EncryptionOptions: Allow overriding evaluation date for recipient keys

2024-11-22 12:22:06 +01:00 · 2023-08-03 14:48:57 +02:00 · 2023-08-03 14:48:57 +02:00 · f0e59ecef5
commit f0e59ecef5
parent d08bc6bd4b
1 changed files with 14 additions and 3 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java
@ -68,6 +68,7 @@ public class EncryptionOptions {
    private final Map<SubkeyIdentifier, KeyAccessor> keyViews = new HashMap<>();
    private final EncryptionKeySelector encryptionKeySelector = encryptToAllCapableSubkeys();
    private boolean allowEncryptionWithMissingKeyFlags = false;
+    private Date evaluationDate = new Date();

    private SymmetricKeyAlgorithm encryptionAlgorithmOverride = null;

@ -96,6 +97,17 @@ public class EncryptionOptions {
        return new EncryptionOptions();
    }

+    /**
+     * Override the evaluation date for recipient keys with the given date.
+     *
+     * @param evaluationDate new evaluation date
+     * @return this
+     */
+    public EncryptionOptions setEvaluationDate(@Nonnull Date evaluationDate) {
+        this.evaluationDate = evaluationDate;
+        return this;
+    }
+
    /**
     * Factory method to create an {@link EncryptionOptions} object which will encrypt for keys
     * which carry the flag {@link org.pgpainless.algorithm.KeyFlag#ENCRYPT_COMMS}.
@ -141,7 +153,7 @@ public class EncryptionOptions {
     * @return encryption options
     */
    public EncryptionOptions addAuthenticatableRecipients(String userId, boolean email, CertificateAuthority authority, int targetAmount) {
-        List<CertificateAuthenticity> identifiedCertificates = authority.lookupByUserId(userId, email, new Date(), targetAmount);
+        List<CertificateAuthenticity> identifiedCertificates = authority.lookupByUserId(userId, email, evaluationDate, targetAmount);
        boolean foundAcceptable = false;
        for (CertificateAuthenticity candidate : identifiedCertificates) {
            if (candidate.isAuthenticated()) {
@ -213,7 +225,7 @@ public class EncryptionOptions {
    public EncryptionOptions addRecipient(@Nonnull PGPPublicKeyRing key,
                                          @Nonnull CharSequence userId,
                                          @Nonnull EncryptionKeySelector encryptionKeySelectionStrategy) {
-        KeyRingInfo info = new KeyRingInfo(key, new Date());
+        KeyRingInfo info = new KeyRingInfo(key, evaluationDate);

        List<PGPPublicKey> encryptionSubkeys = encryptionKeySelectionStrategy
                .selectEncryptionSubkeys(info.getEncryptionSubkeys(userId.toString(), purpose));
@ -277,7 +289,6 @@ public class EncryptionOptions {
    }

    private EncryptionOptions addAsRecipient(PGPPublicKeyRing key, EncryptionKeySelector encryptionKeySelectionStrategy, boolean wildcardKeyId) {
-        Date evaluationDate = new Date();
        KeyRingInfo info = new KeyRingInfo(key, evaluationDate);

        Date primaryKeyExpiration;