatureVerification verifiedOnePassSignature) { + this.verifiedOnePassSignatures.add(verifiedOnePassSignature); + } + + void addRejectedOnePassSignature(SignatureVerification.Failure rejected) { + this.rejectedOnePassSignatures.add(rejected); + } + + public List getVerifiedPrependedSignatures() { + return new ArrayList<>(verifiedPrependedSignatures); + } + + public List getRejectedPrependedSignatures() { + return new ArrayList<>(rejectedPrependedSignatures); + } + + void addVerifiedPrependedSignature(SignatureVerification verified) { + this.verifiedPrependedSignatures.add(verified); + } + + void addRejectedPrependedSignature(SignatureVerification.Failure rejected) { + this.rejectedPrependedSignatures.add(rejected); + } + } public interface Nested { diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java index 9e26dc20..a4b05bbe 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java +++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java @@ -29,6 +29,7 @@ import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData; import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPSecretKey; import org.bouncycastle.openpgp.PGPSecretKeyRing; +import org.bouncycastle.openpgp.PGPSessionKey; import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.operator.PBEDataDecryptorFactory; import org.bouncycastle.openpgp.operator.PGPContentVerifierBuilderProvider; @@ -55,6 +56,7 @@ import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.protection.UnlockSecretKey; import org.pgpainless.policy.Policy; import org.pgpainless.signature.SignatureUtils; +import org.pgpainless.signature.consumer.SignatureValidator; import org.pgpainless.util.Passphrase; import org.pgpainless.util.SessionKey; import org.pgpainless.util.Tuple; @@ -94,9 +96,9 @@ public class OpenPgpMessageInputStream extends DecryptionStream { } protected OpenPgpMessageInputStream(@Nonnull InputStream inputStream, - @Nonnull ConsumerOptions options, - @Nonnull MessageMetadata.Layer metadata, - @Nonnull Policy policy) + @Nonnull ConsumerOptions options, + @Nonnull MessageMetadata.Layer metadata, + @Nonnull Policy policy) throws PGPException, IOException { super(OpenPgpMetadata.getBuilder()); @@ -173,7 +175,7 @@ public class OpenPgpMessageInputStream extends DecryptionStream { throw new MissingDecryptionMethodException("No working decryption method found."); - // Marker Packets need to be skipped and ignored + // Marker Packets need to be skipped and ignored case MARKER: packetInputStream.readMarker(); break; @@ -236,7 +238,7 @@ public class OpenPgpMessageInputStream extends DecryptionStream { PGPSignature signature = packetInputStream.readSignature(); if (isSigForOPS) { signatures.leaveNesting(); // TODO: Only leave nesting if all OPSs of the nesting layer are dealt with - signatures.addCorrespondingOnePassSignature(signature, metadata); + signatures.addCorrespondingOnePassSignature(signature, metadata, policy); } else { signatures.addPrependedSignature(signature); } @@ -257,7 +259,6 @@ public class OpenPgpMessageInputStream extends DecryptionStream { // Try session key if (options.getSessionKey() != null) { SessionKey sessionKey = options.getSessionKey(); - throwIfUnacceptable(sessionKey.getAlgorithm()); SessionKeyDataDecryptorFactory decryptorFactory = ImplementationFactory.getInstance() @@ -270,11 +271,13 @@ public class OpenPgpMessageInputStream extends DecryptionStream { if (esk instanceof PGPPBEEncryptedData) { PGPPBEEncryptedData skesk = (PGPPBEEncryptedData) esk; InputStream decrypted = skesk.getDataStream(decryptorFactory); + encryptedData.sessionKey = sessionKey; nestedInputStream = new OpenPgpMessageInputStream(buffer(decrypted), options, encryptedData, policy); return true; } else if (esk instanceof PGPPublicKeyEncryptedData) { PGPPublicKeyEncryptedData pkesk = (PGPPublicKeyEncryptedData) esk; InputStream decrypted = pkesk.getDataStream(decryptorFactory); + encryptedData.sessionKey = sessionKey; nestedInputStream = new OpenPgpMessageInputStream(buffer(decrypted), options, encryptedData, policy); return true; } else { @@ -290,22 +293,22 @@ public class OpenPgpMessageInputStream extends DecryptionStream { SymmetricKeyAlgorithm kekAlgorithm = SymmetricKeyAlgorithm.requireFromId(skesk.getAlgorithm()); throwIfUnacceptable(kekAlgorithm); for (Passphrase passphrase : options.getDecryptionPassphrases()) { - PBEDataDecryptorFactory decryptorFactory = ImplementationFactory.getInstance() - .getPBEDataDecryptorFactory(passphrase); + PBEDataDecryptorFactory decryptorFactory = ImplementationFactory.getInstance() + .getPBEDataDecryptorFactory(passphrase); - try { - InputStream decrypted = skesk.getDataStream(decryptorFactory); - SymmetricKeyAlgorithm