Rewrite of PGPCertificateDirectory using more flexible backend

pgp-certificate-store/src/main/java/pgp/certificate_store/Certificate.java

@@ -4,37 +4,13 @@
 
 package pgp.certificate_store;
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Set;
-
 /**
  * OpenPGP certificate (public key).
  */
 public abstract class Certificate implements KeyMaterial {
 
-    /**
-     * Return an {@link InputStream} of the binary representation of the certificate.
-     *
-     * @return input stream
-     * @throws IOException in case of an IO error
-     */
-    public abstract InputStream getInputStream() throws IOException;
-
-    /**
-     * Return a tag of the certificate.
-     * The tag is a checksum calculated over the binary representation of the certificate.
-     *
-     * @return tag
-     * @throws IOException in case of an IO error
-     */
-    public abstract String getTag() throws IOException;
-
-    /**
-     * Return a {@link Set} containing key-ids of subkeys.
-     *
-     * @return subkeys
-     * @throws IOException in case of an IO error
-     */
-    public abstract Set<Long> getSubkeyIds() throws IOException;
+    @Override
+    public Certificate asCertificate() {
+        return this;
+    }
 }

pgp-certificate-store/src/main/java/pgp/certificate_store/CertificateDirectory.java

@@ -54,12 +54,12 @@ public interface CertificateDirectory {
 
     /**
      * Insert a certificate into the store.
-     * If an instance of the certificate is already present in the store, the given {@link CertificateMerger} will be
+     * If an instance of the certificate is already present in the store, the given {@link KeyMaterialMerger} will be
      * used to merge both the existing and the new instance of the {@link Certificate}. The resulting merged certificate
      * will be stored in the store and returned.
      *
      * This method will block until a write-lock on the store can be acquired. If you cannot afford blocking,
-     * consider to use {@link #tryInsertCertificate(InputStream, CertificateMerger)} instead.
+     * consider to use {@link #tryInsertCertificate(InputStream, KeyMaterialMerger)} instead.
      *
      * @param data input stream containing the new certificate instance
      * @param merge callback for merging with an existing certificate instance
@@ -69,12 +69,12 @@ public interface CertificateDirectory {
      * @throws InterruptedException in case the inserting thread gets interrupted
      * @throws BadDataException if the data stream does not contain valid OpenPGP data
      */
-    Certificate insertCertificate(InputStream data, CertificateMerger merge)
+    Certificate insertCertificate(InputStream data, KeyMaterialMerger merge)
             throws IOException, InterruptedException, BadDataException;
 
     /**
      * Insert a certificate into the store.
-     * If an instance of the certificate is already present in the store, the given {@link CertificateMerger} will be
+     * If an instance of the certificate is already present in the store, the given {@link KeyMaterialMerger} will be
      * used to merge both the existing and the new instance of the {@link Certificate}. The resulting merged certificate
      * will be stored in the store and returned.
      *
@@ -90,19 +90,19 @@ public interface CertificateDirectory {
      * @throws IOException in case of an IO-error
      * @throws BadDataException if the data stream does not contain valid OpenPGP data
      */
-    Certificate tryInsertCertificate(InputStream data, CertificateMerger merge)
+    Certificate tryInsertCertificate(InputStream data, KeyMaterialMerger merge)
             throws IOException, BadDataException;
 
     /**
      * Insert a certificate into the store.
      * The certificate will be stored under the given special name instead of its fingerprint.
      *
-     * If an instance of the certificate is already present under the special name in the store, the given {@link CertificateMerger} will be
+     * If an instance of the certificate is already present under the special name in the store, the given {@link KeyMaterialMerger} will be
      * used to merge both the existing and the new instance of the {@link Certificate}. The resulting merged certificate
      * will be stored in the store and returned.
      *
      * This method will block until a write-lock on the store can be acquired. If you cannot afford blocking,
-     * consider to use {@link #tryInsertCertificateBySpecialName(String, InputStream, CertificateMerger)}  instead.
+     * consider to use {@link #tryInsertCertificateBySpecialName(String, InputStream, KeyMaterialMerger)}  instead.
      *
      * @param specialName special name of the certificate
      * @param data input stream containing the new certificate instance
@@ -114,14 +114,14 @@ public interface CertificateDirectory {
      * @throws BadDataException if the certificate file does not contain valid OpenPGP data
      * @throws BadNameException if the special name is unknown
      */
-    Certificate insertCertificateBySpecialName(String specialName, InputStream data, CertificateMerger merge)
+    Certificate insertCertificateBySpecialName(String specialName, InputStream data, KeyMaterialMerger merge)
             throws IOException, InterruptedException, BadDataException, BadNameException;
 
