Refactoring: Move signature verification stuff to consumer subpacket

pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java

@@ -56,8 +56,8 @@ import org.pgpainless.key.SubkeyIdentifier;
 import org.pgpainless.key.info.KeyRingInfo;
 import org.pgpainless.key.protection.SecretKeyRingProtector;
 import org.pgpainless.key.protection.UnlockSecretKey;
-import org.pgpainless.signature.DetachedSignatureCheck;
+import org.pgpainless.signature.consumer.DetachedSignatureCheck;
-import org.pgpainless.signature.OnePassSignatureCheck;
+import org.pgpainless.signature.consumer.OnePassSignatureCheck;
 import org.pgpainless.signature.SignatureUtils;
 import org.pgpainless.util.CRCingArmoredInputStreamWrapper;
 import org.pgpainless.util.PGPUtilWrapper;

pgpainless-core/src/main/java/org/pgpainless/decryption_verification/SignatureInputStream.java

@@ -4,7 +4,7 @@
 
 package org.pgpainless.decryption_verification;
 
-import static org.pgpainless.signature.SignatureValidator.signatureWasCreatedInBounds;
+import static org.pgpainless.signature.consumer.SignatureValidator.signatureWasCreatedInBounds;
 
 import java.io.FilterInputStream;
 import java.io.IOException;
@@ -20,9 +20,9 @@ import org.bouncycastle.openpgp.PGPSignatureList;
 import org.pgpainless.PGPainless;
 import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.policy.Policy;
-import org.pgpainless.signature.CertificateValidator;
+import org.pgpainless.signature.consumer.CertificateValidator;
-import org.pgpainless.signature.DetachedSignatureCheck;
+import org.pgpainless.signature.consumer.DetachedSignatureCheck;
-import org.pgpainless.signature.OnePassSignatureCheck;
+import org.pgpainless.signature.consumer.OnePassSignatureCheck;
 import org.pgpainless.signature.SignatureUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

pgpainless-core/src/main/java/org/pgpainless/key/KeyRingValidator.java

@@ -19,8 +19,8 @@ import org.pgpainless.algorithm.SignatureType;
 import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.implementation.ImplementationFactory;
 import org.pgpainless.policy.Policy;
-import org.pgpainless.signature.SignatureCreationDateComparator;
+import org.pgpainless.signature.consumer.SignatureCreationDateComparator;
-import org.pgpainless.signature.SignatureVerifier;
+import org.pgpainless.signature.consumer.SignatureVerifier;
 import org.pgpainless.util.CollectionUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java

@@ -39,7 +39,7 @@ import org.pgpainless.exception.KeyValidationError;
 import org.pgpainless.key.OpenPgpFingerprint;
 import org.pgpainless.key.SubkeyIdentifier;
 import org.pgpainless.policy.Policy;
-import org.pgpainless.signature.SignaturePicker;
+import org.pgpainless.signature.consumer.SignaturePicker;
 import org.pgpainless.signature.SignatureUtils;
 import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
 

pgpainless-core/src/main/java/org/pgpainless/signature/builder/SignatureFactory.java

@@ -16,9 +16,9 @@ import org.pgpainless.exception.WrongPassphraseException;
 import org.pgpainless.key.protection.SecretKeyRingProtector;
 import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
 
-public final class SignatureBuilder {
+public final class SignatureFactory {
 
-    private SignatureBuilder() {
+    private SignatureFactory() {
 
     }
 

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/CertificateValidator.java

@@ -2,9 +2,9 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
-import static org.pgpainless.signature.SignatureVerifier.verifyOnePassSignature;
+import static org.pgpainless.signature.consumer.SignatureVerifier.verifyOnePassSignature;
 
 import java.io.InputStream;
 import java.util.ArrayList;
@@ -24,6 +24,7 @@ import org.pgpainless.algorithm.KeyFlag;
 import org.pgpainless.algorithm.SignatureType;
 import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.policy.Policy;
+import org.pgpainless.signature.SignatureUtils;
 import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/DetachedSignatureCheck.java

