From dd8d8592b084bd7419c4805076d501c7f244508b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20L=C3=A4ubrich?= Date: Mon, 4 Nov 2024 14:21:42 +0100 Subject: [PATCH] Adopt to new GPG Mojo (cherry picked from commit db1d038662a65c15b68a3f3aff111a7e6ab9d884) --- tycho-gpg-plugin/pom.xml | 4 ++++ .../plugins/gpg/AbstractGpgMojoExtension.java | 12 +++++++++--- .../gpg/ProxySignerWithPublicKeyAccess.java | 12 +++++++++++- .../eclipse/tycho/gpg/BouncyCastleSigner.java | 18 ++++++++++++++++++ .../tycho/gpg/SignRepositoryArtifactsMojo.java | 2 +- 5 files changed, 43 insertions(+), 5 deletions(-) diff --git a/tycho-gpg-plugin/pom.xml b/tycho-gpg-plugin/pom.xml index 149a05e18e..1c23059e50 100644 --- a/tycho-gpg-plugin/pom.xml +++ b/tycho-gpg-plugin/pom.xml @@ -25,6 +25,10 @@ ${minimal-maven-version} + + org.apache.maven + maven-core + org.apache.maven maven-plugin-api diff --git a/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojoExtension.java b/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojoExtension.java index 67c7184b93..bc141d1449 100644 --- a/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojoExtension.java +++ b/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojoExtension.java @@ -11,18 +11,24 @@ import java.io.File; -import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.plugin.MojoFailureException; import org.apache.maven.project.MavenProject; public abstract class AbstractGpgMojoExtension extends AbstractGpgMojo { @Override - protected ProxySignerWithPublicKeyAccess newSigner(MavenProject project) - throws MojoExecutionException, MojoFailureException { + protected ProxySignerWithPublicKeyAccess newSigner(MavenProject project) throws MojoFailureException { return new ProxySignerWithPublicKeyAccess(super.newSigner(project), getSigner(), getPGPInfo(), getSecretKeys()); } + @Override + protected AbstractGpgSigner createSigner(String name) throws MojoFailureException { + //due to legacy reasons we actually used a GpgSigner as a delegate + //(see org.apache.maven.plugins.gpg.ProxySignerWithPublicKeyAccess.getSigner(File, File)) + //it would be better to actually create the BouncyCastleSigner already here! + return super.createSigner(GpgSigner.NAME); + } + protected String getSigner() { return "gpg"; } diff --git a/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/ProxySignerWithPublicKeyAccess.java b/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/ProxySignerWithPublicKeyAccess.java index c444624f5d..f3915bc28b 100644 --- a/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/ProxySignerWithPublicKeyAccess.java +++ b/tycho-gpg-plugin/src/main/java/org/apache/maven/plugins/gpg/ProxySignerWithPublicKeyAccess.java @@ -42,7 +42,7 @@ public ProxySignerWithPublicKeyAccess(AbstractGpgSigner delegate, String signer, this.delegate = delegate; this.setLog(delegate.getLog()); // The pgpInfo is used only for testing purposes. - if ("bc".equals(signer) || pgpInfo != null || secretKeys != null) { + if (BouncyCastleSigner.NAME.equals(signer) || pgpInfo != null || secretKeys != null) { try { this.signer = getSigner(pgpInfo, secretKeys); } catch (MojoExecutionException | MojoFailureException | IOException | PGPException e) { @@ -216,4 +216,14 @@ private String getKeys(boolean isPublic) throws MojoExecutionException { throw new MojoExecutionException("Unable to execute gpg command", e); } } + + @Override + public String signerName() { + return signer.signerName(); + } + + @Override + public String getKeyInfo() { + return signer.getKeyInfo(); + } } diff --git a/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/BouncyCastleSigner.java b/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/BouncyCastleSigner.java index 9609d72e5a..d2c12e8395 100644 --- a/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/BouncyCastleSigner.java +++ b/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/BouncyCastleSigner.java @@ -26,6 +26,7 @@ import java.security.Security; import java.util.ArrayList; import java.util.Date; +import java.util.Iterator; import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.plugins.gpg.AbstractGpgSigner; @@ -57,6 +58,7 @@ import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider; import org.bouncycastle.openpgp.operator.bc.BcPGPKeyPair; import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder; +import org.bouncycastle.util.encoders.Hex; public class BouncyCastleSigner extends AbstractGpgSigner { @@ -74,6 +76,8 @@ public class BouncyCastleSigner extends AbstractGpgSigner { private PGPPrivateKey privateKey; + public static final String NAME = "bc"; + /** * Create an empty instance that needs to be configured before it is used. * @@ -351,4 +355,18 @@ public static void main(String[] args) throws Exception { signer.generateSignature(target.toFile()); } } + + @Override + public String signerName() { + return NAME; + } + + @Override + public String getKeyInfo() { + Iterator userIds = secretKey.getPublicKey().getUserIDs(); + if (userIds.hasNext()) { + return userIds.next(); + } + return Hex.toHexString(secretKey.getPublicKey().getFingerprint()); + } } diff --git a/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/SignRepositoryArtifactsMojo.java b/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/SignRepositoryArtifactsMojo.java index 840d41fc70..0b521c7d12 100644 --- a/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/SignRepositoryArtifactsMojo.java +++ b/tycho-gpg-plugin/src/main/java/org/eclipse/tycho/gpg/SignRepositoryArtifactsMojo.java @@ -166,7 +166,7 @@ protected File getSecretKeys() { } @Override - public void execute() throws MojoExecutionException, MojoFailureException { + public void doExecute() throws MojoExecutionException, MojoFailureException { var signer = newSigner(project); var keys = KeyStore.create();