From 17931da46e5b4aebcc4bc2b6a7bdd8c2cc7d19f3 Mon Sep 17 00:00:00 2001
From: Tamas Cservenak <tamas@cservenak.net>
Date: Sat, 23 Mar 2024 20:40:33 +0100
Subject: [PATCH] [MGPG-115] Show more info about key used to sign

---

https://issues.apache.org/jira/browse/MGPG-115
---
 .../maven/plugins/gpg/AbstractGpgSigner.java       | 14 ++++++++++++++
 .../org/apache/maven/plugins/gpg/BcSigner.java     | 10 ++++++++++
 .../maven/plugins/gpg/GpgSignAttachedMojo.java     |  2 +-
 .../org/apache/maven/plugins/gpg/GpgSigner.java    |  7 ++++++-
 .../maven/plugins/gpg/SignAndDeployFileMojo.java   |  2 +-
 5 files changed, 32 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgSigner.java b/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgSigner.java
index daef26d..0c1a9a4 100644
--- a/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgSigner.java
+++ b/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgSigner.java
@@ -124,10 +124,24 @@ public void setPublicKeyring(String path) {
 
     public abstract String signerName();
 
+    /**
+     * Must be invoked BEFORE signing!
+     *
+     * @since 3.2.0
+     */
     public void prepare() throws MojoFailureException {}
 
+    /**
+     * Should return some identification about the used key for logging purposes.
+     * Can be invoked only AFTER {@link #prepare()} was invoked.
+     *
+     * @since 3.2.2
+     */
+    public abstract String getKeyInfo();
+
     /**
      * Create a detached signature file for the provided file.
+     * Can be invoked only AFTER {@link #prepare()} was invoked.
      *
      * @param file The file to sign
      * @return A reference to the generated signature file
diff --git a/src/main/java/org/apache/maven/plugins/gpg/BcSigner.java b/src/main/java/org/apache/maven/plugins/gpg/BcSigner.java
index f53ad09..b31623c 100644
--- a/src/main/java/org/apache/maven/plugins/gpg/BcSigner.java
+++ b/src/main/java/org/apache/maven/plugins/gpg/BcSigner.java
@@ -33,6 +33,7 @@
 import java.time.LocalDateTime;
 import java.time.ZoneId;
 import java.util.Arrays;
+import java.util.Iterator;
 import java.util.List;
 import java.util.Locale;
 import java.util.stream.Collectors;
@@ -361,6 +362,15 @@ public void prepare() throws MojoFailureException {
         }
     }
 
+    @Override
+    public String getKeyInfo() {
+        Iterator<String> userIds = secretKey.getPublicKey().getUserIDs();
+        if (userIds.hasNext()) {
+            return userIds.next();
+        }
+        return Hex.toHexString(secretKey.getPublicKey().getFingerprint());
+    }
+
     @Override
     protected void generateSignatureForFile(File file, File signature) throws MojoExecutionException {
         try (InputStream in = Files.newInputStream(file.toPath());
diff --git a/src/main/java/org/apache/maven/plugins/gpg/GpgSignAttachedMojo.java b/src/main/java/org/apache/maven/plugins/gpg/GpgSignAttachedMojo.java
index b72d387..9eb9a90 100644
--- a/src/main/java/org/apache/maven/plugins/gpg/GpgSignAttachedMojo.java
+++ b/src/main/java/org/apache/maven/plugins/gpg/GpgSignAttachedMojo.java
@@ -88,7 +88,7 @@ protected void doExecute() throws MojoExecutionException, MojoFailureException {
         signer.setBaseDirectory(project.getBasedir());
 
         getLog().info("Signer '" + signer.signerName() + "' is signing " + items.size() + " file"
-                + ((items.size() > 1) ? "s" : ""));
+                + ((items.size() > 1) ? "s" : "") + " with key " + signer.getKeyInfo());
 
         for (FilesCollector.Item item : items) {
             getLog().debug("Generating signature for " + item.getFile());
diff --git a/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java b/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java
index 02158ee..b4f9e08 100644
--- a/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java
+++ b/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java
@@ -34,7 +34,7 @@
  */
 public class GpgSigner extends AbstractGpgSigner {
     public static final String NAME = "gpg";
-    private String executable;
+    private final String executable;
 
     public GpgSigner(String executable) {
         this.executable = executable;
@@ -45,6 +45,11 @@ public String signerName() {
         return NAME;
     }
 
+    @Override
+    public String getKeyInfo() {
+        return keyname != null ? keyname : "default";
+    }
+
     /**
      * {@inheritDoc}
      */
diff --git a/src/main/java/org/apache/maven/plugins/gpg/SignAndDeployFileMojo.java b/src/main/java/org/apache/maven/plugins/gpg/SignAndDeployFileMojo.java
index a276e13..12b191f 100644
--- a/src/main/java/org/apache/maven/plugins/gpg/SignAndDeployFileMojo.java
+++ b/src/main/java/org/apache/maven/plugins/gpg/SignAndDeployFileMojo.java
@@ -340,7 +340,7 @@ protected void doExecute() throws MojoExecutionException, MojoFailureException {
         signer.setBaseDirectory(new File("").getAbsoluteFile());
 
         getLog().info("Signer '" + signer.signerName() + "' is signing " + artifacts.size() + " file"
-                + ((artifacts.size() > 1) ? "s" : ""));
+                + ((artifacts.size() > 1) ? "s" : "") + " with key " + signer.getKeyInfo());
 
         ArrayList<Artifact> signatures = new ArrayList<>();
         for (Artifact a : artifacts) {