From 76b365a5062d858b70a46b3e0d102f26e82c691c Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Fri, 7 Apr 2023 13:37:37 +0200 Subject: [PATCH] Add ConsumerOptions.setRequireValidDecryptionKey() --- .../decryption_verification/ConsumerOptions.java | 10 ++++++++++ .../OpenPgpMessageInputStream.java | 16 ++++++++++------ 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/ConsumerOptions.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/ConsumerOptions.java index d0d9230b..321d1649 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/ConsumerOptions.java +++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/ConsumerOptions.java @@ -37,6 +37,7 @@ import org.pgpainless.util.SessionKey; public class ConsumerOptions { private boolean ignoreMDCErrors = false; + private boolean requireValidDecryptionKey = true; private boolean forceNonOpenPgpData = false; private Date verifyNotBefore = null; @@ -391,6 +392,15 @@ public class ConsumerOptions { return ignoreMDCErrors; } + public ConsumerOptions setRequireValidDecryptionKey(boolean requireValidDecryptionKey) { + this.requireValidDecryptionKey = requireValidDecryptionKey; + return this; + } + + boolean isRequireValidDecryptionKey() { + return requireValidDecryptionKey; + } + /** * Force PGPainless to handle the data provided by the {@link InputStream} as non-OpenPGP data. * This workaround might come in handy if PGPainless accidentally mistakes the data for binary OpenPGP data. diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java index 7fe11bbf..29904872 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java +++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java @@ -691,15 +691,19 @@ public class OpenPgpMessageInputStream extends DecryptionStream { continue; } - KeyRingInfo info = new KeyRingInfo(secretKeys, policy, new Date()); - List encryptionKeys = info.getEncryptionSubkeys(EncryptionPurpose.ANY); - for (PGPPublicKey key : encryptionKeys) { - if (key.getKeyID() == keyID) { - return secretKeys; + if (options.isRequireValidDecryptionKey()) { + KeyRingInfo info = new KeyRingInfo(secretKeys, policy, new Date()); + List encryptionKeys = info.getEncryptionSubkeys(EncryptionPurpose.ANY); + for (PGPPublicKey key : encryptionKeys) { + if (key.getKeyID() == keyID) { + return secretKeys; + } } + LOGGER.debug("Subkey " + Long.toHexString(keyID) + " cannot be used for decryption."); + } else { + return secretKeys; } - LOGGER.debug("Subkey " + Long.toHexString(keyID) + " cannot be used for decryption."); } return null; }