mirror of
https://github.com/pgpainless/pgpainless.git
synced 2025-09-10 18:59:39 +02:00
Add OpenPgpMetadata.isCleartextSigned and use it in sop to determine if message was cleartext signed
This commit is contained in:
parent
5375cd454f
commit
75455f1a3c
GPG key ID:
62BEE9264BF17311
8 changed files with 88 additions and 54 deletions
|
|
@ -16,16 +16,15 @@ import org.bouncycastle.openpgp.PGPException;
|
|||
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
||||
import org.bouncycastle.openpgp.PGPSignature;
|
||||
import org.bouncycastle.util.io.Streams;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||
import org.pgpainless.decryption_verification.ConsumerOptions;
|
||||
import org.pgpainless.decryption_verification.DecryptionStream;
|
||||
import org.pgpainless.decryption_verification.OpenPgpMetadata;
|
||||
import org.pgpainless.decryption_verification.SignatureVerification;
|
||||
import org.pgpainless.exception.MissingDecryptionMethodException;
|
||||
import org.pgpainless.exception.WrongPassphraseException;
|
||||
import org.pgpainless.key.SubkeyIdentifier;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
import sop.DecryptionResult;
|
||||
import sop.ReadyWithResult;
|
||||
|
|
@ -151,12 +150,8 @@ public class DecryptImpl implements Decrypt {
|
|||
OpenPgpMetadata metadata = decryptionStream.getResult();
|
||||
|
||||
List<Verification> verificationList = new ArrayList<>();
|
||||
for (SubkeyIdentifier verifiedSigningKey : metadata.getVerifiedSignatures().keySet()) {
|
||||
PGPSignature signature = metadata.getVerifiedSignatures().get(verifiedSigningKey);
|
||||
verificationList.add(new Verification(
|
||||
signature.getCreationTime(),
|
||||
verifiedSigningKey.getSubkeyFingerprint().toString(),
|
||||
verifiedSigningKey.getPrimaryKeyFingerprint().toString()));
|
||||
for (SignatureVerification signatureVerification : metadata.getVerifiedInbandSignatures()) {
|
||||
verificationList.add(map(signatureVerification));
|
||||
}
|
||||
|
||||
if (!consumerOptions.getCertificates().isEmpty()) {
|
||||
|
|
@ -178,4 +173,10 @@ public class DecryptImpl implements Decrypt {
|
|||
}
|
||||
};
|
||||
}
|
||||
|
||||
private Verification map(SignatureVerification sigVerification) {
|
||||
return new Verification(sigVerification.getSignature().getCreationTime(),
|
||||
sigVerification.getSigningKey().getSubkeyFingerprint().toString(),
|
||||
sigVerification.getSigningKey().getPrimaryKeyFingerprint().toString());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,13 +12,12 @@ import java.util.List;
|
|||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
||||
import org.bouncycastle.openpgp.PGPSignature;
|
||||
import org.bouncycastle.util.io.Streams;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.decryption_verification.ConsumerOptions;
|
||||
import org.pgpainless.decryption_verification.DecryptionStream;
|
||||
import org.pgpainless.decryption_verification.OpenPgpMetadata;
|
||||
import org.pgpainless.key.SubkeyIdentifier;
|
||||
import org.pgpainless.decryption_verification.SignatureVerification;
|
||||
import sop.Verification;
|
||||
import sop.exception.SOPGPException;
|
||||
import sop.operation.DetachedVerify;
|
||||
|
|
@ -75,12 +74,8 @@ public class DetachedVerifyImpl implements DetachedVerify {
|
|||
OpenPgpMetadata metadata = decryptionStream.getResult();
|
||||
List<Verification> verificationList = new ArrayList<>();
|
||||
|
||||
for (SubkeyIdentifier verifiedSigningKey : metadata.getVerifiedSignatures().keySet()) {
|
||||
PGPSignature signature = metadata.getVerifiedSignatures().get(verifiedSigningKey);
|
||||
verificationList.add(new Verification(
|
||||
signature.getCreationTime(),
|
||||
verifiedSigningKey.getSubkeyFingerprint().toString(),
|
||||
