From 410d3a542314cc48cfe06526cdf819575a7c3204 Mon Sep 17 00:00:00 2001 From: Lukas Burkhalter Date: Thu, 12 Oct 2023 09:29:57 +0200 Subject: [PATCH] feat(v2): Add flag that can disable intended recipient in signcrypt --- openpgp/packet/config.go | 1 + openpgp/v2/write.go | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/openpgp/packet/config.go b/openpgp/packet/config.go index 128f13b87..cc6201057 100644 --- a/openpgp/packet/config.go +++ b/openpgp/packet/config.go @@ -137,6 +137,7 @@ type Config struct { // CheckIntendedRecipients is a flag that indicates if // a decryption key for an encrypted and signed messages should be checked // to be present in the signatures intended recipient list. + // In encrypt and sign intended recipients are only included if this flag is true. // if config is nil or flag is nil, it defaults to true CheckIntendedRecipients *bool // CacheSessionKey is a flag that indicates diff --git a/openpgp/v2/write.go b/openpgp/v2/write.go index 85c9200d3..4da8bf657 100644 --- a/openpgp/v2/write.go +++ b/openpgp/v2/write.go @@ -589,7 +589,9 @@ func encrypt( var intendedRecipients []*packet.Recipient // Intended Recipient Fingerprint subpacket SHOULD be used when creating a signed and encrypted message for _, publicRecipient := range to { - intendedRecipients = append(intendedRecipients, &packet.Recipient{KeyVersion: publicRecipient.PrimaryKey.Version, Fingerprint: publicRecipient.PrimaryKey.Fingerprint}) + if config.IntendedRecipients() { + intendedRecipients = append(intendedRecipients, &packet.Recipient{KeyVersion: publicRecipient.PrimaryKey.Version, Fingerprint: publicRecipient.PrimaryKey.Fingerprint}) + } } timeForEncryptionKey := config.Now()