Adopt to new GPG Mojo

(cherry picked from commit db1d038)
eclipse-tycho · Nov 6, 2024 · 2bf617a · 2bf617a
1 parent 2229029
commit 2bf617a
Show file tree

Hide file tree

Showing 5 changed files with 43 additions and 5 deletions.
diff --git a/tycho-gpg-plugin/pom.xml b/tycho-gpg-plugin/pom.xml
@@ -25,6 +25,10 @@
 		<maven>${minimal-maven-version}</maven>
 	</prerequisites>
 	<dependencies>
+		<dependency>
+			<groupId>org.apache.maven</groupId>
+			<artifactId>maven-core</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.apache.maven</groupId>
 			<artifactId>maven-plugin-api</artifactId>

diff --git a/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojoExtension.java b/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojoExtension.java
@@ -11,18 +11,24 @@
 
 import java.io.File;
 
-import org.apache.maven.plugin.MojoExecutionException;
 import org.apache.maven.plugin.MojoFailureException;
 import org.apache.maven.project.MavenProject;
 
 public abstract class AbstractGpgMojoExtension extends AbstractGpgMojo {
 
     @Override
-    protected ProxySignerWithPublicKeyAccess newSigner(MavenProject project)
-            throws MojoExecutionException, MojoFailureException {
+    protected ProxySignerWithPublicKeyAccess newSigner(MavenProject project) throws MojoFailureException {
         return new ProxySignerWithPublicKeyAccess(super.newSigner(project), getSigner(), getPGPInfo(), getSecretKeys());
     }
 
+    @Override
+    protected AbstractGpgSigner createSigner(String name) throws MojoFailureException {
+        //due to legacy reasons we actually used a GpgSigner as a delegate
+        //(see org.apache.maven.plugins.gpg.ProxySignerWithPublicKeyAccess.getSigner(File, File))
+        //it would be better to actually create the BouncyCastleSigner already here!
+        return super.createSigner(GpgSigner.NAME);
+    }
+
     protected String getSigner() {
         return "gpg";
     }

diff --git a/...gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/ProxySignerWithPublicKeyAccess.java b/...gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/ProxySignerWithPublicKeyAccess.java
@@ -42,7 +42,7 @@ public ProxySignerWithPublicKeyAccess(AbstractGpgSigner delegate, String signer,
         this.delegate = delegate;
         this.setLog(delegate.getLog());
         // The pgpInfo is used only for testing purposes.
-        if ("bc".equals(signer) || pgpInfo != null || secretKeys != null) {
+        if (BouncyCastleSigner.NAME.equals(signer) || pgpInfo != null || secretKeys != null) {
             try {
                 this.signer = getSigner(pgpInfo, secretKeys);
             } catch (MojoExecutionException | MojoFailureException | IOException | PGPException e) {
@@ -216,4 +216,14 @@ private String getKeys(boolean isPublic) throws MojoExecutionException {
             throw new MojoExecutionException("Unable to execute gpg command", e);
         }
     }
+
+    @Override
+    public String signerName() {
+        return signer.signerName();
+    }
+
+    @Override
+    public String getKeyInfo() {
+        return signer.getKeyInfo();
+    }
 }
diff --git a/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/BouncyCastleSigner.java b/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/BouncyCastleSigner.java
@@ -26,6 +26,7 @@
 import java.security.Security;
 import java.util.ArrayList;
 import java.util.Date;
+import java.util.Iterator;
 
 import org.apache.maven.plugin.MojoExecutionException;
 import org.apache.maven.plugins.gpg.AbstractGpgSigner;
@@ -57,6 +58,7 @@
 import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
 import org.bouncycastle.openpgp.operator.bc.BcPGPKeyPair;
 import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
+import org.bouncycastle.util.encoders.Hex;
 
 public class BouncyCastleSigner extends AbstractGpgSigner {
 
@@ -74,6 +76,8 @@ public class BouncyCastleSigner extends AbstractGpgSigner {
 
     private PGPPrivateKey privateKey;
 
+    public static final String NAME = "bc";
+
     /**
      * Create an empty instance that needs to be configured before it is used.
      * 
@@ -351,4 +355,18 @@ public static void main(String[] args) throws Exception {
             signer.generateSignature(target.toFile());
         }
     }
+
+    @Override
+    public String signerName() {
+        return NAME;
+    }
+
+    @Override
+    public String getKeyInfo() {
+        Iterator<String> userIds = secretKey.getPublicKey().getUserIDs();
+        if (userIds.hasNext()) {
+            return userIds.next();
+        }
+        return Hex.toHexString(secretKey.getPublicKey().getFingerprint());
+    }
 }
diff --git a/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/SignRepositoryArtifactsMojo.java b/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/SignRepositoryArtifactsMojo.java
@@ -166,7 +166,7 @@ protected File getSecretKeys() {
     }
 
     @Override
-    public void execute() throws MojoExecutionException, MojoFailureException {
+    public void doExecute() throws MojoExecutionException, MojoFailureException {
 
         var signer = newSigner(project);
         var keys = KeyStore.create();