Port BcHashContextSigner and test

pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/BcHashContextSigner.kt

@@ -4,16 +4,15 @@
 
 package org.pgpainless.encryption_signing
 
-import java.security.MessageDigest
 import org.bouncycastle.openpgp.PGPException
-import org.bouncycastle.openpgp.PGPPrivateKey
-import org.bouncycastle.openpgp.PGPSecretKeyRing
-import org.bouncycastle.openpgp.PGPSignature
 import org.bouncycastle.openpgp.PGPSignatureGenerator
+import org.bouncycastle.openpgp.api.OpenPGPKey
+import org.bouncycastle.openpgp.api.OpenPGPSignature.OpenPGPDocumentSignature
 import org.pgpainless.PGPainless
 import org.pgpainless.algorithm.SignatureType
-import org.pgpainless.bouncycastle.extensions.unlock
 import org.pgpainless.key.protection.SecretKeyRingProtector
+import org.pgpainless.key.protection.UnlockSecretKey
+import java.security.MessageDigest
 
 class BcHashContextSigner {
 
@@ -22,15 +21,15 @@ class BcHashContextSigner {
         fun signHashContext(
             hashContext: MessageDigest,
             signatureType: SignatureType,
-            secretKey: PGPSecretKeyRing,
+            secretKey: OpenPGPKey,
             protector: SecretKeyRingProtector
-        ): PGPSignature {
+        ): OpenPGPDocumentSignature {
-            val info = PGPainless.inspectKeyRing(secretKey)
+            val info = PGPainless.getInstance().inspect(secretKey)
             return info.signingSubkeys
                 .mapNotNull { info.getSecretKey(it.keyIdentifier) }
                 .firstOrNull()
                 ?.let {
-                    signHashContext(hashContext, signatureType, it.pgpSecretKey.unlock(protector))
+                    signHashContext(hashContext, signatureType, UnlockSecretKey.unlockSecretKey(it, protector))
                 }
                 ?: throw PGPException("Key does not contain suitable signing subkey.")
         }
@@ -47,11 +46,14 @@ class BcHashContextSigner {
         internal fun signHashContext(
             hashContext: MessageDigest,
             signatureType: SignatureType,
-            privateKey: PGPPrivateKey
+            privateKey: OpenPGPKey.OpenPGPPrivateKey
-        ): PGPSignature {
+        ): OpenPGPDocumentSignature {
-            return PGPSignatureGenerator(BcPGPHashContextContentSignerBuilder(hashContext))
+            return PGPSignatureGenerator(
-                .apply { init(signatureType.code, privateKey) }
+                BcPGPHashContextContentSignerBuilder(hashContext),
+                privateKey.keyPair.publicKey)
+                .apply { init(signatureType.code, privateKey.keyPair.privateKey) }
                 .generate()
+                .let { OpenPGPDocumentSignature(it, privateKey.publicKey) }
         }
     }
 }

pgpainless-core/src/test/java/org/pgpainless/encryption_signing/BcHashContextSignerTest.java

@@ -16,9 +16,9 @@ import java.security.NoSuchAlgorithmException;
 
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.openpgp.PGPException;
-import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.openpgp.api.OpenPGPCertificate;
 import org.bouncycastle.openpgp.api.OpenPGPKey;
+import org.bouncycastle.openpgp.api.OpenPGPSignature;
 import org.bouncycastle.util.io.Streams;
 import org.junit.jupiter.api.Test;
 import org.pgpainless.PGPainless;
@@ -66,13 +66,15 @@ public class BcHashContextSignerTest {
 
     @Test
     public void signContextWithRSAKeys() throws PGPException, NoSuchAlgorithmException, IOException {
-        OpenPGPKey secretKeys = PGPainless.generateKeyRing().simpleRsaKeyRing("Sigfried", RsaLength._3072);
+        OpenPGPKey secretKeys = PGPainless.getInstance().generateKey()
+                .simpleRsaKeyRing("Sigfried", RsaLength._3072);
         signWithKeys(secretKeys);
     }
 
     @Test
     public void signContextWithEcKeys() throws PGPException, NoSuchAlgorithmException, IOException {
-        OpenPGPKey secretKeys = PGPainless.generateKeyRing().simpleEcKeyRing("Sigfried");
+        OpenPGPKey secretKeys = PGPainless.getInstance().generateKey()
+                .simpleEcKeyRing("Sigfried");
         signWithKeys(secretKeys);
     }
 
@@ -91,8 +93,8 @@ public class BcHashContextSignerTest {
         byte[] messageBytes = message.getBytes(StandardCharsets.UTF_8);
         ByteArrayInputStream messageIn = new ByteArrayInputStream(messageBytes);
 
-        PGPSignature signature = signMessage(messageBytes, hashAlgorithm, secretKeys);
+        OpenPGPSignature.OpenPGPDocumentSignature signature = signMessage(messageBytes, hashAlgorithm, secretKeys);
-        assertEquals(hashAlgorithm.getAlgorithmId(), signature.getHashAlgorithm());
+        assertEquals(hashAlgorithm.getAlgorithmId(), signature.getSignature().getHashAlgorithm());
 
         DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify()
                 .onInputStream(messageIn)
@@ -108,13 +110,13 @@ public class BcHashContextSignerTest {
         assertTrue(metadata.isVerifiedSigned());
     }
 
-    private PGPSignature signMessage(byte[] message, HashAlgorithm hashAlgorithm, OpenPGPKey secretKeys)
+    private OpenPGPSignature.OpenPGPDocumentSignature signMessage(byte[] message, HashAlgorithm hashAlgorithm, OpenPGPKey secretKeys)
             throws NoSuchAlgorithmException {
         // Prepare the hash context
         // This would be done by the caller application
         MessageDigest messageDigest = MessageDigest.getInstance(hashAlgorithm.getAlgorithmName(), new BouncyCastleProvider());
         messageDigest.update(message);
 
-        return BcHashContextSigner.signHashContext(messageDigest, SignatureType.BINARY_DOCUMENT, secretKeys.getPGPSecretKeyRing(), SecretKeyRingProtector.unprotectedKeys());
+        return BcHashContextSigner.signHashContext(messageDigest, SignatureType.BINARY_DOCUMENT, secretKeys, SecretKeyRingProtector.unprotectedKeys());
     }
 }