verify/decryptMessage: rename verified to verificationStatus

larabr · larabr · commit 94697fd6ce92 · 2025-02-28T15:11:06.000+01:00
To avoid confusing it with a boolean value (leading to e.g. `if (verified)`)
diff --git a/README.md b/README.md
@@ -55,7 +55,7 @@ To decrypt and verify (non-streamed input):
 const senderPublicKey = await readKey(...);
 const recipientPrivateKey = await decryptKey(...);
 
-const { data: decryptedData, verified } = await decryptMessage({
+const { data: decryptedData, verificationStatus } = await decryptMessage({
   message: await readMessage({ armoredMessage }), // or `binaryMessage`
   encryptedSignature: await readMessage({ armoredMessage: armoredEncryptedSignature })
   decryptionKeys: recipientPrivateKey // and/or 'passwords'
@@ -71,14 +71,14 @@ if (!globalThis.TransformStream) {
   await import('web-streams-polyfill/es6');
 }
 
-const { data: dataStream, verified: verifiedPromise } = await decryptMessage({
+const { data: dataStream, verificationStatus: verifiedPromise } = await decryptMessage({
   message: await readMessage({ armoredMessage: streamedArmoredMessage }),
   ... // other options
 });
 
 // you need to read `dataStream` before resolving `verifiedPromise`, even if you do not need the decrypted data
 const decryptedData = await readToEnd(dataStream);
-const verificationStatus = await verified;
+const verificationStatus = await verificationStatus;
 ```
 </details>
 
diff --git a/lib/message/decrypt.js b/lib/message/decrypt.js
@@ -38,20 +38,20 @@ export default async function decryptMessage({
         const decryptionResult = await decrypt(sanitizedOptions);
         const verificationResult = handleVerificationResult(decryptionResult, signatureContext, options.expectSigned);
 
-        let verified = verificationResult.then((result) => result.verified);
+        let verificationStatus = verificationResult.then((result) => result.verificationStatus);
         let verifiedSignatures = verificationResult.then((result) => result.signatures);
         let verificationErrors = verificationResult.then((result) => result.errors);
 
         if (!isStream(decryptionResult.data)) {
-            verified = await verified;
+            verificationStatus = await verificationStatus;
             verifiedSignatures = await verifiedSignatures;
             verificationErrors = await verificationErrors;
         }
 
         return {
             data: decryptionResult.data,
             filename: decryptionResult.filename,
-            verified,
+            verificationStatus,
             signatures: verifiedSignatures,
             verificationErrors
         };
diff --git a/lib/message/processMIME.ts b/lib/message/processMIME.ts
@@ -31,23 +31,23 @@ const verifySignature = async (
     const [contentType] = headers['content-type'] || [''];
     const [baseContentType] = contentType.split(';');
     if (baseContentType.toLowerCase() !== 'multipart/signed') {
-        return { subdata: data, verified: 0, signatures: [] };
+        return { subdata: data, verificationStatus: VERIFICATION_STATUS.NOT_SIGNED, signatures: [] };
     }
     const [, rawboundary] = /boundary\s*=\s*([^;]*)\s*(;|$)/gi.exec(contentType) || [];
     if (!rawboundary) {
-        return { subdata: data, verified: 0, signatures: [] };
+        return { subdata: data, verificationStatus: VERIFICATION_STATUS.NOT_SIGNED, signatures: [] };
     }
     const boundary = rawboundary[0] === '"' ? JSON.parse(rawboundary) || rawboundary : rawboundary;
     const [mainPart] = data.split(`\n--${boundary}--\n`);
     const parts = mainPart.split(`\n--${boundary}\n`);
     if (parts.length < 3) {
-        return { subdata: data, verified: 0, signatures: [] };
+        return { subdata: data, verificationStatus: VERIFICATION_STATUS.NOT_SIGNED, signatures: [] };
     }
     const { attachments: [sigAttachment] = [] } = await parseMail(parts[2].trim());
 
     const { contentType: sigAttachmentContentType = '', content: sigAttachmentContent = new Uint8Array() } = sigAttachment || {};
     if (sigAttachmentContentType.toLowerCase() !== 'application/pgp-signature') {
-        return { subdata: data, verified: 0, signatures: [] };
+        return { subdata: data, verificationStatus: VERIFICATION_STATUS.NOT_SIGNED, signatures: [] };
     }
     const sigData = utf8ArrayToString(sigAttachmentContent);
 
@@ -57,14 +57,14 @@ const verifySignature = async (
     } catch {
         // sigData will be returned as attachment by `parse`
         console.error('Failed to read signature over MIME message');
-        return { subdata: data, verified: 0, signatures: [] };
+        return { subdata: data, verificationStatus: VERIFICATION_STATUS.NOT_SIGNED, signatures: [] };
     }
 
     const body = parts[1];
 
     const {
         data: subdata,
-        verified,
+        verificationStatus,
         signatures
     } = await verifyMessage({
         // The body is to be treated as CleartextMessage, see https://github.com/openpgpjs/openpgpjs/pull/1265#issue-830304843
@@ -74,25 +74,25 @@ const verifySignature = async (
         signature
     });
 
-    return { subdata, verified, signatures };
+    return { subdata, verificationStatus, signatures };
 };
 
 /**
  * This function parses MIME format into attachments, content, encryptedSubject. The attachment automatically
- * inherit the verified status from the message verified status, as they are included in the body. For more
+ * inherit the verification status from the message verification status, as they are included in the body. For more
  * information see: https://tools.ietf.org/html/rfc2045, https://tools.ietf.org/html/rfc2046 and
  * https://tools.ietf.org/html/rfc2387.
