From be33206d038e8561720b24454d867e3e3ff9fadf Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Fri, 10 Jan 2020 15:57:15 +0100
Subject: [PATCH] Refactor SignatureVerifyingInputStream

---
 .../SignatureVerifyingInputStream.java        | 85 ++++++++++++-------
 1 file changed, 52 insertions(+), 33 deletions(-)

diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/SignatureVerifyingInputStream.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/SignatureVerifyingInputStream.java
index fd0f3217..eca2c75f 100644
--- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/SignatureVerifyingInputStream.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/SignatureVerifyingInputStream.java
@@ -67,12 +67,9 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
     }
 
     private void validateOnePassSignatures() throws IOException {
-
         if (validated) {
-            LOGGER.log(LEVEL, "Validated signatures already. Skip");
             return;
         }
-
         validated = true;
 
         if (onePassSignatures.isEmpty()) {
@@ -80,44 +77,20 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
             return;
         }
 
+        PGPSignatureList signatureList = findPgpSignatureList();
+
         try {
-            PGPSignatureList signatureList = null;
-            Object obj = objectFactory.nextObject();
-            while (obj !=  null && signatureList == null) {
-                if (obj instanceof PGPSignatureList) {
-                    signatureList = (PGPSignatureList) obj;
-                } else {
-                    obj = objectFactory.nextObject();
-                }
-            }
-
-            if (signatureList == null || signatureList.isEmpty()) {
-                throw new IOException("Verification failed - No Signatures found");
-            }
-
             for (PGPSignature signature : signatureList) {
                 resultBuilder.addSignature(signature);
-                OpenPgpV4Fingerprint fingerprint = null;
-                for (OpenPgpV4Fingerprint f : onePassSignatures.keySet()) {
-                    if (f.getKeyId() == signature.getKeyID()) {
-                        fingerprint = f;
-                        break;
-                    }
-                }
 
-                PGPOnePassSignature onePassSignature;
-                if (fingerprint == null || (onePassSignature = onePassSignatures.get(fingerprint)) == null) {
+                OpenPgpV4Fingerprint fingerprint = findFingerprintForSignature(signature);
+                PGPOnePassSignature onePassSignature = findOnePassSignature(fingerprint);
+                if (onePassSignature == null) {
                     LOGGER.log(LEVEL, "Found Signature without respective OnePassSignature packet -> skip");
                     continue;
                 }
 
-                if (!onePassSignature.verify(signature)) {
-                    throw new SignatureException("Bad Signature of key " + signature.getKeyID());
-                } else {
-                    LOGGER.log(LEVEL, "Verified signature of key " + Long.toHexString(signature.getKeyID()));
-                    resultBuilder.putVerifiedSignature(fingerprint, signature);
-                    resultBuilder.addVerifiedSignatureFingerprint(fingerprint);
-                }
+                verifySignatureOrThrowSignatureException(signature, fingerprint, onePassSignature);
             }
         } catch (PGPException | SignatureException e) {
             throw new IOException(e.getMessage(), e);
@@ -125,6 +98,52 @@ public class SignatureVerifyingInputStream extends FilterInputStream {
 
     }
 
+    private void verifySignatureOrThrowSignatureException(PGPSignature signature, OpenPgpV4Fingerprint fingerprint, PGPOnePassSignature onePassSignature) throws PGPException, SignatureException {
+        if (onePassSignature.verify(signature)) {
+            LOGGER.log(LEVEL, "Verified signature of key " + Long.toHexString(signature.getKeyID()));
+            resultBuilder.putVerifiedSignature(fingerprint, signature);
+            resultBuilder.addVerifiedSignatureFingerprint(fingerprint);
+        } else {
+            throw new SignatureException("Bad Signature of key " + signature.getKeyID());
+        }
+    }
+
+    private PGPOnePassSignature findOnePassSignature(OpenPgpV4Fingerprint fingerprint) {
+        if (fingerprint != null) {
+            return onePassSignatures.get(fingerprint);
+        }
+        return null;
+    }
+
+    private PGPSignatureList findPgpSignatureList() throws IOException {
+        PGPSignatureList signatureList = null;
+        Object pgpObject = objectFactory.nextObject();
+        while (pgpObject !=  null && signatureList == null) {
+            if (pgpObject instanceof PGPSignatureList) {
+                signatureList = (PGPSignatureList) pgpObject;
+            } else {
+                pgpObject = objectFactory.nextObject();
+            }
+        }
+
+        if (signatureList == null || signatureList.isEmpty()) {
+            throw new IOException("Verification failed - No Signatures found");
+        }
+
+        return signatureList;
+    }
+
+    private OpenPgpV4Fingerprint findFingerprintForSignature(PGPSignature signature) {
+        OpenPgpV4Fingerprint fingerprint = null;
+        for (OpenPgpV4Fingerprint f : onePassSignatures.keySet()) {
+            if (f.getKeyId() == signature.getKeyID()) {
+                fingerprint = f;
+                break;
+            }
+        }
+        return fingerprint;
+    }
+
     @Override
     public int read() throws IOException {
         final int data = super.read();