Fix documentation of merge-certs command

Replaced with custom test DSL that avoids System.exit

.woodpecker/build.yml

@@ -16,6 +16,4 @@ steps:
       - gradle check javadocAll
       # Code has coverage
       - gradle jacocoRootReport coveralls
-    environment:
+    secrets: [coveralls_repo_token]
-      coveralls_repo_token:
-        from_secret: coveralls_repo_token

CHANGELOG.md

@@ -6,37 +6,10 @@ SPDX-License-Identifier: Apache-2.0
 
 # Changelog
 
-## 10.1.1-SNAPSHOT
+## 10.0.1-SNAPSHOT
-- Prepare jar files for use in native images, e.g. using GraalVM by generating and including
-  configuration files for reflection, resources and dynamic proxies.
-
-## 10.1.0
-- `sop-java`:
-  - Remove `label()` option from `armor()` subcommand
-  - Move test-fixtures artifact built with the `testFixtures` plugin into
-    its own module `sop-java-testfixtures`, which can be consumed by maven builds.
-- `sop-java-picocli`:
-  - Properly map `MissingParameterException` to `MissingArg` exit code
-  - As a workaround for native builds using graalvm:
-    - Do not re-set message bundles dynamically (fails in native builds)
-    - Prevent an unmatched argument error
-
-## 10.0.3
-- CLI `change-key-password`: Fix indirect parameter passing for new and old passwords (thanks to @dkg for the report)
-- Backport: `revoke-key`: Allow for multiple password options
-
-## 10.0.2
-- Downgrade `logback-core` to `1.2.13`
-
-## 10.0.1
 - Remove `label()` option from `Armor` operation
 - Fix exit code for 'Missing required option/parameter' error
 - Fix `revoke-key`: Allow for multiple invocations of `--with-key-password` option
-- Fix `EncryptExternal` use of `--sign-with` parameter
-- Fix `NullPointerException` in `DecryptExternal` when reading lines
-- Fix `DecryptExternal` use of `verifications-out`
-- Test suite: Ignore tests if `UnsupportedOption` is thrown
-- Bump `logback-core` to `1.4.14`
 
 ## 10.0.0
 - Update implementation to [SOP Specification revision 10](https://www.ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-10.html).
@@ -44,10 +17,6 @@ SPDX-License-Identifier: Apache-2.0
   - Introduce `sopv` interface subset with revision `1.0`
   - Add `sop version --sopv`
 
-## 8.0.2
-- CLI `change-key-password`: Fix indirect parameter passing for new and old passwords (thanks to @dkg for the report)
-- Backport: `revoke-key`: Allow for multiple password options
-
 ## 8.0.1
 - `decrypt`: Do not throw `NoSignature` exception (exit code 3) if `--verify-with` is provided, but `VERIFICATIONS` is empty.
 
@@ -66,13 +35,6 @@ SPDX-License-Identifier: Apache-2.0
   - Change `EncryptAs` values into lowercase
   - Change `SignAs` values into lowercase
 
-## 7.0.2
-- CLI `change-key-password`: Fix indirect parameter passing for new and old passwords (thanks to @dkg for the report)
-- Backport: revoke-key command: Allow for multiple '--with-key-password' options
-
-## 7.0.1
-- `decrypt`: Do not throw `NoSignature` exception (exit code 3) if `--verify-with` is provided, but `VERIFICATIONS` is empty.
-
 ## 7.0.0
 - Update implementation to [SOP Specification revision 07](https://www.ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-07.html).
   - Add support for new `revoke-key` subcommand

README.md

@@ -27,8 +27,6 @@ The repository contains the following modules:
 compatible with the SOP-CLI specification.
 * [external-sop](/external-sop) contains an API implementation that can be used to forward API calls to a SOP executable,
 allowing to delegate the implementation logic to an arbitrary SOP CLI implementation.
-* [sop-java-testfixtures](/sop-java-testfixtures) contains a test suite that can be shared by downstream implementations
-  of `sop-java`.
 