  * @param options
  * @param options.headerFilename - The file name a memoryhole header should have
  * @param options.sender - the address of the sender of this message
  * @param content - mail content to parse
- * @param verified
+ * @param verificationStatus
  * @param signatures
  */
 const parse = async (
     { headerFilename = 'Encrypted Headers.txt', sender = '' },
     mailContent = '',
-    verified = VERIFICATION_STATUS.NOT_SIGNED,
+    verificationStatus = VERIFICATION_STATUS.NOT_SIGNED,
     signatures: OpenPGPSignature[] = []
 ): Promise<ProcessMIMEResult> => {
     // cf. https://github.com/autocrypt/memoryhole subject can be in the MIME headers
@@ -148,7 +148,7 @@ const parse = async (
         return {
             body: html,
             attachments,
-            verified,
+            verificationStatus,
             encryptedSubject,
             mimeType: 'text/html',
             signatures
@@ -158,7 +158,7 @@ const parse = async (
         return {
             body: text,
             attachments,
-            verified,
+            verificationStatus,
             encryptedSubject,
             mimeType: 'text/plain',
             signatures
@@ -168,7 +168,7 @@ const parse = async (
         return {
             body: '',
             attachments,
-            verified,
+            verificationStatus,
             encryptedSubject,
             mimeType: undefined,
             signatures
@@ -188,7 +188,7 @@ export interface ProcessMIMEOptions {
 export interface ProcessMIMEResult {
     body: string,
     attachments: MIMEAttachment[],
-    verified: VERIFICATION_STATUS,
+    verificationStatus: VERIFICATION_STATUS,
     encryptedSubject: string,
     mimeType?: 'text/html' | 'text/plain',
     signatures: OpenPGPSignature[]
@@ -203,7 +203,7 @@ export interface ProcessMIMEResult {
  * @param options.sender - the address of the sender of this message
  */
 export default async function processMIME({ data, ...options }: ProcessMIMEOptions): Promise<ProcessMIMEResult> {
-    const { subdata, verified, signatures } = await verifySignature(options, data);
+    const { subdata, verificationStatus, signatures } = await verifySignature(options, data);
 
-    return parse(options, subdata, verified, signatures);
+    return parse(options, subdata, verificationStatus, signatures);
 }
diff --git a/lib/message/verify.d.ts b/lib/message/verify.d.ts
@@ -8,6 +8,7 @@ import type {
 } from '../openpgp';
 import type { VERIFICATION_STATUS } from '../constants';
 import type { ContextVerificationOptions } from './context';
+import type { MaybeWebStream } from '../pmcrypto';
 
 // Streaming not supported when verifying detached signatures
 export interface VerifyOptionsPmcrypto<T extends Data> extends Omit<VerifyOptions, 'message'> {
@@ -19,7 +20,7 @@ export interface VerifyOptionsPmcrypto<T extends Data> extends Omit<VerifyOption
 
 export interface VerifyMessageResult<DataType extends openpgp_VerifyMessageResult['data'] = Data> {
     data: DataType;
-    verified: VERIFICATION_STATUS;
+    verificationStatus: VERIFICATION_STATUS;
     signatures: OpenPGPSignature[];
     signatureTimestamp: Date | null;
     errors?: Error[];
@@ -33,7 +34,7 @@ export function verifyMessage<DataType extends Data, FormatType extends VerifyOp
         VerifyMessageResult<Uint8Array> :
     never
 >;
-export function handleVerificationResult<DataType extends Data>(
+export function handleVerificationResult<DataType extends MaybeWebStream<Data>>(
     verificationResult: openpgp_VerifyMessageResult<DataType>,
     signatureContext?: ContextVerificationOptions,
     expectSigned?: boolean
diff --git a/lib/message/verify.js b/lib/message/verify.js
@@ -21,7 +21,7 @@ const { NOT_SIGNED, SIGNED_AND_VALID, SIGNED_AND_INVALID } = VERIFICATION_STATUS
  * @param {Boolean} expectSigned - whether a valid signature is expected; it causes the function to throw otherwise
  * @returns {{
  *     data: Uint8Array|string|ReadableStream|NodeStream - message data,
- *     verified: constants.VERIFICATION_STATUS - message verification status,
+ *     verificationStatus: constants.VERIFICATION_STATUS - message verification status,
  *     signatures: openpgp.signature.Signature[] - message signatures,
  *     signatureTimestamp: Date|null - creation date of the first valid message signature, or null if all signatures are missing or invalid,
  *     errors: Error[]|undefined - verification errors if all signatures are invalid
