From 6d25ddefabd3611362aa6453bd026876396e43de Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Thu, 20 Mar 2025 18:51:29 +0100
Subject: [PATCH] PGPSignatureExtensions: Port wasIssuedBy() to KeyIdentifier

---
 .../extensions/PGPSignatureExtensions.kt        | 17 ++++++-----------
 .../org/pgpainless/signature/SignatureUtils.kt  |  9 ---------
 2 files changed, 6 insertions(+), 20 deletions(-)

diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/PGPSignatureExtensions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/PGPSignatureExtensions.kt
index 1393883c..428a0ee9 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/PGPSignatureExtensions.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/PGPSignatureExtensions.kt
@@ -6,6 +6,7 @@ package org.pgpainless.bouncycastle.extensions
 
 import java.util.*
 import openpgp.plusSeconds
+import org.bouncycastle.bcpg.KeyIdentifier
 import org.bouncycastle.openpgp.PGPPublicKey
 import org.bouncycastle.openpgp.PGPSignature
 import org.pgpainless.algorithm.HashAlgorithm
@@ -56,23 +57,17 @@ val PGPSignature.issuerKeyId: Long
 
 /** Return true, if the signature was likely issued by a key with the given fingerprint. */
 fun PGPSignature.wasIssuedBy(fingerprint: OpenPgpFingerprint): Boolean =
-    this.fingerprint?.let { it.keyId == fingerprint.keyId } ?: (keyID == fingerprint.keyId)
+    wasIssuedBy(fingerprint.keyIdentifier)
 
 /**
  * Return true, if the signature was likely issued by a key with the given fingerprint.
  *
- * @param fingerprint fingerprint bytes
+ * @param key key
  */
-@Deprecated("Discouraged in favor of method taking an OpenPgpFingerprint.")
-fun PGPSignature.wasIssuedBy(fingerprint: ByteArray): Boolean =
-    try {
-        wasIssuedBy(OpenPgpFingerprint.parseFromBinary(fingerprint))
-    } catch (e: IllegalArgumentException) {
-        // Unknown fingerprint length / format
-        false
-    }
+fun PGPSignature.wasIssuedBy(key: PGPPublicKey): Boolean = wasIssuedBy(key.keyIdentifier)
 
-fun PGPSignature.wasIssuedBy(key: PGPPublicKey): Boolean = wasIssuedBy(OpenPgpFingerprint.of(key))
+fun PGPSignature.wasIssuedBy(keyIdentifier: KeyIdentifier): Boolean =
+    KeyIdentifier.matches(this.keyIdentifiers, keyIdentifier, true)
 
 /** Return true, if this signature is a hard revocation. */
 val PGPSignature.isHardRevocation
diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/signature/SignatureUtils.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/signature/SignatureUtils.kt
index e4136cc0..0ef6dc5a 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/signature/SignatureUtils.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/signature/SignatureUtils.kt
@@ -214,15 +214,6 @@ class SignatureUtils {
             return Hex.toHexString(signature.digestPrefix)
         }
 
-        @JvmStatic
-        @Deprecated(
-            "Deprecated in favor of PGPSignature extension method",
-            ReplaceWith(
-                "signature.wasIssuedBy(fingerprint)", "org.bouncycastle.extensions.wasIssuedBy"))
-        fun wasIssuedBy(fingerprint: ByteArray, signature: PGPSignature): Boolean {
-            return signature.wasIssuedBy(fingerprint)
-        }
-
         @JvmStatic
         @Deprecated(
             "Deprecated in favor of PGPSignature extension method",