 ## Known Implementations
 (Please expand!)
@@ -37,11 +35,9 @@ allowing to delegate the implementation logic to an arbitrary SOP CLI implementa
 |-------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------|
 | [pgpainless-sop](https://github.com/pgpainless/pgpainless/tree/main/pgpainless-sop) | Implementation of `sop-java` using PGPainless                                            |
 | [external-sop](https://github.com/pgpainless/sop-java/tree/main/external-sop)       | Implementation of `sop-java` that allows binding to external SOP binaries such as `sqop` |
-| [bcsop](https://codeberg.org/PGPainless/bc-sop)                                     | Implementation of `sop-java` using vanilla Bouncy Castle                                 |
 
 ### Implementations in other languages
-| Project                                           | Language |
+| Project                                         | Language |
-|---------------------------------------------------|----------|
+|-------------------------------------------------|----------|
-| [sop-rs](https://sequoia-pgp.gitlab.io/sop-rs/)   | Rust     |
+| [sop-rs](https://sequoia-pgp.gitlab.io/sop-rs/) | Rust     |
-| [SOP for python](https://pypi.org/project/sop/)   | Python   |
+| [SOP for python](https://pypi.org/project/sop/) | Python   |
-| [rpgpie-sop](https://crates.io/crates/rpgpie-sop) | Rust     |

build.gradle

@@ -19,7 +19,7 @@ buildscript {
 
 plugins {
     id 'ru.vyarus.animalsniffer' version '1.5.3'
-    id 'org.jetbrains.kotlin.jvm' version "1.9.21"
+    id 'org.jetbrains.kotlin.jvm' version "1.8.10"
     id 'com.diffplug.spotless' version '6.22.0' apply false
 }
 
@@ -32,7 +32,6 @@ allprojects {
     apply plugin: 'jacoco'
     apply plugin: 'checkstyle'
     apply plugin: 'kotlin'
-    apply plugin: 'kotlin-kapt'
     apply plugin: 'com.diffplug.spotless'
 
     // For non-cli modules enable android api compatibility check

external-sop/build.gradle

@@ -27,7 +27,7 @@ dependencies {
     // The ExternalTestSubjectFactory reads json config file to find configured SOP binaries...
     testImplementation "com.google.code.gson:gson:$gsonVersion"
     // ...and extends TestSubjectFactory
-    testImplementation(project(":sop-java-testfixtures"))
+    testImplementation(testFixtures(project(":sop-java")))
 }
 
 test {

external-sop/src/main/kotlin/sop/external/operation/DecryptExternal.kt

@@ -78,7 +78,7 @@ class DecryptExternal(
         val verifyOut = File(tempDir, "verifications-out")
         verifyOut.delete()
         if (requireVerification) {
-            commandList.add("--verifications-out=${verifyOut.absolutePath}")
+            commandList.add("--verify-out=${verifyOut.absolutePath}")
         }
 
         try {

external-sop/src/main/kotlin/sop/external/operation/EncryptExternal.kt

@@ -37,7 +37,7 @@ class EncryptExternal(
 
     override fun signWith(key: InputStream): Encrypt = apply {
         commandList.add("--sign-with=@ENV:SIGN_WITH_$argCounter")
-        envList.add("SIGN_WITH_$argCounter=${readString(key)}")
+        envList.add("SIGN_WITH_$argCounter=${ExternalSOP.readString(key)}")
         argCounter += 1
     }
 

settings.gradle

@@ -6,6 +6,5 @@ rootProject.name = 'SOP-Java'
 
 include 'sop-java',
         'sop-java-picocli',
-        'sop-java-testfixtures',
         'external-sop'
 

sop-java-picocli/build.gradle

@@ -17,11 +17,11 @@ dependencies {
 
     // SOP
     implementation(project(":sop-java"))
-    testImplementation(project(":sop-java-testfixtures"))
+    testImplementation(testFixtures(project(":sop-java")))
 
     // CLI
     implementation "info.picocli:picocli:$picocliVersion"
-    kapt "info.picocli:picocli-codegen:$picocliVersion"
+    annotationProcessor "info.picocli:picocli-codegen:$picocliVersion"
 