sessionKeyAlgorithm = SymmetricKeyAlgorithm.requireFromId( - skesk.getSymmetricAlgorithm(decryptorFactory)); - throwIfUnacceptable(sessionKeyAlgorithm); - MessageMetadata.EncryptedData encryptedData = new MessageMetadata.EncryptedData(sessionKeyAlgorithm); - nestedInputStream = new OpenPgpMessageInputStream(buffer(decrypted), options, encryptedData, policy); - return true; - } catch (UnacceptableAlgorithmException e) { - throw e; - } catch (PGPException e) { - // Password mismatch? - } + try { + InputStream decrypted = skesk.getDataStream(decryptorFactory); + SessionKey sessionKey = new SessionKey(skesk.getSessionKey(decryptorFactory)); + throwIfUnacceptable(sessionKey.getAlgorithm()); + MessageMetadata.EncryptedData encryptedData = new MessageMetadata.EncryptedData(sessionKey.getAlgorithm()); + encryptedData.sessionKey = sessionKey; + nestedInputStream = new OpenPgpMessageInputStream(buffer(decrypted), options, encryptedData, policy); + return true; + } catch (UnacceptableAlgorithmException e) { + throw e; + } catch (PGPException e) { + // Password mismatch? + } } } @@ -323,11 +326,13 @@ public class OpenPgpMessageInputStream extends DecryptionStream { PublicKeyDataDecryptorFactory decryptorFactory = ImplementationFactory.getInstance() .getPublicKeyDataDecryptorFactory(privateKey); try { - SymmetricKeyAlgorithm symAlg = SymmetricKeyAlgorithm.requireFromId(pkesk.getSymmetricAlgorithm(decryptorFactory)); - throwIfUnacceptable(symAlg); InputStream decrypted = pkesk.getDataStream(decryptorFactory); + SessionKey sessionKey = new SessionKey(pkesk.getSessionKey(decryptorFactory)); + throwIfUnacceptable(sessionKey.getAlgorithm()); + MessageMetadata.EncryptedData encryptedData = new MessageMetadata.EncryptedData( SymmetricKeyAlgorithm.requireFromId(pkesk.getSymmetricAlgorithm(decryptorFactory))); + encryptedData.sessionKey = sessionKey; nestedInputStream = new OpenPgpMessageInputStream(buffer(decrypted), options, encryptedData, policy); return true; @@ -348,8 +353,12 @@ public class OpenPgpMessageInputStream extends DecryptionStream { try { InputStream decrypted = pkesk.getDataStream(decryptorFactory); + SessionKey sessionKey = new SessionKey(pkesk.getSessionKey(decryptorFactory)); + throwIfUnacceptable(sessionKey.getAlgorithm()); + MessageMetadata.EncryptedData encryptedData = new MessageMetadata.EncryptedData( SymmetricKeyAlgorithm.requireFromId(pkesk.getSymmetricAlgorithm(decryptorFactory))); + encryptedData.sessionKey = sessionKey; nestedInputStream = new OpenPgpMessageInputStream(buffer(decrypted), options, encryptedData, policy); return true; } catch (PGPException e) { @@ -427,7 +436,7 @@ public class OpenPgpMessageInputStream extends DecryptionStream { } catch (PGPException e) { throw new RuntimeException(e); } - signatures.finish(metadata); + signatures.finish(metadata, policy); } return r; } @@ -455,7 +464,7 @@ public class OpenPgpMessageInputStream extends DecryptionStream { } catch (PGPException e) { throw new RuntimeException(e); } - signatures.finish(metadata); + signatures.finish(metadata, policy); } return r; } @@ -588,7 +597,7 @@ public class OpenPgpMessageInputStream extends DecryptionStream { } } - void addCorrespondingOnePassSignature(PGPSignature signature, MessageMetadata.Layer layer) { + void addCorrespondingOnePassSignature(PGPSignature signature, MessageMetadata.Layer layer, Policy policy) { for (int i = onePassSignatures.size() - 1; i >= 0; i--) { OnePassSignature onePassSignature = onePassSignatures.get(i); if (onePassSignature.opSignature.getKeyID() != signature.getKeyID()) { @@ -598,19 +607,32 @@ public class OpenPgpMessageInputStream extends DecryptionStream { continue; } - boolean verified = onePassSignature.verify(signature); + boolean correct = onePassSignature.verify(signature); SignatureVerification verification = new SignatureVerification(signature, new SubkeyIdentifier(onePassSignature.certificate, onePassSignature.keyId)); - if (verified) { - layer.addVerifiedSignature(verification); + if (correct) { + PGPPublicKey signingKey = onePassSignature.certificate.getPublicKey(onePassSignature.keyId); + try { + checkSignatureValidity(signature, signingKey, policy); + layer.addVerifiedOnePassSignature(verification); + } catch (SignatureValidationException e) { + layer.addRejectedOnePassSignature(new SignatureVerification.Failure(verification, e)); + } } else { - layer.addFailedSignature(new SignatureVerification.Failure(verification, - new SignatureValidationException("Incorrect Signature."))); + layer.addRejectedOnePassSignature(new SignatureVerification.Failure(verification, + new SignatureValidationException("Bad