PGPInterface can encrypt with multiple keys, PGPAgent can encrypt with all keys

2026-03-11 00:21:30 +01:00 · 2026-03-11 00:21:30 +01:00 · 84eaf4ad7d
commit 84eaf4ad7d
parent 8d4f3af475
7 changed files with 158 additions and 19 deletions
--- a/passKit/Crypto/ObjectivePGPInterface.swift
+++ b/passKit/Crypto/ObjectivePGPInterface.swift
@ -33,8 +33,25 @@ struct ObjectivePGPInterface: PGPInterface {
        }
    }

+    @available(*, deprecated, message: "Use encrypt(plainData:keyIDs:) instead.")
    func encrypt(plainData: Data, keyID _: String?) throws -> Data {
-        let encryptedData = try ObjectivePGP.encrypt(plainData, addSignature: false, using: keyring.keys, passphraseForKey: nil)
+        // Backwards compatibility: ignore keyID parameter and encrypted with all keys in the keyring
+        try encryptWithAllKeys(plainData: plainData)
+    }
+
+    func encryptWithAllKeys(plainData: Data) throws -> Data {
+        try encrypt(plainData: plainData, keyIDs: keyID)
+    }
+
+    func encrypt(plainData: Data, keyIDs: [String]) throws -> Data {
+        let keys = try keyIDs.map { keyID in
+            guard let key = keyring.findKey(keyID) else {
+                throw AppError.pgpPublicKeyNotFound(keyID: keyID)
+            }
+            return key
+        }
+
+        let encryptedData = try ObjectivePGP.encrypt(plainData, addSignature: false, using: keys, passphraseForKey: nil)
        if Defaults.encryptInArmored {
            return Armor.armored(encryptedData, as: .message).data(using: .ascii)!
        }