From ff8c6d8b6d8336f3b827eff3df475afa4186828d Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Wed, 16 Dec 2020 17:29:12 +0100
Subject: [PATCH] Fix NPE when signing key is not found during signature
 verification

---
 .../decryption_verification/DecryptionStreamFactory.java       | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java
index 91ffc047..784d9bab 100644
--- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java
@@ -95,6 +95,9 @@ public final class DecryptionStreamFactory {
             pgpInputStream = inputStream;
             for (PGPSignature signature : detachedSignatures) {
                 PGPPublicKey signingKey = factory.findSignatureVerificationKey(signature.getKeyID());
+                if (signingKey == null) {
+                    continue;
+                }
                 signature.init(new BcPGPContentVerifierBuilderProvider(), signingKey);
                 factory.resultBuilder.addDetachedSignature(
                         new DetachedSignature(signature, new OpenPgpV4Fingerprint(signingKey)));