1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 06:12:06 +01:00

EncryptionOptions: Allow overriding evaluation date for recipient keys

This commit is contained in:
Paul Schaub 2023-08-03 14:48:57 +02:00
parent d08bc6bd4b
commit f0e59ecef5
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311

View file

@ -68,6 +68,7 @@ public class EncryptionOptions {
private final Map<SubkeyIdentifier, KeyAccessor> keyViews = new HashMap<>(); private final Map<SubkeyIdentifier, KeyAccessor> keyViews = new HashMap<>();
private final EncryptionKeySelector encryptionKeySelector = encryptToAllCapableSubkeys(); private final EncryptionKeySelector encryptionKeySelector = encryptToAllCapableSubkeys();
private boolean allowEncryptionWithMissingKeyFlags = false; private boolean allowEncryptionWithMissingKeyFlags = false;
private Date evaluationDate = new Date();
private SymmetricKeyAlgorithm encryptionAlgorithmOverride = null; private SymmetricKeyAlgorithm encryptionAlgorithmOverride = null;
@ -96,6 +97,17 @@ public class EncryptionOptions {
return new EncryptionOptions(); return new EncryptionOptions();
} }
/**
* Override the evaluation date for recipient keys with the given date.
*
* @param evaluationDate new evaluation date
* @return this
*/
public EncryptionOptions setEvaluationDate(@Nonnull Date evaluationDate) {
this.evaluationDate = evaluationDate;
return this;
}
/** /**
* Factory method to create an {@link EncryptionOptions} object which will encrypt for keys * Factory method to create an {@link EncryptionOptions} object which will encrypt for keys
* which carry the flag {@link org.pgpainless.algorithm.KeyFlag#ENCRYPT_COMMS}. * which carry the flag {@link org.pgpainless.algorithm.KeyFlag#ENCRYPT_COMMS}.
@ -141,7 +153,7 @@ public class EncryptionOptions {
* @return encryption options * @return encryption options
*/ */
public EncryptionOptions addAuthenticatableRecipients(String userId, boolean email, CertificateAuthority authority, int targetAmount) { public EncryptionOptions addAuthenticatableRecipients(String userId, boolean email, CertificateAuthority authority, int targetAmount) {
List<CertificateAuthenticity> identifiedCertificates = authority.lookupByUserId(userId, email, new Date(), targetAmount); List<CertificateAuthenticity> identifiedCertificates = authority.lookupByUserId(userId, email, evaluationDate, targetAmount);
boolean foundAcceptable = false; boolean foundAcceptable = false;
for (CertificateAuthenticity candidate : identifiedCertificates) { for (CertificateAuthenticity candidate : identifiedCertificates) {
if (candidate.isAuthenticated()) { if (candidate.isAuthenticated()) {
@ -213,7 +225,7 @@ public class EncryptionOptions {
public EncryptionOptions addRecipient(@Nonnull PGPPublicKeyRing key, public EncryptionOptions addRecipient(@Nonnull PGPPublicKeyRing key,
@Nonnull CharSequence userId, @Nonnull CharSequence userId,
@Nonnull EncryptionKeySelector encryptionKeySelectionStrategy) { @Nonnull EncryptionKeySelector encryptionKeySelectionStrategy) {
KeyRingInfo info = new KeyRingInfo(key, new Date()); KeyRingInfo info = new KeyRingInfo(key, evaluationDate);
List<PGPPublicKey> encryptionSubkeys = encryptionKeySelectionStrategy List<PGPPublicKey> encryptionSubkeys = encryptionKeySelectionStrategy
.selectEncryptionSubkeys(info.getEncryptionSubkeys(userId.toString(), purpose)); .selectEncryptionSubkeys(info.getEncryptionSubkeys(userId.toString(), purpose));
@ -277,7 +289,6 @@ public class EncryptionOptions {
} }
private EncryptionOptions addAsRecipient(PGPPublicKeyRing key, EncryptionKeySelector encryptionKeySelectionStrategy, boolean wildcardKeyId) { private EncryptionOptions addAsRecipient(PGPPublicKeyRing key, EncryptionKeySelector encryptionKeySelectionStrategy, boolean wildcardKeyId) {
Date evaluationDate = new Date();
KeyRingInfo info = new KeyRingInfo(key, evaluationDate); KeyRingInfo info = new KeyRingInfo(key, evaluationDate);
Date primaryKeyExpiration; Date primaryKeyExpiration;