feat(v2): Add flag that can disable intended recipient in signcrypt

ProtonMail · Oct 12, 2023 · 410d3a5 · 410d3a5
1 parent d819a77
commit 410d3a5
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/openpgp/packet/config.go b/openpgp/packet/config.go
@@ -137,6 +137,7 @@ type Config struct {
 	// CheckIntendedRecipients is a flag that indicates if
 	// a decryption key for an encrypted and signed messages should be checked
 	// to be present in the signatures intended recipient list.
+	// In encrypt and sign intended recipients are only included if this flag is true.
 	// if config is nil or flag is nil, it defaults to true
 	CheckIntendedRecipients *bool
 	// CacheSessionKey is a flag that indicates

diff --git a/openpgp/v2/write.go b/openpgp/v2/write.go
@@ -589,7 +589,9 @@ func encrypt(
 	var intendedRecipients []*packet.Recipient
 	// Intended Recipient Fingerprint subpacket SHOULD be used when creating a signed and encrypted message
 	for _, publicRecipient := range to {
-		intendedRecipients = append(intendedRecipients, &packet.Recipient{KeyVersion: publicRecipient.PrimaryKey.Version, Fingerprint: publicRecipient.PrimaryKey.Fingerprint})
+		if config.IntendedRecipients() {
+			intendedRecipients = append(intendedRecipients, &packet.Recipient{KeyVersion: publicRecipient.PrimaryKey.Version, Fingerprint: publicRecipient.PrimaryKey.Fingerprint})
+		}
 	}
 
 	timeForEncryptionKey := config.Now()