@@ -71,7 +71,7 @@ export async function handleVerificationResult(verificationResult, signatureCont
 
     return {
         data,
-        verified: verificationStatus,
+        verificationStatus,
         signatures,
         signatureTimestamp,
         errors: verificationStatus === SIGNED_AND_INVALID ? errors : undefined
@@ -87,7 +87,7 @@ export async function handleVerificationResult(verificationResult, signatureCont
  *
  * @returns {Promise<Object>}  Verification result in the form: {
  *     data: Uint8Array|string|ReadableStream - message data,
- *     verified: constants.VERIFICATION_STATUS - message verification status,
+ *     verificationStatus: VERIFICATION_STATUS - message verification status,
  *     signatures: openpgp.Signature[] - message signatures,
  *     signatureTimestamp: Date|null - creation date of the first valid message signature, or null if all signatures are missing or invalid,
  *     errors: Error[]|undefined - verification errors if all signatures are invalid
@@ -124,7 +124,7 @@ export async function verifyMessage({
  *
  * @returns {Promise<Object>}  Verification result in the form: {
  *     data: Uint8Array|string|ReadableStream - message data,
- *     verified: constants.VERIFICATION_STATUS - message verification status,
+ *     verificationStatus: VERIFICATION_STATUS - message verification status,
  *     signatures: openpgp.Signature[] - message signatures,
  *     signatureTimestamp: Date|null - creation date of the first valid message signature, or null if all signatures are missing or invalid,
  *     errors: Error[]|undefined - verification errors if all signatures are invalid
diff --git a/lib/pmcrypto.d.ts b/lib/pmcrypto.d.ts
@@ -77,7 +77,7 @@ export interface DecryptResultPmcrypto<DataType extends openpgp_DecryptMessageRe
     data: DataType;
     signatures: DataType extends WebStream<Data> ? Promise<OpenPGPSignature[]> : OpenPGPSignature[];
     filename: string;
-    verified: DataType extends WebStream<Data> ? Promise<VERIFICATION_STATUS> : VERIFICATION_STATUS;
+    verificationStatus: DataType extends WebStream<Data> ? Promise<VERIFICATION_STATUS> : VERIFICATION_STATUS;
     verificationErrors?: DataType extends WebStream<Data> ? Promise<Error[]> : Error[];
 }
 
diff --git a/test/config.spec.ts b/test/config.spec.ts
@@ -94,11 +94,11 @@ EoSmib14fiYL0eQTz4I1XJ9OCVVZcaoFZzKnlQc=
         const key = await readKey({ armoredKey: oldReformattedKey });
 
         // since the key is valid at the current time, the message should be verifiable if the `config` allows it
-        const { verified } = await verifyMessage({
+        const { verificationStatus } = await verifyMessage({
             textData: 'plaintext',
             signature: await readSignature({ armoredSignature }),
             verificationKeys: key
         });
-        expect(verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
     });
 });
diff --git a/test/message/context.spec.ts b/test/message/context.spec.ts
@@ -49,9 +49,9 @@ describe('context', () => {
             verificationKeys: [publicKey]
         });
 
-        expect(verificationValidContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
-        expect(verificationWrongContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
-        expect(verificationMissingContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(verificationValidContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(verificationWrongContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(verificationMissingContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
         // check errors
         expect(verificationValidContext.errors).to.be.undefined;
         expect(verificationWrongContext.errors).to.have.length(1);
@@ -101,10 +101,10 @@ describe('context', () => {
             verificationKeys: [publicKey]
         });
 
-        expect(verificationValidContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
-        expect(verificationWrongContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
-        expect(verificationWrongContextNotRequired.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
-        expect(verificationMissingContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(verificationValidContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(verificationWrongContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(verificationWrongContextNotRequired.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(verificationMissingContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
         // check errors
