6 files changed, 40 insertions, 23 deletions

diff --git a/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java b/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java
index 09a0686ab..92aee7199 100644
--- a/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java
+++ b/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java
@@ -29,7 +29,8 @@ import org.eclipse.equinox.internal.p2.artifact.processors.pgp.PGPSignatureVerif
 import org.eclipse.equinox.internal.p2.engine.*;
 import org.eclipse.equinox.p2.core.*;
 import org.eclipse.equinox.p2.core.UIServices.TrustInfo;
-import org.eclipse.equinox.p2.engine.*;
+import org.eclipse.equinox.p2.engine.IProfile;
+import org.eclipse.equinox.p2.engine.ProfileScope;
 import org.eclipse.equinox.p2.repository.artifact.IArtifactDescriptor;
 import org.eclipse.osgi.service.security.TrustEngine;
 import org.eclipse.osgi.signedcontent.*;
@@ -49,6 +50,11 @@ public class CertificateChecker {
 
 	public static final String TRUSTED_KEY_STORE_PROPERTY = "pgp.trustedPublicKeys"; //$NON-NLS-1$
 
+	/***
+	 * Store the optional profile for PGP key handling
+	 */
+	private IProfile profile;
+
 	/**
 	 * Stores artifacts to check
 	 */
@@ -302,21 +308,21 @@ public class CertificateChecker {
 
 	}
 
+	public void setProfile(IProfile profile) {
+		this.profile = profile;
+	}
+
 	public void add(Map<IArtifactDescriptor, File> toAdd) {
 		artifacts.putAll(toAdd);
 	}
 
 	public PGPPublicKeyStore buildPGPTrustore() {
 		PGPPublicKeyStore trustStore = new PGPPublicKeyStore();
-		// load from profile properties
-		if (agent != null && agent.getService(IAgentLocation.SERVICE_NAME) != null) {
-			IProfile profile = agent.getService(IProfileRegistry.class).getProfile(IProfileRegistry.SELF);
-			if (profile != null) {
-				trustStore.addKeys(profile.getProperty(TRUSTED_KEY_STORE_PROPERTY));
-				ProfileScope profileScope = new ProfileScope(agent.getService(IAgentLocation.class),
-						profile.getProfileId());
-				trustStore.addKeys(profileScope.getNode(EngineActivator.ID).get(TRUSTED_KEY_STORE_PROPERTY, null));
-			}
+		if (profile != null) {
+			trustStore.addKeys(profile.getProperty(TRUSTED_KEY_STORE_PROPERTY));
+			ProfileScope profileScope = new ProfileScope(agent.getService(IAgentLocation.class),
+					profile.getProfileId());
+			trustStore.addKeys(profileScope.getNode(EngineActivator.ID).get(TRUSTED_KEY_STORE_PROPERTY, null));
 		}
 		// load from bundles providing capability
 		for (IConfigurationElement extension : RegistryFactory.getRegistry()
@@ -372,16 +378,18 @@ public class CertificateChecker {
 	}
 
 	public IStatus persistTrustedKeys(PGPPublicKeyStore trustStore) {
-		IProfile profile = agent.getService(IProfileRegistry.class).getProfile(IProfileRegistry.SELF);
-		ProfileScope profileScope = new ProfileScope(agent.getService(IAgentLocation.class), profile.getProfileId());
-		IEclipsePreferences node = profileScope.getNode(EngineActivator.ID);
-		try {
-			node.put(TRUSTED_KEY_STORE_PROPERTY, trustStore.toArmoredString());
-			node.flush();
-			return Status.OK_STATUS;
-		} catch (IOException | BackingStoreException ex) {
-			return new Status(IStatus.ERROR, EngineActivator.ID, ex.getMessage(), ex);
+		if (profile != null) {
+			ProfileScope profileScope = new ProfileScope(agent.getService(IAgentLocation.class),
+					profile.getProfileId());
+			IEclipsePreferences node = profileScope.getNode(EngineActivator.ID);
+			try {
+				node.put(TRUSTED_KEY_STORE_PROPERTY, trustStore.toArmoredString());
+				node.flush();
+			} catch (IOException | BackingStoreException ex) {
+				return new Status(IStatus.ERROR, EngineActivator.ID, ex.getMessage(), ex);
+			}
 		}
+		return Status.OK_STATUS;
 	}
 }
 
diff --git a/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CheckTrust.java b/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CheckTrust.java
index e885ad1f6..5b81e7ba3 100644
--- a/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CheckTrust.java
+++ b/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CheckTrust.java
@@ -60,6 +60,7 @@ public class CheckTrust extends InstallableUnitPhase {
 		// Instantiate a check trust manager
 		CertificateChecker certificateChecker = new CertificateChecker(agent);
 		certificateChecker.add(artifactRequests);
+		certificateChecker.setProfile(profile);
 		return certificateChecker.start();
 	}
 
diff --git a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java
index c251e5cec..346d6eea2 100644
--- a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java
+++ b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java
@@ -28,6 +28,7 @@ import org.eclipse.equinox.internal.p2.metadata.ArtifactKey;
 import org.eclipse.equinox.p2.core.IAgentLocation;
 import org.eclipse.equinox.p2.core.ProvisionException;
 import org.eclipse.equinox.p2.core.UIServices;
+import org.eclipse.equinox.p2.engine.IProfile;
 import org.eclipse.equinox.p2.engine.IProfileRegistry;
 import org.eclipse.equinox.p2.metadata.Version;
 import org.eclipse.equinox.p2.repository.artifact.spi.ArtifactDescriptor;
@@ -276,7 +277,7 @@ public class CertificateCheckerTest extends AbstractProvisioningTest {
 					Files.createTempDirectory(
 							CertificateCheckerTest.class.getName() + "testPGPSignedArtifactTrustedKey-profile")
 							.toUri()));
-			testAgent.getService(IProfileRegistry.class).addProfile(IProfileRegistry.SELF,
+			IProfile profile = testAgent.getService(IProfileRegistry.class).addProfile(IProfileRegistry.SELF,
 					Map.of(CertificateChecker.TRUSTED_KEY_STORE_PROPERTY, PGP_SIGNER1_PUBLIC_KEY));
 			unsigned = TestData.getFile("pgp/repoPGPOK/plugins", "blah_1.0.0.123456.jar");
 			ArtifactDescriptor artifactDescriptor = new ArtifactDescriptor(
@@ -284,6 +285,8 @@ public class CertificateCheckerTest extends AbstractProvisioningTest {
 			artifactDescriptor.addProperties(
 					Map.of(PGPSignatureVerifier.PGP_SIGNATURES_PROPERTY_NAME, PGP_SIGNER1_SIGNATURE));
 			checker.add(Map.of(artifactDescriptor, unsigned));
+			checker.setProfile(profile);
+
 			System.getProperties().setProperty(EngineActivator.PROP_UNSIGNED_POLICY, EngineActivator.UNSIGNED_PROMPT);
 			IStatus result = checker.start();
 			assertTrue(result.isOK());
diff --git a/bundles/org.eclipse.equinox.p2.ui.sdk/META-INF/MANIFEST.MF b/bundles/org.eclipse.equinox.p2.ui.sdk/META-INF/MANIFEST.MF
index 988cfdd1b..35df9354d 100644
--- a/bundles/org.eclipse.equinox.p2.ui.sdk/META-INF/MANIFEST.MF
+++ b/bundles/org.eclipse.equinox.p2.ui.sdk/META-INF/MANIFEST.MF
@@ -2,7 +2,7 @@ Manifest-Version: 1.0
 Bundle-ManifestVersion: 2
 Bundle-Name: %bundleName
 Bundle-SymbolicName: org.eclipse.equinox.p2.ui.sdk;singleton:=true
-Bundle-Version: 1.2.3.qualifier
+Bundle-Version: 1.2.4.qualifier
 Bundle-Activator: org.eclipse.equinox.internal.p2.ui.sdk.ProvSDKUIActivator
 Bundle-Vendor: %providerName
 Bundle-Localization: plugin
diff --git a/bundles/org.eclipse.equinox.p2.ui.sdk/pom.xml b/bundles/org.eclipse.equinox.p2.ui.sdk/pom.xml
index 32f6d437e..79dad4d2b 100644
--- a/bundles/org.eclipse.equinox.p2.ui.sdk/pom.xml
+++ b/bundles/org.eclipse.equinox.p2.ui.sdk/pom.xml
@@ -9,6 +9,6 @@
 	</parent>
 	<groupId>org.eclipse.equinox</groupId>
 	<artifactId>org.eclipse.equinox.p2.ui.sdk</artifactId>
-	<version>1.2.3-SNAPSHOT</version>
+	<version>1.2.4-SNAPSHOT</version>
 	<packaging>eclipse-plugin</packaging>
 </project>
diff --git a/bundles/org.eclipse.equinox.p2.ui.sdk/src/org/eclipse/equinox/internal/p2/ui/sdk/TrustPreferencePage.java b/bundles/org.eclipse.equinox.p2.ui.sdk/src/org/eclipse/equinox/internal/p2/ui/sdk/TrustPreferencePage.java
index 417ba2d68..f875fd6dc 100644
--- a/bundles/org.eclipse.equinox.p2.ui.sdk/src/org/eclipse/equinox/internal/p2/ui/sdk/TrustPreferencePage.java
+++ b/bundles/org.eclipse.equinox.p2.ui.sdk/src/org/eclipse/equinox/internal/p2/ui/sdk/TrustPreferencePage.java
@@ -20,6 +20,8 @@ import org.eclipse.core.runtime.Status;
 import org.eclipse.equinox.internal.p2.artifact.processors.pgp.PGPPublicKeyStore;
 import org.eclipse.equinox.internal.p2.engine.phases.CertificateChecker;
 import org.eclipse.equinox.internal.p2.ui.ProvUIActivator;
+import org.eclipse.equinox.p2.core.IProvisioningAgent;
+import org.eclipse.equinox.p2.engine.IProfileRegistry;
 import org.eclipse.jface.dialogs.IDialogConstants;
 import org.eclipse.jface.preference.PreferencePage;
 import org.eclipse.jface.viewers.*;
@@ -81,7 +83,10 @@ public class TrustPreferencePage extends PreferencePage implements IWorkbenchPre
 		userColumn.getColumn().setWidth(400);
 		userColumn.getColumn().setText(ProvSDKMessages.TrustPreferencePage_userColumn);
 		viewer.getControl().setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, true));
-		certificateChecker = new CertificateChecker(ProvSDKUIActivator.getDefault().getProvisioningAgent());
+		IProvisioningAgent provisioningAgent = ProvSDKUIActivator.getDefault().getProvisioningAgent();
+		certificateChecker = new CertificateChecker(provisioningAgent);
+		certificateChecker
+				.setProfile(provisioningAgent.getService(IProfileRegistry.class).getProfile(IProfileRegistry.SELF));
 		trustedKeys = certificateChecker.buildPGPTrustore();
 		viewer.setInput(trustedKeys.all());
 		Composite buttonComposite = createVerticalButtonBar(res);