Skip to content

refactor(api)!: wrap BouncyCastle PGP types behind SigningKey/VerificationKeyring (#500)#506

Merged
alexmond merged 1 commit into
mainfrom
feat/api-freeze-signature-wrappers
Jun 25, 2026
Merged

refactor(api)!: wrap BouncyCastle PGP types behind SigningKey/VerificationKeyring (#500)#506
alexmond merged 1 commit into
mainfrom
feat/api-freeze-signature-wrappers

Conversation

@alexmond

@alexmond alexmond commented Jun 25, 2026

Copy link
Copy Markdown
Owner

Second slice of #500 (0.4.0 API freeze). SignatureService exposed BouncyCastle types (PGPSecretKey, PGPPublicKeyRingCollection) and the checked PGPException on its public methods, and PackageAction.packageChart leaked PGPSecretKey too — pinning BouncyCastle as a transitive compile dependency of every consumer.

What changed

  • New opaque wrappers in core: SigningKey (holds a PGPSecretKey) and VerificationKeyring (holds a PGPPublicKeyRingCollection), with package-private accessors so only SignatureService unwraps the BC objects.
  • New unchecked SignatureException (extends JhelmException) wraps the checked IOException/PGPException from keyring loading and signing.
  • SignatureService: loadSecretKeyloadSigningKey, loadPublicKeyringloadVerificationKeyring, sign(…) takes SigningKey, verify(…) takes VerificationKeyring; none declare checked exceptions. verify still throws the unchecked SignatureVerificationException for signature/digest failures.
  • PackageAction/VerifyAction updated; no org.bouncycastle imports remain in the action package. Signing/verification logic is byte-for-byte unchanged.

⚠️ Breaking change

The signing/verification API now uses SigningKey/VerificationKeyring and throws SignatureException instead of exposing BouncyCastle types and checked exceptions. The CLI is unaffected (it uses the string-keyring-path overloads).

Verification

  • jhelm-core verify green — 499 tests, format/PMD/Checkstyle clean
  • Full reactor compiles; grep org.bouncycastle in the action package is empty

Part of #500.

🤖 Generated with Claude Code

@alexmond @claude
refactor(api)!: wrap BouncyCastle PGP types behind SigningKey/Verific…
a478acb 
…ationKeyring (#500)

Second slice of the 0.4.0 API freeze. SignatureService exposed BouncyCastle
types (PGPSecretKey, PGPPublicKeyRingCollection) and the checked PGPException on
its public methods, and PackageAction.packageChart leaked PGPSecretKey too —
permanently pinning BouncyCastle as a transitive compile dependency of every
consumer.

- New opaque jhelm-owned wrappers in core: SigningKey (holds a PGPSecretKey) and
  VerificationKeyring (holds a PGPPublicKeyRingCollection), both with
  package-private accessors so only SignatureService unwraps the BC objects.
- New unchecked SignatureException (extends JhelmException) wraps the checked
  IOException/PGPException from keyring loading and signing.
- SignatureService: loadSecretKey -> loadSigningKey, loadPublicKeyring ->
  loadVerificationKeyring, sign(...) takes SigningKey, verify(...) takes
  VerificationKeyring; none declare checked exceptions. verify still throws the
  unchecked SignatureVerificationException for signature/digest failures.
- PackageAction/VerifyAction updated; the org.bouncycastle imports are gone from
  the action package. Signing/verification logic is byte-for-byte unchanged.

BREAKING CHANGE: SignatureService's signing/verification API now uses SigningKey
/ VerificationKeyring and throws SignatureException instead of exposing
BouncyCastle types and checked exceptions.

Verified: jhelm-core verify green (499 tests, format/PMD/Checkstyle); full
reactor compiles; no org.bouncycastle imports remain in the action package.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01U5yvjG89AqMHPAGJawSmg9
@alexmond alexmond added this to the 0.4.0 milestone Jun 25, 2026
@github-actions

github-actions Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor
Overall Project 81.17% -0.27% 🍏
Files changed 82.64% 🍏

Module Coverage
jhelm-core 82.98% -0.41% 🍏
Files
Module File Coverage
jhelm-core SigningKey.java 100% 🍏
VerificationKeyring.java 100% 🍏
VerifyAction.java 100% 🍏
SignatureService.java 88.29% -8.32% 🍏
PackageAction.java 86.83% 🍏
SignatureException.java 44.44% -55.56%

@codecov

codecov Bot commented Jun 25, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 78.66667% with 16 lines in your changes missing coverage. Please review.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
.../alexmond/jhelm/core/service/SignatureService.java 75.43% 11 Missing and 3 partials ⚠️
...xmond/jhelm/core/exception/SignatureException.java 50.00% 2 Missing ⚠️

📢 Thoughts on this report? Let us know!

@alexmond alexmond merged commit caa320e into main Jun 25, 2026
2 checks passed
@alexmond alexmond deleted the feat/api-freeze-signature-wrappers branch June 25, 2026 20:40
@github-actions

github-actions Bot commented Jun 25, 2026

Copy link
Copy Markdown
Contributor
Overall Project 81.17% -0.27% 🍏
Files changed 82.64% 🍏

Module Coverage
jhelm-core 82.98% -0.41% 🍏
Files
Module File Coverage
jhelm-core SigningKey.java 100% 🍏
VerificationKeyring.java 100% 🍏
VerifyAction.java 100% 🍏
SignatureService.java 88.29% -8.32% 🍏
PackageAction.java 86.83% 🍏
SignatureException.java 44.44% -55.56%

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

0.4.0

Development

Successfully merging this pull request may close these issues.

1 participant

@alexmond