     // @Nonnull, @Nullable...
     implementation "com.google.code.findbugs:jsr305:$jsrVersion"
@@ -33,10 +33,6 @@ application {
     mainClass = mainClassName
 }
 
-compileJava {
-    options.compilerArgs += ["-Aproject=${project.group}/${project.name}"]
-}
-
 jar {
     dependsOn(":sop-java:jar")
     duplicatesStrategy(DuplicatesStrategy.EXCLUDE)

sop-java-picocli/src/main/kotlin/sop/cli/picocli/SopCLI.kt

@@ -64,7 +64,7 @@ class SopCLI {
         @JvmField var EXECUTABLE_NAME = "sop"
 
         @JvmField
-        @Option(names = ["--stacktrace"], scope = ScopeType.INHERIT)
+        @Option(names = ["--stacktrace"], scope = CommandLine.ScopeType.INHERIT)
         var stacktrace = false
 
         @JvmStatic
@@ -78,25 +78,33 @@ class SopCLI {
         @JvmStatic
         fun execute(vararg args: String): Int {
             // Set locale
-            CommandLine(InitLocale()).setUnmatchedArgumentsAllowed(true).parseArgs(*args)
+            CommandLine(InitLocale()).parseArgs(*args)
 
             // Re-set bundle with updated locale
             cliMsg = ResourceBundle.getBundle("msg_sop")
 
-            return CommandLine(SopCLI::class.java)
+            val cmd =
-                .apply {
+                CommandLine(SopCLI::class.java).apply {
+                    // explicitly set help command resource bundle
+                    subcommands["help"]?.setResourceBundle(ResourceBundle.getBundle("msg_help"))
                     // Hide generate-completion command
                     subcommands["generate-completion"]?.commandSpec?.usageMessage()?.hidden(true)
-                    // render Input/Output sections in help command
-                    subcommands.values.filter { (it.getCommand() as Any) is AbstractSopCmd } // Only for AbstractSopCmd objects
-                        .forEach { (it.getCommand() as AbstractSopCmd).installIORenderer(it) }
                     // overwrite executable name
                     commandName = EXECUTABLE_NAME
                     // setup exception handling
                     executionExceptionHandler = SOPExecutionExceptionHandler()
                     exitCodeExceptionMapper = SOPExceptionExitCodeMapper()
                     isCaseInsensitiveEnumValuesAllowed = true
-                }.execute(*args)
+                }
+
+            // render Input/Output sections in help command
+            cmd.subcommands.values
+                .filter {
+                    (it.getCommand() as Any) is AbstractSopCmd
+                } // Only for AbstractSopCmd objects
+                .forEach { (it.getCommand() as AbstractSopCmd).installIORenderer(it) }
+
+            return cmd.execute(*args)
         }
     }
 

sop-java-picocli/src/main/kotlin/sop/cli/picocli/commands/ChangeKeyPasswordCmd.kt

@@ -33,15 +33,9 @@ class ChangeKeyPasswordCmd : AbstractSopCmd() {
             changeKeyPassword.noArmor()
         }
 
-        oldKeyPasswords.forEach {
+        oldKeyPasswords.forEach { changeKeyPassword.oldKeyPassphrase(it) }
-            val password = stringFromInputStream(getInput(it))
-            changeKeyPassword.oldKeyPassphrase(password)
-        }
 
-        newKeyPassword?.let {
+        newKeyPassword?.let { changeKeyPassword.newKeyPassphrase(it) }
-            val password = stringFromInputStream(getInput(it))
-            changeKeyPassword.newKeyPassphrase(password)
-        }
 
         try {
             changeKeyPassword.keys(System.`in`).writeTo(System.out)

sop-java-picocli/src/main/kotlin/sop/cli/picocli/commands/DecryptCmd.kt

@@ -29,7 +29,7 @@ class DecryptCmd : AbstractSopCmd() {
     @Option(names = [OPT_WITH_PASSWORD], paramLabel = "PASSWORD")
     var withPassword: List<String> = listOf()
 