     /**
      * Insert a certificate into the store.
      * The certificate will be stored under the given special name instead of its fingerprint.
      *
-     * If an instance of the certificate is already present under the special name in the store, the given {@link CertificateMerger} will be
+     * If an instance of the certificate is already present under the special name in the store, the given {@link KeyMaterialMerger} will be
      * used to merge both the existing and the new instance of the {@link Certificate}. The resulting merged certificate
      * will be stored in the store and returned.
      *
@@ -139,7 +139,7 @@ public interface CertificateDirectory {
      * @throws BadDataException if the data stream does not contain valid OpenPGP data
      * @throws BadNameException if the special name is not known
      */
-    Certificate tryInsertCertificateBySpecialName(String specialName, InputStream data, CertificateMerger merge)
+    Certificate tryInsertCertificateBySpecialName(String specialName, InputStream data, KeyMaterialMerger merge)
             throws IOException, BadDataException, BadNameException;
 
     /**
@@ -186,7 +186,7 @@ public interface CertificateDirectory {
 
     /**
      * Insert the given trust-root key into the store.
-     * If the key store already holds a trust-root key, the given {@link KeyMerger} callback will be used to merge
+     * If the key store already holds a trust-root key, the given {@link KeyMaterialMerger} callback will be used to merge
      * the two instances into one {@link Key}. The result will be stored in the store and returned.
      *
      * This method will not block. Instead, if the store is already write-locked, this method will simply return null
@@ -202,16 +202,16 @@ public interface CertificateDirectory {
      * @throws InterruptedException in case the inserting thread gets interrupted
      * @throws BadDataException if the data stream does not contain a valid OpenPGP key
      */
-    Key insertTrustRoot(InputStream data, KeyMerger keyMerger)
+    Key insertTrustRoot(InputStream data, KeyMaterialMerger keyMerger)
             throws IOException, InterruptedException, BadDataException;
 
     /**
      * Insert the given trust-root key into the store.
-     * If the key store already holds a trust-root key, the given {@link KeyMerger} callback will be used to merge
+     * If the key store already holds a trust-root key, the given {@link KeyMaterialMerger} callback will be used to merge
      * the two instances into one {@link Key}. The result will be stored in the store and returned.
      *
      * This method will block until a write-lock on the store can be acquired. If you cannot afford blocking,
-     * consider using {@link #tryInsertTrustRoot(InputStream, KeyMerger)} instead.
+     * consider using {@link #tryInsertTrustRoot(InputStream, KeyMaterialMerger)} instead.
      *
      * @param data input stream containing the new trust-root key
      * @param keyMerger callback for merging with an existing key instance
@@ -220,6 +220,6 @@ public interface CertificateDirectory {
      * @throws IOException in case of an IO error
      * @throws BadDataException if the data stream does not contain a valid OpenPGP key
      */
-    Key tryInsertTrustRoot(InputStream data, KeyMerger keyMerger)
+    Key tryInsertTrustRoot(InputStream data, KeyMaterialMerger keyMerger)
             throws IOException, BadDataException;
 }

pgp-certificate-store/src/main/java/pgp/certificate_store/CertificateMerger.java

@@ -1,27 +0,0 @@
-// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package pgp.certificate_store;
-
-import java.io.IOException;
-
-/**
- * Merge a given certificate (update) with an existing certificate.
- */
-public interface CertificateMerger {
-
-    /**
-     * Merge the given certificate data with the existing certificate and return the result.
-     *
-     * If no existing certificate is found (i.e. existing is null), this method returns the unmodified data.
-     *
-     * @param data certificate
-     * @param existing optional already existing copy of the certificate
-     * @return merged certificate
-     *
-     * @throws IOException in case of an IO error
-     */
-    Certificate merge(Certificate data, Certificate existing) throws IOException;
-
-}

pgp-certificate-store/src/main/java/pgp/certificate_store/Key.java

@@ -4,9 +4,6 @@
 
 package pgp.certificate_store;
 
