PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-18 02:12:06 +01:00
Code Issues Releases Wiki Activity

Add isAuthenticatablySignedBy() to MessageMetadata

Browse source
This commit is contained in:
Paul Schaub 2023-07-21 17:30:11 +02:00
parent 44690d063c
commit 6ac019a420
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 35 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

35
pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java
View file

@ -18,6 +18,8 @@ import org.bouncycastle.openpgp.PGPPublicKey;
import org.pgpainless.algorithm.CompressionAlgorithm; import org.pgpainless.algorithm.CompressionAlgorithm;
import org.pgpainless.algorithm.StreamEncoding; import org.pgpainless.algorithm.StreamEncoding;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.authentication.CertificateAuthenticity;
import org.pgpainless.authentication.CertificateAuthority;
import org.pgpainless.exception.MalformedOpenPgpMessageException; import org.pgpainless.exception.MalformedOpenPgpMessageException;
import org.pgpainless.key.SubkeyIdentifier; import org.pgpainless.key.SubkeyIdentifier;
import org.pgpainless.util.SessionKey; import org.pgpainless.util.SessionKey;
@ -92,6 +94,39 @@ public class MessageMetadata {
return false; return false;
} }
/**
* Return true, if the message was signed by a certificate for which we can authenticate a binding to the given userId.
*
* @param userId userId
* @param email if true, treat the user-id as an email address and match all userIDs containing this address
* @param certificateAuthority certificate authority
* @return true, if we can authenticate a binding for a signing key with sufficient evidence
*/
public boolean isAuthenticatablySignedBy(String userId, boolean email, CertificateAuthority certificateAuthority) {
return isAuthenticatablySignedBy(userId, email, certificateAuthority, 120);
}
/**
* Return true, if the message was signed by a certificate for which we can authenticate a binding to the given userId.
*
* @param userId userId
* @param email if true, treat the user-id as an email address and match all userIDs containing this address
* @param certificateAuthority certificate authority
* @param targetAmount target trust amount
* @return true, if we can authenticate a binding for a signing key with sufficient evidence
*/
public boolean isAuthenticatablySignedBy(String userId, boolean email, CertificateAuthority certificateAuthority, int targetAmount) {
for (SignatureVerification verification : getVerifiedSignatures()) {
CertificateAuthenticity authenticity = certificateAuthority.authenticateBinding(
verification.getSigningKey().getFingerprint(), userId, email,
verification.getSignature().getCreationTime(), targetAmount);
if (authenticity.isAuthenticated()) {
return true;
}
}
return false;
}
/** /**
* Return a list containing all recipient keyIDs. * Return a list containing all recipient keyIDs.
* *