verifiedSigningKey.getPrimaryKeyFingerprint().toString()));
|
||||
for (SignatureVerification signatureVerification : metadata.getVerifiedDetachedSignatures()) {
|
||||
verificationList.add(map(signatureVerification));
|
||||
}
|
||||
|
||||
if (!options.getCertificates().isEmpty()) {
|
||||
|
|
@ -94,4 +89,10 @@ public class DetachedVerifyImpl implements DetachedVerify {
|
|||
throw new SOPGPException.BadData(e);
|
||||
}
|
||||
}
|
||||
|
||||
private Verification map(SignatureVerification sigVerification) {
|
||||
return new Verification(sigVerification.getSignature().getCreationTime(),
|
||||
sigVerification.getSigningKey().getSubkeyFingerprint().toString(),
|
||||
sigVerification.getSigningKey().getPrimaryKeyFingerprint().toString());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,20 +4,6 @@
|
|||
|
||||
package org.pgpainless.sop;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
||||
import org.bouncycastle.openpgp.PGPSignature;
|
||||
import org.bouncycastle.util.io.Streams;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.decryption_verification.ConsumerOptions;
|
||||
import org.pgpainless.decryption_verification.DecryptionStream;
|
||||
import org.pgpainless.decryption_verification.OpenPgpMetadata;
|
||||
import org.pgpainless.key.SubkeyIdentifier;
|
||||
import sop.ReadyWithResult;
|
||||
import sop.Verification;
|
||||
import sop.exception.SOPGPException;
|
||||
import sop.operation.InlineVerify;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
|
@ -25,6 +11,19 @@ import java.util.ArrayList;
|
|||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
||||
import org.bouncycastle.util.io.Streams;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.decryption_verification.ConsumerOptions;
|
||||
import org.pgpainless.decryption_verification.DecryptionStream;
|
||||
import org.pgpainless.decryption_verification.OpenPgpMetadata;
|
||||
import org.pgpainless.decryption_verification.SignatureVerification;
|
||||
import sop.ReadyWithResult;
|
||||
import sop.Verification;
|
||||
import sop.exception.SOPGPException;
|
||||
import sop.operation.InlineVerify;
|
||||
|
||||
public class InlineVerifyImpl implements InlineVerify {
|
||||
|
||||
private final ConsumerOptions options = new ConsumerOptions();
|
||||
|
|
@ -70,12 +69,12 @@ public class InlineVerifyImpl implements InlineVerify {
|
|||
OpenPgpMetadata metadata = decryptionStream.getResult();
|
||||
List<Verification> verificationList = new ArrayList<>();
|
||||
|
||||
for (SubkeyIdentifier verifiedSigningKey : metadata.getVerifiedSignatures().keySet()) {
|
||||
PGPSignature signature = metadata.getVerifiedSignatures().get(verifiedSigningKey);
|
||||
verificationList.add(new Verification(
|
||||
signature.getCreationTime(),
|
||||
verifiedSigningKey.getSubkeyFingerprint().toString(),
|
||||
verifiedSigningKey.getPrimaryKeyFingerprint().toString()));
|
||||
List<SignatureVerification> verifications = metadata.isCleartextSigned() ?
|
||||
metadata.getVerifiedDetachedSignatures() :
|
||||
metadata.getVerifiedInbandSignatures();
|
||||
|
||||
for (SignatureVerification signatureVerification : verifications) {
|
||||
verificationList.add(map(signatureVerification));
|
||||
}
|
||||
|
||||
if (!options.getCertificates().isEmpty()) {
|
||||
|
|
@ -91,4 +90,10 @@ public class InlineVerifyImpl implements InlineVerify {
|
|||
}
|
||||
};
|
||||
}
|
||||
|
||||
private Verification map(SignatureVerification sigVerification) {
|
||||
return new Verification(sigVerification.getSignature().getCreationTime(),
|
||||
sigVerification.getSigningKey().getSubkeyFingerprint().toString(),
|
||||
sigVerification.getSigningKey().getPrimaryKeyFingerprint().toString());
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue