1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-14 16:32:06 +01:00

Add ConsumerOptions.setRequireValidDecryptionKey()

This commit is contained in:
Paul Schaub 2023-04-07 13:37:37 +02:00
parent ed2c53f5d6
commit 76b365a506
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 20 additions and 6 deletions

View file

@ -37,6 +37,7 @@ import org.pgpainless.util.SessionKey;
public class ConsumerOptions { public class ConsumerOptions {
private boolean ignoreMDCErrors = false; private boolean ignoreMDCErrors = false;
private boolean requireValidDecryptionKey = true;
private boolean forceNonOpenPgpData = false; private boolean forceNonOpenPgpData = false;
private Date verifyNotBefore = null; private Date verifyNotBefore = null;
@ -391,6 +392,15 @@ public class ConsumerOptions {
return ignoreMDCErrors; return ignoreMDCErrors;
} }
public ConsumerOptions setRequireValidDecryptionKey(boolean requireValidDecryptionKey) {
this.requireValidDecryptionKey = requireValidDecryptionKey;
return this;
}
boolean isRequireValidDecryptionKey() {
return requireValidDecryptionKey;
}
/** /**
* Force PGPainless to handle the data provided by the {@link InputStream} as non-OpenPGP data. * Force PGPainless to handle the data provided by the {@link InputStream} as non-OpenPGP data.
* This workaround might come in handy if PGPainless accidentally mistakes the data for binary OpenPGP data. * This workaround might come in handy if PGPainless accidentally mistakes the data for binary OpenPGP data.

View file

@ -691,15 +691,19 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
continue; continue;
} }
KeyRingInfo info = new KeyRingInfo(secretKeys, policy, new Date()); if (options.isRequireValidDecryptionKey()) {
List<PGPPublicKey> encryptionKeys = info.getEncryptionSubkeys(EncryptionPurpose.ANY); KeyRingInfo info = new KeyRingInfo(secretKeys, policy, new Date());
for (PGPPublicKey key : encryptionKeys) { List<PGPPublicKey> encryptionKeys = info.getEncryptionSubkeys(EncryptionPurpose.ANY);
if (key.getKeyID() == keyID) { for (PGPPublicKey key : encryptionKeys) {
return secretKeys; if (key.getKeyID() == keyID) {
return secretKeys;
}
} }
LOGGER.debug("Subkey " + Long.toHexString(keyID) + " cannot be used for decryption.");
} else {
return secretKeys;
} }
LOGGER.debug("Subkey " + Long.toHexString(keyID) + " cannot be used for decryption.");
} }
return null; return null;
} }