Improve CHANGELOG again

CHANGELOG.md

@@ -6,6 +6,25 @@ SPDX-License-Identifier: Apache-2.0
 
 # Changelog
 
+## 14.0.0-SNAPSHOT
+- Update implementation to [SOP Specification revision 14](https://www.ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-14.html), 
+  including changes from revisions `11`, `12`, `13`, `14`.
+  - Implement newly introduced operations
+    - `update-key` 'fixes' everything wrong with a key
+    - `merge-certs` merges a certificate with other copies
+    - `certify-userid` create signatures over user-ids on certificates
+    - `validate-userid` validate signatures over user-ids
+  - Add new exceptions
+    - `UnspecificFailure` maps generic application errors
+    - `KeyCannotCertify` signals that a key cannot be used for third-party certifications
+    - `NoHardwareKeyFound` signals that a key backed by a hardware device cannot be found
+    - `HardwareKeyFailure` signals a hardware device failure
+    - `PrimaryKeyBad` signals an unusable or bad primary key
+    - `CertUserIdNoMatch` signals that a user-id cannot be found/validated on a certificate
+  - `Verification`: Add support for JSON description extensions
+- Remove `animalsniffer` from build dependencies
+- Bump `logback` to `1.5.13`
+
 ## 10.1.1
 - Prepare jar files for use in native images, e.g. using GraalVM by generating and including
   configuration files for reflection, resources and dynamic proxies.

build.gradle

@@ -18,7 +18,6 @@ buildscript {
 }
 
 plugins {
-    id 'ru.vyarus.animalsniffer' version '2.0.0'
     id 'org.jetbrains.kotlin.jvm' version "1.9.21"
     id 'com.diffplug.spotless' version '6.22.0' apply false
 }
@@ -35,18 +34,6 @@ allprojects {
     apply plugin: 'kotlin-kapt'
     apply plugin: 'com.diffplug.spotless'
 
-    // For non-cli modules enable android api compatibility check
-    if (it.name.equals('sop-java')) {
-        // animalsniffer
-        apply plugin: 'ru.vyarus.animalsniffer'
-        dependencies {
-            signature "net.sf.androidscents.signature:android-api-level-${minAndroidSdk}:2.3.3_r2@signature"
-        }
-        animalsniffer {
-            sourceSets = [sourceSets.main]
-        }
-    }
-
     // Only generate jar for submodules
     // https://stackoverflow.com/a/25445035
     jar {

external-sop/src/main/kotlin/sop/external/ExternalSOPV.kt

@@ -10,9 +10,11 @@ import sop.SOPV
 import sop.external.ExternalSOP.TempDirProvider
 import sop.external.operation.DetachedVerifyExternal
 import sop.external.operation.InlineVerifyExternal
+import sop.external.operation.ValidateUserIdExternal
 import sop.external.operation.VersionExternal
 import sop.operation.DetachedVerify
 import sop.operation.InlineVerify
+import sop.operation.ValidateUserId
 import sop.operation.Version
 
 /**
@@ -37,6 +39,8 @@ class ExternalSOPV(
     override fun inlineVerify(): InlineVerify =
         InlineVerifyExternal(binaryName, properties, tempDirProvider)
 
+    override fun validateUserId(): ValidateUserId = ValidateUserIdExternal(binaryName, properties)
+
     companion object {
 
         /**

sop-java-picocli/src/main/resources/msg_update-key.properties

@@ -4,7 +4,7 @@
 usage.header=Keep a secret key up-to-date
 no-armor=ASCII armor the output
 signing-only=TODO: Document
-no-new-mechanisms=Do not add feature support for new mechanisms, which the key did not previously support
+no-added-capabilities=Do not add feature support for new mechanisms, which the key did not previously support
 with-key-password.0=Passphrase to unlock the secret key(s).
 with-key-password.1=Is an INDIRECT data type (e.g. file, environment variable, file descriptor...).
 merge-certs.0=Merge additional elements found in the corresponding CERTS objects into the updated secret keys

sop-java-picocli/src/main/resources/msg_update-key_de.properties

@@ -4,7 +4,7 @@
 usage.header=Halte einen Schlüssel auf dem neusten Stand
 no-armor=Schütze Ausgabe mit ASCII Armor
 signing-only=TODO: Dokumentieren
-no-new-mechanisms=Füge keine neuen Funktionen hinzu, die der Schlüssel nicht bereits zuvor unterstützt hat
+no-added-capabilities=Füge keine neuen Funktionen hinzu, die der Schlüssel nicht bereits zuvor unterstützt hat
 with-key-password.0=Passwort zum Entsperren der privaten Schlüssel
 with-key-password.1=Ist INDIREKTER Datentyp (z.B.. Datei, Umgebungsvariable, Dateideskriptor...).
 merge-certs.0=Führe zusätzliche Elemente aus entsprechenden CERTS Objekten mit dem privaten Schlüssel zusammen