@@ -2,7 +2,7 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
 import org.bouncycastle.openpgp.PGPKeyRing;
 import org.bouncycastle.openpgp.PGPSignature;

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/OnePassSignatureCheck.java

@@ -2,7 +2,7 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
 import org.bouncycastle.openpgp.PGPOnePassSignature;
 import org.bouncycastle.openpgp.PGPPublicKeyRing;

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/ProofUtil.java

@@ -2,7 +2,7 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
 import java.util.ArrayList;
 import java.util.Collections;

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureCreationDateComparator.java

@@ -2,7 +2,7 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
 import java.util.Comparator;
 

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignaturePicker.java

@@ -2,7 +2,7 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
 import java.util.Collections;
 import java.util.Date;
@@ -15,6 +15,7 @@ import org.bouncycastle.openpgp.PGPSignature;
 import org.pgpainless.algorithm.SignatureType;
 import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.policy.Policy;
+import org.pgpainless.signature.SignatureUtils;
 import org.pgpainless.util.CollectionUtils;
 
 /**

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureValidator.java

@@ -2,7 +2,7 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
@@ -30,6 +30,7 @@ import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.implementation.ImplementationFactory;
 import org.pgpainless.key.OpenPgpFingerprint;
 import org.pgpainless.policy.Policy;
+import org.pgpainless.signature.SignatureUtils;
 import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
 import org.pgpainless.util.BCUtil;
 import org.pgpainless.util.DateUtil;

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureValidityComparator.java

@@ -2,18 +2,19 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
 import java.util.Comparator;
 
 import org.bouncycastle.openpgp.PGPSignature;
+import org.pgpainless.signature.SignatureUtils;
 
 /**
  * Comparator which sorts signatures based on an ordering and on revocation hardness.
  *
  * If a list of signatures gets ordered using this comparator, hard revocations will always
  * come first.
- * Further, signatures are ordered by date according to the {@link org.pgpainless.signature.SignatureCreationDateComparator.Order}.
+ * Further, signatures are ordered by date according to the {@link SignatureCreationDateComparator.Order}.
  */
 public class SignatureValidityComparator implements Comparator<PGPSignature> {
 

pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureVerifier.java

@@ -2,7 +2,7 @@
 //
 // SPDX-License-Identifier: Apache-2.0
 
-package org.pgpainless.signature;
+package org.pgpainless.signature.consumer;
 
 import java.io.IOException;
 import java.io.InputStream;

pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/CertificationSubpackets.java

@@ -0,0 +1,18 @@
+// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package org.pgpainless.signature.subpackets;
+
+public interface CertificationSubpackets extends BaseSignatureSubpackets {
+
+    interface Callback {
+        default void modifyHashedSubpackets(CertificationSubpackets subpackets) {
+
+        }
+
+        default void modifyUnhashedSubpackets(CertificationSubpackets subpackets) {
+
+        }
+    }
+}

pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CleartextSignatureVerificationTest.java

@@ -34,9 +34,9 @@ import org.pgpainless.encryption_signing.SigningOptions;
 import org.pgpainless.exception.WrongConsumingMethodException;
 import org.pgpainless.key.TestKeys;
 import org.pgpainless.key.protection.SecretKeyRingProtector;
-import org.pgpainless.signature.CertificateValidator;
+import org.pgpainless.signature.consumer.CertificateValidator;
 import org.pgpainless.signature.SignatureUtils;
-import org.pgpainless.signature.SignatureVerifier;
+import org.pgpainless.signature.consumer.SignatureVerifier;
 import org.pgpainless.util.ArmorUtils;
 import org.pgpainless.util.TestUtils;
 

pgpainless-core/src/test/java/org/pgpainless/signature/BindingSignatureSubpacketsTest.java

