Add ConsumerOptions.setRequireValidDecryptionKey()

2023-04-07 13:37:37 +02:00 · 2023-04-07 13:37:37 +02:00 · 76b365a506
parent ed2c53f5d6
commit 76b365a506
2 changed files with 20 additions and 6 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/ConsumerOptions.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/ConsumerOptions.java
@ -37,6 +37,7 @@ import org.pgpainless.util.SessionKey;
 public class ConsumerOptions {

    private boolean ignoreMDCErrors = false;
+    private boolean requireValidDecryptionKey = true;
    private boolean forceNonOpenPgpData = false;

    private Date verifyNotBefore = null;
@ -391,6 +392,15 @@ public class ConsumerOptions {
        return ignoreMDCErrors;
    }

+    public ConsumerOptions setRequireValidDecryptionKey(boolean requireValidDecryptionKey) {
+        this.requireValidDecryptionKey = requireValidDecryptionKey;
+        return this;
+    }
+
+    boolean isRequireValidDecryptionKey() {
+        return requireValidDecryptionKey;
+    }
+
    /**
     * Force PGPainless to handle the data provided by the {@link InputStream} as non-OpenPGP data.
     * This workaround might come in handy if PGPainless accidentally mistakes the data for binary OpenPGP data.
--- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java
@ -691,15 +691,19 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
                continue;
            }

-            KeyRingInfo info = new KeyRingInfo(secretKeys, policy, new Date());
-            List<PGPPublicKey> encryptionKeys = info.getEncryptionSubkeys(EncryptionPurpose.ANY);
-            for (PGPPublicKey key : encryptionKeys) {
-                if (key.getKeyID() == keyID) {
-                    return secretKeys;
+            if (options.isRequireValidDecryptionKey()) {
+                KeyRingInfo info = new KeyRingInfo(secretKeys, policy, new Date());
+                List<PGPPublicKey> encryptionKeys = info.getEncryptionSubkeys(EncryptionPurpose.ANY);
+                for (PGPPublicKey key : encryptionKeys) {
+                    if (key.getKeyID() == keyID) {
+                        return secretKeys;
+                    }
                }
+                LOGGER.debug("Subkey " + Long.toHexString(keyID) + " cannot be used for decryption.");
+            } else {
+                return secretKeys;
            }

-            LOGGER.debug("Subkey " + Long.toHexString(keyID) + " cannot be used for decryption.");
        }
        return null;
    }