Clean up code

2025-09-09 18:29:39 +02:00 · 2021-12-28 12:18:17 +01:00 · 2021-12-28 12:18:17 +01:00 · e96d668ee2
commit e96d668ee2
parent 6eac50c5b5
6 changed files with 11 additions and 41 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/policy/Policy.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/policy/Policy.java
@ -294,7 +294,7 @@ public final class Policy {
        }

        /**
-         * Return true if the the given hash algorithm is acceptable by this policy.
+         * Return true if the given hash algorithm is acceptable by this policy.
         *
         * @param hashAlgorithm hash algorithm
         * @return true if the hash algorithm is acceptable, false otherwise
--- a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureValidator.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureValidator.java
@ -213,8 +213,8 @@ public abstract class SignatureValidator {
     * @return policy
     */
    private static Policy.HashAlgorithmPolicy getHashAlgorithmPolicyForSignature(PGPSignature signature, Policy policy) {
-        Policy.HashAlgorithmPolicy hashAlgorithmPolicy = null;
        SignatureType type = SignatureType.valueOf(signature.getSignatureType());
+        Policy.HashAlgorithmPolicy hashAlgorithmPolicy;
        if (type == SignatureType.CERTIFICATION_REVOCATION || type == SignatureType.KEY_REVOCATION || type == SignatureType.SUBKEY_REVOCATION) {
            hashAlgorithmPolicy = policy.getRevocationSignatureHashAlgorithmPolicy();
        } else {
@ -385,21 +385,6 @@ public abstract class SignatureValidator {
        return new SignatureValidator() {
            @Override
            public void verify(PGPSignature signature) throws SignatureValidationException {
-                // TODO: Uncommenting the code below would mean that fake issuers would become a problem for sig verification
-                /*
-                long keyId = signature.getKeyID();
-                if (keyId == 0) {
-                    OpenPgpV4Fingerprint fingerprint = SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpV4Fingerprint(signature);
-                    if (fingerprint == null) {
-                        throw new SignatureValidationException("Signature does not contain an issuer-id, neither an issuer-fingerprint subpacket.");
-                    }
-                    keyId = fingerprint.getKeyId();
-                }
-                if (keyId != key.getKeyID()) {
-                    throw new IllegalArgumentException("Signature was not created using key " + Long.toHexString(key.getKeyID()));
-                }
-                 */
-
                Date keyCreationTime = key.getCreationTime();
                Date signatureCreationTime = signature.getCreationTime();

@ -505,7 +490,7 @@ public abstract class SignatureValidator {
            public void verify(PGPSignature signature) throws SignatureValidationException {
                try {
                    signature.init(ImplementationFactory.getInstance().getPGPContentVerifierBuilderProvider(), signer);
-                    boolean valid = false;
+                    boolean valid;
                    if (signer.getKeyID() != signee.getKeyID()) {
                        valid = signature.verifyCertification(signer, signee);
                    } else {