sop-java-picocli/src/main/resources/msg_version.properties

@@ -5,6 +5,7 @@ usage.header=Display version information about the tool
 extended=Print an extended version string
 backend=Print information about the cryptographic backend
 sop-spec=Print the latest revision of the SOP specification targeted by the implementation
+sopv=Print the SOPV API version
 
 standardOutput=version information
 

sop-java-picocli/src/main/resources/msg_version_de.properties

@@ -5,6 +5,7 @@ usage.header=Zeige Versionsinformationen
 extended=Gebe erweiterte Versionsinformationen aus
 backend=Gebe Informationen über das kryptografische Backend aus
 sop-spec=Gebe die neuste Revision der SOP Spezifikation aus, welche von dieser Implementierung umgesetzt wird
+sopv=Gebe die SOPV API Version aus
 
 standardOutput=Versionsinformationen
 

sop-java-testfixtures/src/main/java/sop/testsuite/operation/VersionTest.java

@@ -86,4 +86,10 @@ public class VersionTest extends AbstractSOPTest {
             throw new TestAbortedException("Implementation does not provide coverage for any sopv interface version.");
         }
     }
+
+    @ParameterizedTest
+    @MethodSource("provideInstances")
+    public void sopJavaVersionTest(SOP sop) {
+        assertNotNull(sop.version().getSopJavaVersion());
+    }
 }

sop-java/src/main/kotlin/sop/SOP.kt

@@ -68,7 +68,4 @@ interface SOP : SOPV {
 
     /** Certify OpenPGP Certificate User-IDs. */
     fun certifyUserId(): CertifyUserId?
-
-    /** Validate a UserID in an OpenPGP certificate. */
-    fun validateUserId(): ValidateUserId?
 }

sop-java/src/main/kotlin/sop/SOPV.kt

@@ -6,6 +6,7 @@ package sop
 
 import sop.operation.DetachedVerify
 import sop.operation.InlineVerify
+import sop.operation.ValidateUserId
 import sop.operation.Version
 
 /** Subset of [SOP] implementing only OpenPGP signature verification. */
@@ -31,4 +32,7 @@ interface SOPV {
      * a message, use [detachedVerify] instead.
      */
     fun inlineVerify(): InlineVerify?
+
+    /** Validate a UserID in an OpenPGP certificate. */
+    fun validateUserId(): ValidateUserId?
 }

sop-java/src/main/kotlin/sop/operation/Version.kt

@@ -115,12 +115,12 @@ interface Version {
     fun getSopJavaVersion(): String? {
         return try {
             val resourceIn: InputStream =
-                javaClass.getResourceAsStream("/sop-java-version.properties")
+                Version::class.java.getResourceAsStream("/sop-java-version.properties")
                     ?: throw IOException("File sop-java-version.properties not found.")
             val properties = Properties().apply { load(resourceIn) }
             properties.getProperty("sop-java-version")
         } catch (e: IOException) {
-            null
+            "DEVELOPMENT"
         }
     }
 }

sop-java/src/test/java/sop/VerificationJSONTest.java

@@ -81,12 +81,12 @@ public class VerificationJSONTest {
                 sb.append("\"signers\": [");
                 for (Iterator<String> iterator = json.getSigners().iterator(); iterator.hasNext(); ) {
                     String signer = iterator.next();
-                    sb.append("\"").append(signer).append("\"");
+                    sb.append('\"').append(signer).append('\"');
                     if (iterator.hasNext()) {
                         sb.append(", ");
                     }
                 }
-                sb.append("]");
+                sb.append(']');
             }
 
             if (json.getComment() != null) {
@@ -94,7 +94,7 @@ public class VerificationJSONTest {
                     sb.append(", ");
                 }
                 comma = true;
-                sb.append("\"comment\": \"").append(json.getComment()).append("\"");
+                sb.append("\"comment\": \"").append(json.getComment()).append('\"');
             }
 
             if (json.getExt() != null) {
@@ -104,7 +104,7 @@ public class VerificationJSONTest {
                 comma = true;
                 sb.append("\"ext\": ").append(json.getExt().toString());
             }
-            return sb.append("}").toString();
+            return sb.append('}').toString();
         }
     };
 

version.gradle

@@ -4,15 +4,13 @@
 
 allprojects {
     ext {
-        shortVersion = '11.0.0'
+        shortVersion = '14.0.0'
         isSnapshot = true
-        minAndroidSdk = 10
         javaSourceCompatibility = 11
         gsonVersion = '2.10.1'
         jsrVersion = '3.0.2'
         junitVersion = '5.8.2'
-        junitSysExitVersion = '1.1.2'
+        logbackVersion = '1.5.13'
-        logbackVersion = '1.2.13' // 1.4+ cause CLI spam
         mockitoVersion = '4.5.1'
         picocliVersion = '4.6.3'
         slf4jVersion = '1.7.36'