Add logic for MissingPublicKeyCallback

src/main/java/org/pgpainless/pgpainless/decryption_verification/DecryptionBuilder.java

@@ -33,7 +33,7 @@ public class DecryptionBuilder implements DecryptionBuilderInterface {
     private PGPSecretKeyRingCollection decryptionKeys;
     private SecretKeyRingProtector decryptionKeyDecryptor;
     private Set<PGPPublicKeyRing> verificationKeys = new HashSet<>();
-    private MissingPublicKeyCallback missingPublicKeyCallback = null;
+    private org.pgpainless.pgpainless.decryption_verification.MissingPublicKeyCallback missingPublicKeyCallback = null;
 
     @Override
     public DecryptWith onInputStream(InputStream inputStream) {
@@ -61,7 +61,7 @@ public class DecryptionBuilder implements DecryptionBuilderInterface {
     class VerifyWithImpl implements VerifyWith {
 
         @Override
-        public MissingPublicKeyFeedback verifyWith(Set<Long> trustedKeyIds,
+        public HandleMissingPublicKeys verifyWith(Set<Long> trustedKeyIds,
                                                   PGPPublicKeyRingCollection publicKeyRingCollection) {
             Set<PGPPublicKeyRing> publicKeyRings = new HashSet<>();
             for (Iterator<PGPPublicKeyRing> i = publicKeyRingCollection.getKeyRings(); i.hasNext(); ) {
@@ -74,9 +74,9 @@ public class DecryptionBuilder implements DecryptionBuilderInterface {
         }
 
         @Override
-        public MissingPublicKeyFeedback verifyWith(Set<PGPPublicKeyRing> publicKeyRings) {
+        public HandleMissingPublicKeys verifyWith(Set<PGPPublicKeyRing> publicKeyRings) {
             DecryptionBuilder.this.verificationKeys = publicKeyRings;
-            return new MissingPublicKeyFeedbackImpl();
+            return new HandleMissingPublicKeysImpl();
         }
 
         @Override
@@ -86,16 +86,17 @@ public class DecryptionBuilder implements DecryptionBuilderInterface {
         }
     }
 
-    class MissingPublicKeyFeedbackImpl implements MissingPublicKeyFeedback {
+    class HandleMissingPublicKeysImpl implements HandleMissingPublicKeys {
 
         @Override
-        public Build handleMissingPublicKeysWith(MissingPublicKeyCallback callback) {
+        public Build handleMissingPublicKeysWith(org.pgpainless.pgpainless.decryption_verification.MissingPublicKeyCallback callback) {
             DecryptionBuilder.this.missingPublicKeyCallback = callback;
             return new BuildImpl();
         }
 
         @Override
         public Build ignoreMissingPublicKeys() {
+            DecryptionBuilder.this.missingPublicKeyCallback = null;
             return new BuildImpl();
         }
     }

src/main/java/org/pgpainless/pgpainless/decryption_verification/DecryptionBuilderInterface.java

@@ -39,17 +39,17 @@ public interface DecryptionBuilderInterface {
 
     interface VerifyWith {
 
-        MissingPublicKeyFeedback verifyWith(Set<Long> trustedFingerprints, PGPPublicKeyRingCollection publicKeyRings);
+        HandleMissingPublicKeys verifyWith(Set<Long> trustedFingerprints, PGPPublicKeyRingCollection publicKeyRings);
 
-        MissingPublicKeyFeedback verifyWith(Set<PGPPublicKeyRing> publicKeyRings);
+        HandleMissingPublicKeys verifyWith(Set<PGPPublicKeyRing> publicKeyRings);
 
         Build doNotVerify();
 
     }
 
-    interface MissingPublicKeyFeedback {
+    interface HandleMissingPublicKeys {
 
-        Build handleMissingPublicKeysWith(MissingPublicKeyCallback callback);
+        Build handleMissingPublicKeysWith(org.pgpainless.pgpainless.decryption_verification.MissingPublicKeyCallback callback);
 
         Build ignoreMissingPublicKeys();
     }

src/main/java/org/pgpainless/pgpainless/decryption_verification/DecryptionStreamFactory.java

@@ -197,7 +197,7 @@ public class DecryptionStreamFactory {
 
         while (iterator.hasNext()) {
             PGPOnePassSignature signature = iterator.next();
-            long keyId = signature.getKeyID();
+            final long keyId = signature.getKeyID();
             resultBuilder.addSignatureKeyId(keyId);
 
             LOGGER.log(LEVEL, "Message contains OnePassSignature from " + Long.toHexString(keyId));
@@ -212,10 +212,31 @@ public class DecryptionStreamFactory {
                 }
             }
 
-            if (verificationKey != null) {
+            if (verificationKey == null) {
+                LOGGER.log(Level.INFO, "No public key for signature of " + Long.toHexString(keyId) + " found.");
+
+                if (missingPublicKeyCallback == null) {
+                    LOGGER.log(Level.INFO, "Skip signature of " + Long.toHexString(keyId));
+                    continue;
+                }
+
+                PGPPublicKey missingPublicKey = missingPublicKeyCallback.onMissingPublicKeyEncountered(keyId);
+                if (missingPublicKey == null) {
+                    LOGGER.log(Level.INFO, "Skip signature of " + Long.toHexString(keyId));
+                    continue;
+                }
+
+                if (missingPublicKey.getKeyID() != keyId) {
+                    throw new IllegalArgumentException("KeyID of the provided public key differs from the signatures keyId. " +
+                            "The signature was created from " + Long.toHexString(keyId) + " while the provided key has ID " +
+                            Long.toHexString(missingPublicKey.getKeyID()));
+                }
+
+                verificationKey = missingPublicKey;
+            }
+
             signature.init(verifierBuilderProvider, verificationKey);
-                verifiableOnePassSignatures.put(signature.getKeyID(), signature);
+            verifiableOnePassSignatures.put(keyId, signature);
-            }
         }
     }
 }

src/main/java/org/pgpainless/pgpainless/decryption_verification/MissingPublicKeyCallback.java

@@ -15,8 +15,10 @@
  */
 package org.pgpainless.pgpainless.decryption_verification;
 
+import org.bouncycastle.openpgp.PGPPublicKey;
+
 public interface MissingPublicKeyCallback {
 
-    void onMissingPublicKeyEncountered(Long keyId);
+    PGPPublicKey onMissingPublicKeyEncountered(Long keyId);
 
 }