-    @Option(names = [OPT_VERIFICATIONS_OUT, "--verify-out"], paramLabel = "VERIFICATIONS")
+    @Option(names = [OPT_VERIFICATIONS_OUT], paramLabel = "VERIFICATIONS")
     var verifyOut: String? = null
 
     @Option(names = [OPT_VERIFY_WITH], paramLabel = "CERT") var certs: List<String> = listOf()

sop-java-testfixtures/build.gradle

@@ -1,24 +0,0 @@
-// SPDX-FileCopyrightText: 2024 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-plugins {
-    id 'java-library'
-}
-
-group 'org.pgpainless'
-
-repositories {
-    mavenCentral()
-}
-
-dependencies {
-    implementation(project(":sop-java"))
-    implementation "org.junit.jupiter:junit-jupiter-api:$junitVersion"
-    implementation "org.junit.jupiter:junit-jupiter-params:$junitVersion"
-    runtimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion"
-
-    // @Nullable, @Nonnull annotations
-    implementation "com.google.code.findbugs:jsr305:3.0.2"
-
-}

sop-java-testfixtures/src/main/kotlin/sop/testsuite/AbortOnUnsupportedOption.kt

@@ -1,12 +0,0 @@
-// SPDX-FileCopyrightText: 2024 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package sop.testsuite
-
-import java.lang.annotation.Inherited
-
-@Target(AnnotationTarget.TYPE)
-@Retention(AnnotationRetention.RUNTIME)
-@Inherited
-annotation class AbortOnUnsupportedOption

sop-java-testfixtures/src/main/kotlin/sop/testsuite/AbortOnUnsupportedOptionExtension.kt

@@ -1,21 +0,0 @@
-// SPDX-FileCopyrightText: 2024 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package sop.testsuite
-
-import org.junit.jupiter.api.Assumptions
-import org.junit.jupiter.api.extension.ExtensionContext
-import org.junit.jupiter.api.extension.TestExecutionExceptionHandler
-import sop.exception.SOPGPException
-
-class AbortOnUnsupportedOptionExtension : TestExecutionExceptionHandler {
-    override fun handleTestExecutionException(context: ExtensionContext, throwable: Throwable) {
-        val testClass = context.requiredTestClass
-        val annotation = testClass.getAnnotation(AbortOnUnsupportedOption::class.java)
-        if (annotation != null && SOPGPException.UnsupportedOption::class.isInstance(throwable)) {
-            Assumptions.assumeTrue(false, "Test aborted due to: " + throwable.message)
-        }
-        throw throwable
-    }
-}

sop-java/build.gradle

@@ -1,12 +1,10 @@
-import org.apache.tools.ant.filters.ReplaceTokens
-
 // SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
 //
 // SPDX-License-Identifier: Apache-2.0
 
-import org.apache.tools.ant.filters.*
 plugins {
     id 'java-library'
+    id 'java-test-fixtures'
 }
 
 group 'org.pgpainless'
@@ -19,19 +17,14 @@ dependencies {
     testImplementation "org.junit.jupiter:junit-jupiter-api:$junitVersion"
     testImplementation "org.junit.jupiter:junit-jupiter-params:$junitVersion"
     testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion"
-    testImplementation(project(":sop-java-testfixtures"))
+    testFixturesImplementation "org.junit.jupiter:junit-jupiter-api:$junitVersion"
+    testFixturesImplementation "org.junit.jupiter:junit-jupiter-params:$junitVersion"
 
     // @Nullable, @Nonnull annotations
     implementation "com.google.code.findbugs:jsr305:3.0.2"
 