@@ -22,6 +22,7 @@ import org.pgpainless.PGPainless;
 import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.implementation.ImplementationFactory;
 import org.pgpainless.policy.Policy;
+import org.pgpainless.signature.consumer.CertificateValidator;
 
 /**
  * Explores how subpackets on binding sigs are handled.

pgpainless-core/src/test/java/org/pgpainless/signature/CertificateValidatorTest.java

@@ -28,6 +28,7 @@ import org.pgpainless.decryption_verification.OpenPgpMetadata;
 import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.implementation.ImplementationFactory;
 import org.pgpainless.policy.Policy;
+import org.pgpainless.signature.consumer.CertificateValidator;
 
 public class CertificateValidatorTest {
 

pgpainless-core/src/test/java/org/pgpainless/signature/KeyRevocationTest.java

@@ -19,6 +19,7 @@ import org.junit.jupiter.params.provider.MethodSource;
 import org.pgpainless.PGPainless;
 import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.implementation.ImplementationFactory;
+import org.pgpainless.signature.consumer.CertificateValidator;
 
 public class KeyRevocationTest {
 

pgpainless-core/src/test/java/org/pgpainless/signature/SignatureOverUserAttributesTest.java

@@ -28,6 +28,7 @@ import org.pgpainless.implementation.ImplementationFactory;
 import org.pgpainless.key.TestKeys;
 import org.pgpainless.key.protection.SecretKeyRingProtector;
 import org.pgpainless.key.protection.UnlockSecretKey;
+import org.pgpainless.signature.consumer.SignatureVerifier;
 
 public class SignatureOverUserAttributesTest {
 

pgpainless-core/src/test/java/org/pgpainless/signature/SignatureSubpacketsUtilTest.java

@@ -46,6 +46,7 @@ import org.pgpainless.key.TestKeys;
 import org.pgpainless.key.protection.SecretKeyRingProtector;
 import org.pgpainless.key.protection.UnlockSecretKey;
 import org.pgpainless.policy.Policy;
+import org.pgpainless.signature.consumer.SignaturePicker;
 import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
 
 public class SignatureSubpacketsUtilTest {

pgpainless-core/src/test/java/org/pgpainless/signature/SignatureWasPossiblyMadeByKeyTest.java

@@ -17,6 +17,7 @@ import org.junit.jupiter.api.Test;
 import org.pgpainless.PGPainless;
 import org.pgpainless.exception.SignatureValidationException;
 import org.pgpainless.key.OpenPgpV4Fingerprint;
+import org.pgpainless.signature.consumer.SignatureValidator;
 
 public class SignatureWasPossiblyMadeByKeyTest {
 

pgpainless-core/src/test/java/org/pgpainless/signature/builder/ProofUtilTest.java

@@ -20,7 +20,7 @@ import org.junit.jupiter.api.Test;
 import org.pgpainless.PGPainless;
 import org.pgpainless.key.info.KeyRingInfo;
 import org.pgpainless.key.protection.SecretKeyRingProtector;
-import org.pgpainless.signature.ProofUtil;
+import org.pgpainless.signature.consumer.ProofUtil;
 
 public class ProofUtilTest {
 

pgpainless-core/src/test/java/org/pgpainless/signature/builder/SubkeyBindingSignatureBuilderTest.java

@@ -45,7 +45,7 @@ public class SubkeyBindingSignatureBuilderTest {
                 .getEncryptionSubkeys(EncryptionPurpose.ANY).get(0);
         PGPSecretKey subkeySec = tempSubkeyRing.getSecretKey(subkeyPub.getKeyID());
 
-        PGPSignature binding = SignatureBuilder.bindNonSigningSubkey(
+        PGPSignature binding = SignatureFactory.bindNonSigningSubkey(
                 secretKey.getSecretKey(), protector,
                 new SelfSignatureSubpackets.Callback() {
                     @Override