streamline gpg-id handing

* decrypt should not care about it at all * PasswordStore.decrypt always forwards the passed in keyID, even when gpg-id handling is disabled * PasswordStore.encrypt: streamlined, but should be same behavior
2026-03-11 22:56:21 +01:00 · 2026-03-11 22:56:21 +01:00 · e32402b807
commit e32402b807
parent 054f333bac
1 changed files with 14 additions and 18 deletions
--- a/passKit/Models/PasswordStore.swift
+++ b/passKit/Models/PasswordStore.swift
@ -395,13 +395,7 @@ public class PasswordStore {
    public func decrypt(passwordEntity: PasswordEntity, keyID: String? = nil, requestPGPKeyPassphrase: @escaping (String) -> String) throws -> Password {
        let url = passwordEntity.fileURL(in: storeURL)
        let encryptedData = try Data(contentsOf: url)
-        let data: Data? = try {
-            if Defaults.isEnableGPGIDOn {
-                let keyID = keyID ?? findGPGID(from: url)
-                return try PGPAgent.shared.decrypt(encryptedData: encryptedData, keyID: keyID, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
-            }
-            return try PGPAgent.shared.decrypt(encryptedData: encryptedData, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
-        }()
+        let data: Data? = try PGPAgent.shared.decrypt(encryptedData: encryptedData, keyID: keyID, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
        guard let decryptedData = data else {
            throw AppError.decryption
        }
@ -413,20 +407,22 @@ public class PasswordStore {
        guard let passwordEntity = fetchPasswordEntity(with: path) else {
            throw AppError.decryption
        }
-        if Defaults.isEnableGPGIDOn {
        return try decrypt(passwordEntity: passwordEntity, keyID: keyID, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
    }
-        return try decrypt(passwordEntity: passwordEntity, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
-    }

    public func encrypt(password: Password, keyID: String? = nil) throws -> Data {
-        var keyID = keyID
+        let keyIDs: [String] = {
+            if let keyID {
+                return [keyID]
+            }
            if Defaults.isEnableGPGIDOn {
                let encryptedDataPath = password.fileURL(in: storeURL)
-            keyID = keyID ?? findGPGID(from: encryptedDataPath)
+                return [findGPGID(from: encryptedDataPath)]
            }
-        if let keyID {
-            return try PGPAgent.shared.encrypt(plainData: password.plainData, keyIDs: [keyID])
+            return []
+        }()
+        if !keyIDs.isEmpty {
+            return try PGPAgent.shared.encrypt(plainData: password.plainData, keyIDs: keyIDs)
        }
        return try PGPAgent.shared.encryptWithAllKeys(plainData: password.plainData)
    }