From 996984cbb5c98cdf3fc72caf1545ff59f55e6eb0 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Fri, 28 Feb 2025 13:08:15 +0100
Subject: [PATCH] Rework OnePassSignatureCheck

---
 .../consumer/OnePassSignatureCheck.kt         | 25 ++++++++++++-------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/signature/consumer/OnePassSignatureCheck.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/signature/consumer/OnePassSignatureCheck.kt
index 7536776e..97248420 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/signature/consumer/OnePassSignatureCheck.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/signature/consumer/OnePassSignatureCheck.kt
@@ -5,31 +5,38 @@
 package org.pgpainless.signature.consumer
 
 import org.bouncycastle.openpgp.PGPOnePassSignature
-import org.bouncycastle.openpgp.PGPPublicKeyRing
 import org.bouncycastle.openpgp.PGPSignature
 import org.bouncycastle.openpgp.api.OpenPGPCertificate
+import org.bouncycastle.openpgp.api.OpenPGPCertificate.OpenPGPComponentKey
+import org.pgpainless.bouncycastle.extensions.getSigningKeyFor
 import org.pgpainless.key.SubkeyIdentifier
 
 /**
- * Tuple-class that bundles together a [PGPOnePassSignature] object, a [PGPPublicKeyRing] destined
- * to verify the signature, the [PGPSignature] itself and a record of whether the signature was
- * verified.
+ * Tuple-class that bundles together a [PGPOnePassSignature] object, an [OpenPGPCertificate]
+ * destined to verify the signature.
  *
  * @param onePassSignature the one-pass-signature packet
  * @param verificationKeys certificate containing the signing subkey
- * @param signature the signature packet
  */
 data class OnePassSignatureCheck(
     val onePassSignature: PGPOnePassSignature,
-    val verificationKeys: OpenPGPCertificate,
-    var signature: PGPSignature? = null
+    val verificationKeys: OpenPGPCertificate
 ) {
 
+    var signature: PGPSignature? = null
+
+    constructor(
+        onePassSignature: PGPOnePassSignature,
+        verificationKey: OpenPGPComponentKey
+    ) : this(onePassSignature, verificationKey.certificate)
+
+    val signingKey: OpenPGPComponentKey? = verificationKeys.getSigningKeyFor(onePassSignature)
+
     /**
      * Return an identifier for the signing key.
      *
      * @return signing key fingerprint
      */
-    val signingKey: SubkeyIdentifier
-        get() = SubkeyIdentifier(verificationKeys.pgpPublicKeyRing, onePassSignature.keyID)
+    val signingKeyIdentifier: SubkeyIdentifier?
+        get() = signingKey?.let { SubkeyIdentifier(it) }
 }