From 8c25b59c8bc7ec780fc35ed2c2f5dbbeaab4a675 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Wed, 30 Aug 2023 14:36:54 +0200 Subject: [PATCH] Add missing utility methods to MessageMetadata class --- .../MessageMetadata.java | 83 +++++++++++-------- 1 file changed, 47 insertions(+), 36 deletions(-) diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java index 041a5437..1f7a5b03 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java +++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/MessageMetadata.java @@ -21,6 +21,7 @@ import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.authentication.CertificateAuthenticity; import org.pgpainless.authentication.CertificateAuthority; import org.pgpainless.exception.MalformedOpenPgpMessageException; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.SubkeyIdentifier; import org.pgpainless.util.SessionKey; @@ -35,42 +36,6 @@ public class MessageMetadata { this.message = message; } - /** - * Convert this {@link MessageMetadata} object into a legacy {@link OpenPgpMetadata} object. - * This method is intended to be used for a transition period between the 1.3 / 1.4+ branches. - * TODO: Remove in 1.6.X - * - * @return converted {@link OpenPgpMetadata} object - */ - public @Nonnull OpenPgpMetadata toLegacyMetadata() { - OpenPgpMetadata.Builder resultBuilder = OpenPgpMetadata.getBuilder(); - resultBuilder.setCompressionAlgorithm(getCompressionAlgorithm()); - resultBuilder.setModificationDate(getModificationDate()); - resultBuilder.setFileName(getFilename()); - resultBuilder.setFileEncoding(getLiteralDataEncoding()); - resultBuilder.setSessionKey(getSessionKey()); - resultBuilder.setDecryptionKey(getDecryptionKey()); - - for (SignatureVerification accepted : getVerifiedDetachedSignatures()) { - resultBuilder.addVerifiedDetachedSignature(accepted); - } - for (SignatureVerification.Failure rejected : getRejectedDetachedSignatures()) { - resultBuilder.addInvalidDetachedSignature(rejected.getSignatureVerification(), rejected.getValidationException()); - } - - for (SignatureVerification accepted : getVerifiedInlineSignatures()) { - resultBuilder.addVerifiedInbandSignature(accepted); - } - for (SignatureVerification.Failure rejected : getRejectedInlineSignatures()) { - resultBuilder.addInvalidInbandSignature(rejected.getSignatureVerification(), rejected.getValidationException()); - } - if (message.isCleartextSigned()) { - resultBuilder.setCleartextSigned(); - } - - return resultBuilder.build(); - } - public boolean isUsingCleartextSignatureFramework() { return message.isCleartextSigned(); } @@ -240,6 +205,28 @@ public class MessageMetadata { return isVerifiedInlineSignedBy(keys) || isVerifiedDetachedSignedBy(keys); } + /** + * Return true, if the message was verifiable signed by a certificate that either has the given fingerprint + * as primary key, or as the signing subkey. + * + * @param fingerprint fingerprint + * @return true if message was signed by a cert identified by the given fingerprint + */ + public boolean isVerifiedSignedBy(@Nonnull OpenPgpFingerprint fingerprint) { + List verifications = getVerifiedSignatures(); + for (SignatureVerification verification : verifications) { + if (verification.getSigningKey() == null) { + continue; + } + + if (fingerprint.equals(verification.getSigningKey().getPrimaryKeyFingerprint()) || + fingerprint.equals(verification.getSigningKey().getSubkeyFingerprint())) { + return true; + } + } + return false; + } + public List getVerifiedSignatures() { List allVerifiedSignatures = getVerifiedInlineSignatures(); allVerifiedSignatures.addAll(getVerifiedDetachedSignatures()); @@ -269,6 +256,30 @@ public class MessageMetadata { return message.getRejectedDetachedSignatures(); } + /** + * Return a list of all rejected signatures. + * + * @return rejected signatures + */ + public @Nonnull List getRejectedSignatures() { + List rejected = new ArrayList<>(); + rejected.addAll(getRejectedInlineSignatures()); + rejected.addAll(getRejectedDetachedSignatures()); + return rejected; + } + + public boolean hasRejectedSignatures() { + return !getRejectedSignatures().isEmpty(); + } + + /** + * Return true, if the message contains any (verified or rejected) signature. + * @return true if message has signature + */ + public boolean hasSignature() { + return isVerifiedSigned() || hasRejectedSignatures(); + } + public boolean isVerifiedInlineSignedBy(@Nonnull PGPKeyRing keys) { return containsSignatureBy(getVerifiedInlineSignatures(), keys); }