Signature."))); } break; } } + boolean checkSignatureValidity(PGPSignature signature, PGPPublicKey signingKey, Policy policy) throws SignatureValidationException { + SignatureValidator.wasPossiblyMadeByKey(signingKey).verify(signature); + SignatureValidator.signatureStructureIsAcceptable(signingKey, policy).verify(signature); + SignatureValidator.signatureIsEffective().verify(signature); + return true; + } + void enterNesting() { opsUpdateStack.push(literalOPS); literalOPS = new ArrayList<>(); @@ -699,27 +721,39 @@ public class OpenPgpMessageInputStream extends DecryptionStream { } } - public void finish(MessageMetadata.Layer layer) { + public void finish(MessageMetadata.Layer layer, Policy policy) { for (DetachedOrPrependedSignature detached : detachedSignatures) { - boolean verified = detached.verify(); + boolean correct = detached.verify(); SignatureVerification verification = new SignatureVerification( detached.signature, new SubkeyIdentifier(detached.certificate, detached.keyId)); - if (verified) { - layer.addVerifiedSignature(verification); + if (correct) { + try { + PGPPublicKey signingKey = detached.certificate.getPublicKey(detached.keyId); + checkSignatureValidity(detached.signature, signingKey, policy); + layer.addVerifiedDetachedSignature(verification); + } catch (SignatureValidationException e) { + layer.addRejectedDetachedSignature(new SignatureVerification.Failure(verification, e)); + } } else { - layer.addFailedSignature(new SignatureVerification.Failure( - verification, new SignatureValidationException("Incorrect Signature."))); + layer.addRejectedDetachedSignature(new SignatureVerification.Failure( + verification, new SignatureValidationException("Incorrect Signature."))); } } for (DetachedOrPrependedSignature prepended : prependedSignatures) { - boolean verified = prepended.verify(); + boolean correct = prepended.verify(); SignatureVerification verification = new SignatureVerification( prepended.signature, new SubkeyIdentifier(prepended.certificate, prepended.keyId)); - if (verified) { - layer.addVerifiedSignature(verification); + if (correct) { + try { + PGPPublicKey signingKey = prepended.certificate.getPublicKey(prepended.keyId); + checkSignatureValidity(prepended.signature, signingKey, policy); + layer.addVerifiedPrependedSignature(verification); + } catch (SignatureValidationException e) { + layer.addRejectedPrependedSignature(new SignatureVerification.Failure(verification, e)); + } } else { - layer.addFailedSignature(new SignatureVerification.Failure( + layer.addRejectedPrependedSignature(new SignatureVerification.Failure( verification, new SignatureValidationException("Incorrect Signature."))); } } @@ -859,46 +893,18 @@ public class OpenPgpMessageInputStream extends DecryptionStream { resultBuilder.setFileEncoding(m.getFormat()); resultBuilder.setSessionKey(m.getSessionKey()); - for (Signatures.OnePassSignature ops : signatures.onePassSignatures) { - if (!ops.finished) { - continue; - } - - SubkeyIdentifier identifier = new SubkeyIdentifier(ops.certificate, ops.keyId); - SignatureVerification verification = new SignatureVerification(ops.signature, identifier); - if (ops.valid) { - resultBuilder.addVerifiedInbandSignature(verification); - } else { - resultBuilder.addInvalidInbandSignature(verification, new SignatureValidationException("Incorrect signature.")); - } + for (SignatureVerification accepted : m.getVerifiedDetachedSignatures()) { + resultBuilder.addVerifiedDetachedSignature(accepted); + } + for (SignatureVerification.Failure rejected : m.getRejectedDetachedSignatures()) { + resultBuilder.addInvalidDetachedSignature(rejected.getSignatureVerification(), rejected.getValidationException()); } - for (Signatures.DetachedOrPrependedSignature prep : signatures.prependedSignatures) { - if (!prep.finished) { - continue; - } - - SubkeyIdentifier identifier = new SubkeyIdentifier(prep.certificate, prep.keyId); - SignatureVerification verification = new SignatureVerification(prep.signature, identifier); - if (prep.valid) { - resultBuilder.addVerifiedInbandSignature(verification); - } else { - resultBuilder.addInvalidInbandSignature(verification, new SignatureValidationException("Incorrect signature.")); - } + for (SignatureVerification accepted : m.getVerifiedInlineSignatures()) { + resultBuilder.addVerifiedInbandSignature(accepted); } - - for (Signatures.DetachedOrPrependedSignature det : signatures.detachedSignatures) { - if (!det.finished) { - continue; - } - - SubkeyIdentifier identifier = new SubkeyIdentifier(det.certificate, det.keyId); - SignatureVerification verification = new SignatureVerification(det.signature, identifier); - if (det.valid) { - resultBuilder.addVerifiedDetachedSignature(verification); - } else { - resultBuilder.addInvalidDetachedSignature(verification, new SignatureValidationException("Incorrect signature.")); - } + for (SignatureVerification.Failure rejected : m.getRejectedInlineSignatures()) { + resultBuilder.addInvalidInbandSignature(rejected.getSignatureVerification(), rejected.getValidationException()); } return resultBuilder.build(); diff --git a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStreamTest.java b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStreamTest.java index 87ae27f8..a8969047 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStreamTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStreamTest.java @@ -332,8 +332,8 @@ public class OpenPgpMessageInputStreamTest { assertEquals("", metadata.getFilename()); JUtils.assertDateEquals(new Date(0L), metadata.getModificationDate()); assertEquals(StreamEncoding.BINARY, metadata.getFormat()); - assertTrue(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertTrue(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } @ParameterizedTest(name = "Process LIT LIT using {0}") @@ -352,8 +352,8 @@ public class OpenPgpMessageInputStreamTest { assertEquals(PLAINTEXT, plain); MessageMetadata metadata = result.getB(); assertEquals(CompressionAlgorithm.ZIP, metadata.getCompressionAlgorithm()); - assertTrue(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertTrue(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } @ParameterizedTest(name = "Process COMP using {0}") @@ -377,8 +377,8 @@ public class OpenPgpMessageInputStreamTest { assertEquals(CompressionAlgorithm.BZIP2, compressionAlgorithms.next()); assertFalse(compressionAlgorithms.hasNext()); assertNull(metadata.getEncryptionAlgorithm()); - assertTrue(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertTrue(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } @ParameterizedTest(name = "Process SIG COMP(LIT) using {0}") @@ -395,8 +395,8 @@ public class OpenPgpMessageInputStreamTest { MessageMetadata metadata = result.getB(); assertEquals(CompressionAlgorithm.ZIP, metadata.getCompressionAlgorithm()); assertNull(metadata.getEncryptionAlgorithm()); - assertFalse(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertFalse(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } @ParameterizedTest(name = "Process SENC(LIT) using {0}") @@ -410,8 +410,8 @@ public class OpenPgpMessageInputStreamTest { MessageMetadata metadata = result.getB(); assertNull(metadata.getCompressionAlgorithm()); assertEquals(SymmetricKeyAlgorithm.AES_256, metadata.getEncryptionAlgorithm()); - assertTrue(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertTrue(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } @ParameterizedTest(name = "Process PENC(COMP(LIT)) using {0}") @@ -426,8 +426,8 @@ public class OpenPgpMessageInputStreamTest { MessageMetadata metadata = result.getB(); assertEquals(CompressionAlgorithm.ZLIB, metadata.getCompressionAlgorithm()); assertEquals(SymmetricKeyAlgorithm.AES_256, metadata.getEncryptionAlgorithm()); - assertTrue(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertTrue(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } @ParameterizedTest(name = "Process OPS LIT SIG using {0}") @@ -442,8 +442,8 @@ public class OpenPgpMessageInputStreamTest { MessageMetadata metadata = result.getB(); assertNull(metadata.getEncryptionAlgorithm()); assertNull(metadata.getCompressionAlgorithm()); - assertFalse(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertFalse(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } String BOB_KEY = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + @@ -579,8 +579,8 @@ public class OpenPgpMessageInputStreamTest { MessageMetadata metadata = result.getB(); assertEquals(SymmetricKeyAlgorithm.AES_256, metadata.getEncryptionAlgorithm()); assertNull(metadata.getCompressionAlgorithm()); - assertFalse(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertFalse(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } @ParameterizedTest(name = "Process PENC(OPS OPS OPS LIT SIG SIG SIG) using {0}") @@ -644,8 +644,8 @@ public class OpenPgpMessageInputStreamTest { MessageMetadata metadata = result.getB(); assertEquals(SymmetricKeyAlgorithm.AES_256, metadata.getEncryptionAlgorithm()); assertNull(metadata.getCompressionAlgorithm()); - assertFalse(metadata.getVerifiedSignatures().isEmpty()); - assertTrue(metadata.getRejectedSignatures().isEmpty()); + assertFalse(metadata.getVerifiedInlineSignatures().isEmpty()); + assertTrue(metadata.getRejectedInlineSignatures().isEmpty()); } private static Tuple processReadBuffered(String armoredMessage, ConsumerOptions options)