         expect(verificationValidContext.errors).to.be.undefined;
         expect(verificationWrongContext.errors).to.have.length(1);
@@ -147,9 +147,9 @@ describe('context', () => {
             verificationKeys: publicKey
         });
 
-        expect(decryptionValidContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
-        expect(decryptionWrongContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
-        expect(decryptionMissingContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(decryptionValidContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(decryptionWrongContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(decryptionMissingContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
         // check errors
         expect(decryptionValidContext.verificationErrors).to.be.undefined;
         expect(decryptionWrongContext.verificationErrors).to.have.length(1);
@@ -195,9 +195,9 @@ describe('context', () => {
             verificationKeys: publicKey
         });
 
-        expect(decryptionValidContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
-        expect(decryptionWrongContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
-        expect(decryptionMissingContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(decryptionValidContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(decryptionWrongContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(decryptionMissingContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
         // check errors
         expect(decryptionValidContext.verificationErrors).to.be.undefined;
         expect(decryptionWrongContext.verificationErrors).to.have.length(1);
@@ -256,8 +256,8 @@ sJFJxllC0j4wHCOS9uiSYsZ/pWCqxX/3sFh4VBFOpr0HAA==
             signatureContext: { value: 'test-context', required: false }
         });
 
-        expect(verificationExpectedContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
-        expect(verificationNoExpectedContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(verificationExpectedContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(verificationNoExpectedContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
 
         expect(verificationNoExpectedContext.errors).to.be.undefined;
         expect(verificationExpectedContext.errors).to.have.length(1);
@@ -295,8 +295,8 @@ sJFJxllC0j4wHCOS9uiSYsZ/pWCqxX/3sFh4VBFOpr0HAA==
             signatureContext: { value: 'test-context', requiredAfter: nextHour }
         });
 
-        expect(verificationExpectedContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
-        expect(verificationNoExpectedContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(verificationExpectedContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(verificationNoExpectedContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
 
         expect(verificationNoExpectedContext.errors).to.be.undefined;
         expect(verificationExpectedContext.errors).to.have.length(1);
@@ -343,7 +343,7 @@ sj39B18qvvnS11F+AAB7igEAqwmlDXMzeNNLc3skdyQWZoP0fPyI/ol7pMa+
             verificationKeys: publicKey
         });
 
-        expect(verificationWithContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
-        expect(verificationWithoutContext.verified).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
+        expect(verificationWithContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_INVALID);
+        expect(verificationWithoutContext.verificationStatus).to.equal(VERIFICATION_STATUS.SIGNED_AND_VALID);
     });
 });
diff --git a/test/message/encryptMessage.spec.ts b/test/message/encryptMessage.spec.ts
diff --git a/test/message/processMIME.spec.ts b/test/message/processMIME.spec.ts
diff --git a/test/message/signMessage.spec.ts b/test/message/signMessage.spec.ts
diff --git a/test/message/verifyMessage.spec.ts b/test/message/verifyMessage.spec.ts

Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ export interface DecryptResultPmcrypto<DataType extends openpgp_DecryptMessageRe`
`77`	`77`	`data: DataType;`
`78`	`78`	`signatures: DataType extends WebStream<Data> ? Promise<OpenPGPSignature[]> : OpenPGPSignature[];`
`79`	`79`	`filename: string;`
`80`		`- verified: DataType extends WebStream<Data> ? Promise<VERIFICATION_STATUS> : VERIFICATION_STATUS;`
	`80`	`+ verificationStatus: DataType extends WebStream<Data> ? Promise<VERIFICATION_STATUS> : VERIFICATION_STATUS;`
`81`	`81`	`verificationErrors?: DataType extends WebStream<Data> ? Promise<Error[]> : Error[];`
`82`	`82`	`}`
`83`	`83`