-import java.io.IOException;
-import java.io.InputStream;
-
 /**
  * OpenPGP key (secret key).
  */
@@ -19,14 +16,9 @@ public abstract class Key implements KeyMaterial {
      */
     public abstract Certificate getCertificate();
 
-    /**
-     * Return an {@link InputStream} of the binary representation of the secret key.
-     *
-     * @return input stream
-     * @throws IOException in case of an IO error
-     */
-    public abstract InputStream getInputStream() throws IOException;
-
-    public abstract String getTag() throws IOException;
+    @Override
+    public Certificate asCertificate() {
+        return getCertificate();
+    }
 
 }

pgp-certificate-store/src/main/java/pgp/certificate_store/KeyMaterial.java

@@ -4,6 +4,10 @@
 
 package pgp.certificate_store;
 
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Set;
+
 public interface KeyMaterial {
 
     /**
@@ -14,4 +18,23 @@ public interface KeyMaterial {
      */
     String getFingerprint();
 
+    Certificate asCertificate();
+
+    /**
+     * Return an {@link InputStream} of the binary representation of the secret key.
+     *
+     * @return input stream
+     * @throws IOException in case of an IO error
+     */
+    InputStream getInputStream() throws IOException;
+
+    String getTag() throws IOException;
+
+    /**
+     * Return a {@link Set} containing key-ids of subkeys.
+     *
+     * @return subkeys
+     * @throws IOException in case of an IO error
+     */
+    Set<Long> getSubkeyIds() throws IOException;
 }

pgp-certificate-store/src/main/java/pgp/certificate_store/KeyMaterialMerger.java

@@ -0,0 +1,25 @@
+// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package pgp.certificate_store;
+
+import java.io.IOException;
+
+/**
+ * Merge a given {@link Key} (update) with an existing {@link Key}.
+ */
+public interface KeyMaterialMerger {
+
+    /**
+     * Merge the given key material with an existing copy and return the result.
+     * If no existing {@link KeyMaterial} is found (i.e. if existing is null), this method returns the unmodified data.
+     *
+     * @param data key material
+     * @param existing optional already existing copy of the key material
+     * @return merged key material
+     *
+     * @throws IOException in case of an IO error
+     */
+    KeyMaterial merge(KeyMaterial data, KeyMaterial existing) throws IOException;
+}

pgp-certificate-store/src/main/java/pgp/certificate_store/KeyMaterialReaderBackend.java

@@ -9,7 +9,7 @@ import pgp.certificate_store.exception.BadDataException;
 import java.io.IOException;
 import java.io.InputStream;
 
-public interface KeyReaderBackend {
+public interface KeyMaterialReaderBackend {
 
     /**
      * Read a {@link KeyMaterial} (either {@link Key} or {@link Certificate}) from the given {@link InputStream}.

pgp-certificate-store/src/main/java/pgp/certificate_store/KeyMerger.java

@@ -1,25 +0,0 @@
-// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package pgp.certificate_store;
-
-import java.io.IOException;
-
-/**
- * Merge a given {@link Key} (update) with an existing {@link Key}.
- */
-public interface KeyMerger {
-
-    /**
-     * Merge the given key data with the existing {@link Key} and return the result.
-     * If no existing {@link Key} is found (i.e. if existing is null), this method returns the unmodified data.
-     *
-     * @param data key
-     * @param existing optional already existing copy of the key
-     * @return merged key
-     *
-     * @throws IOException in case of an IO error
-     */
-    Key merge(Key data, Key existing) throws IOException;
-}