PGPainless/pgpainless
PGPainless
/
pgpainless
mirror of https://github.com/pgpainless/pgpainless.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add missing utility methods to MessageMetadata class

This commit is contained in:
Paul Schaub 2023-08-30 14:36:54 +02:00
parent 23f8777c34
commit 8c25b59c8b
Signed by: vanitasvitae
GPG Key ID: 62BEE9264BF17311
1 changed files with 47 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java
View File

@ -21,6 +21,7 @@ import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.authentication.CertificateAuthenticity;
import org.pgpainless.authentication.CertificateAuthority;
import org.pgpainless.exception.MalformedOpenPgpMessageException;
import org.pgpainless.key.OpenPgpFingerprint;
import org.pgpainless.key.SubkeyIdentifier;
import org.pgpainless.util.SessionKey;
@ -35,42 +36,6 @@ public class MessageMetadata {
this.message = message;
}
/**
* Convert this {@link MessageMetadata} object into a legacy {@link OpenPgpMetadata} object.
* This method is intended to be used for a transition period between the 1.3 / 1.4+ branches.
* TODO: Remove in 1.6.X
*
* @return converted {@link OpenPgpMetadata} object
*/
public @Nonnull OpenPgpMetadata toLegacyMetadata() {
OpenPgpMetadata.Builder resultBuilder = OpenPgpMetadata.getBuilder();
resultBuilder.setCompressionAlgorithm(getCompressionAlgorithm());
resultBuilder.setModificationDate(getModificationDate());
resultBuilder.setFileName(getFilename());
resultBuilder.setFileEncoding(getLiteralDataEncoding());
resultBuilder.setSessionKey(getSessionKey());
resultBuilder.setDecryptionKey(getDecryptionKey());
for (SignatureVerification accepted : getVerifiedDetachedSignatures()) {
resultBuilder.addVerifiedDetachedSignature(accepted);
}
for (SignatureVerification.Failure rejected : getRejectedDetachedSignatures()) {
resultBuilder.addInvalidDetachedSignature(rejected.getSignatureVerification(), rejected.getValidationException());
}
for (SignatureVerification accepted : getVerifiedInlineSignatures()) {
resultBuilder.addVerifiedInbandSignature(accepted);
}
for (SignatureVerification.Failure rejected : getRejectedInlineSignatures()) {
resultBuilder.addInvalidInbandSignature(rejected.getSignatureVerification(), rejected.getValidationException());
}
if (message.isCleartextSigned()) {
resultBuilder.setCleartextSigned();
}
return resultBuilder.build();
}
public boolean isUsingCleartextSignatureFramework() {
return message.isCleartextSigned();
}
@ -240,6 +205,28 @@ public class MessageMetadata {
return isVerifiedInlineSignedBy(keys) || isVerifiedDetachedSignedBy(keys);
}
/**
* Return true, if the message was verifiable signed by a certificate that either has the given fingerprint
* as primary key, or as the signing subkey.
*
* @param fingerprint fingerprint
* @return true if message was signed by a cert identified by the given fingerprint
*/
public boolean isVerifiedSignedBy(@Nonnull OpenPgpFingerprint fingerprint) {
List<SignatureVerification> verifications = getVerifiedSignatures();
for (SignatureVerification verification : verifications) {
if (verification.getSigningKey() == null) {
continue;
}
if (fingerprint.equals(verification.getSigningKey().getPrimaryKeyFingerprint()) ||
fingerprint.equals(verification.getSigningKey().getSubkeyFingerprint())) {
return true;
}
}
return false;
}
public List<SignatureVerification> getVerifiedSignatures() {
List<SignatureVerification> allVerifiedSignatures = getVerifiedInlineSignatures();
allVerifiedSignatures.addAll(getVerifiedDetachedSignatures());
@ -269,6 +256,30 @@ public class MessageMetadata {
return message.getRejectedDetachedSignatures();
}
/**
* Return a list of all rejected signatures.
*
* @return rejected signatures
*/
public @Nonnull List<SignatureVerification.Failure> getRejectedSignatures() {
List<SignatureVerification.Failure> rejected = new ArrayList<>();
rejected.addAll(getRejectedInlineSignatures());
rejected.addAll(getRejectedDetachedSignatures());
return rejected;
}
public boolean hasRejectedSignatures() {
return !getRejectedSignatures().isEmpty();
}
/**
* Return true, if the message contains any (verified or rejected) signature.
* @return true if message has signature
*/
public boolean hasSignature() {
return isVerifiedSigned() || hasRejectedSignatures();
}
public boolean isVerifiedInlineSignedBy(@Nonnull PGPKeyRing keys) {
return containsSignatureBy(getVerifiedInlineSignatures(), keys);
}