 }
 
-processResources {
-    filter ReplaceTokens, tokens: [
-            "project.version": project.version.toString()
-    ]
-}
-
 test {
     useJUnitPlatform()
 }

sop-java/src/main/kotlin/sop/SigningResult.kt

@@ -9,9 +9,8 @@ package sop
  *
  * @param micAlg string identifying the digest mechanism used to create the signed message. This is
  *   useful for setting the `micalg=` parameter for the multipart/signed content-type of a PGP/MIME
- *   object as described in section 5 of [RFC3156](https://www.rfc-editor.org/rfc/rfc3156#section-5).
+ *   object as described in section 5 of [RFC3156]. If more than one signature was generated and
- *   If more than one signature was generated and different digest mechanisms were used, the value
+ *   different digest mechanisms were used, the value of the micalg object is an empty string.
- *   of the micalg object is an empty string.
  */
 data class SigningResult(val micAlg: MicAlg) {
 

sop-java/src/main/kotlin/sop/operation/GenerateKey.kt

@@ -78,7 +78,7 @@ interface GenerateKey {
     fun signingOnly(): GenerateKey
 
     /**
-     * Generate the OpenPGP key and return it encoded as an [java.io.InputStream].
+     * Generate the OpenPGP key and return it encoded as an [InputStream].
      *
      * @return key
      * @throws MissingArg if no user-id was provided

sop-java/src/main/kotlin/sop/operation/Version.kt

@@ -4,9 +4,6 @@
 
 package sop.operation
 
-import java.io.IOException
-import java.io.InputStream
-import java.util.*
 import kotlin.jvm.Throws
 import sop.exception.SOPGPException
 
@@ -110,17 +107,4 @@ interface Version {
      * this method throws an [SOPGPException.UnsupportedOption] instead.
      */
     @Throws(SOPGPException.UnsupportedOption::class) fun getSopVVersion(): String
-
-    /** Return the current version of the SOP-Java library. */
-    fun getSopJavaVersion(): String? {
-        return try {
-            val resourceIn: InputStream =
-                javaClass.getResourceAsStream("/sop-java-version.properties")
-                    ?: throw IOException("File sop-java-version.properties not found.")
-            val properties = Properties().apply { load(resourceIn) }
-            properties.getProperty("sop-java-version")
-        } catch (e: IOException) {
-            null
-        }
-    }
 }

sop-java/src/main/kotlin/sop/util/ProxyOutputStream.kt

@@ -16,7 +16,6 @@ import java.io.OutputStream
  * target output stream is not yet known.
  */
 @Deprecated("Marked for removal.")
-// TODO: Remove in 11.X
 class ProxyOutputStream : OutputStream() {
     private val buffer = ByteArrayOutputStream()
     private var swapped: OutputStream? = null

sop-java/src/main/resources/sop-java-version.properties

@@ -1,4 +0,0 @@
-# SPDX-FileCopyrightText: 2025 Paul Schaub <info@pgpainless.org>
-#
-# SPDX-License-Identifier: Apache-2.0
-sop-java-version=@project.version@

sop-java/src/testFixtures/java/sop/testsuite/operation/AbstractSOPTest.java

@@ -5,11 +5,8 @@
 package sop.testsuite.operation;
 
 import org.junit.jupiter.api.Named;
-import org.junit.jupiter.api.extension.ExtendWith;
 import org.junit.jupiter.params.provider.Arguments;
 import sop.SOP;
-import sop.testsuite.AbortOnUnsupportedOption;
-import sop.testsuite.AbortOnUnsupportedOptionExtension;
 import sop.testsuite.SOPInstanceFactory;
 
 import java.lang.reflect.InvocationTargetException;
@@ -18,8 +15,6 @@ import java.util.List;
 import java.util.Map;
 import java.util.stream.Stream;
 
-@ExtendWith(AbortOnUnsupportedOptionExtension.class)
-@AbortOnUnsupportedOption
 public abstract class AbstractSOPTest {
 
     private static final List<Arguments> backends = new ArrayList<>();

version.gradle

@@ -12,7 +12,7 @@ allprojects {
         jsrVersion = '3.0.2'
         junitVersion = '5.8.2'
         junitSysExitVersion = '1.1.2'
-        logbackVersion = '1.2.13' // 1.4+ cause CLI spam
+        logbackVersion = '1.2.13'
         mockitoVersion = '4.5.1'
         picocliVersion = '4.6.3'
         slf4jVersion = '1.7.36'