diff --git a/CHANGELOG.md b/CHANGELOG.md index 3ca12a2..94f2f1e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,13 @@ SPDX-License-Identifier: Apache-2.0 # Changelog +## 7.0.2-SNAPSHOT +- CLI `change-key-password`: Fix indirect parameter passing for new and old passwords (thanks to @dkg for the report) +- Backport: revoke-key command: Allow for multiple '--with-key-password' options + +## 7.0.1 +- `decrypt`: Do not throw `NoSignature` exception (exit code 3) if `--verify-with` is provided, but `VERIFICATIONS` is empty. + ## 7.0.0 - Update implementation to [SOP Specification revision 07](https://www.ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-07.html). - Add support for new `revoke-key` subcommand diff --git a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/ChangeKeyPasswordCmd.java b/sop-java-picocli/src/main/java/sop/cli/picocli/commands/ChangeKeyPasswordCmd.java index 5a6aa2a..0e12ef8 100644 --- a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/ChangeKeyPasswordCmd.java +++ b/sop-java-picocli/src/main/java/sop/cli/picocli/commands/ChangeKeyPasswordCmd.java @@ -39,15 +39,17 @@ public class ChangeKeyPasswordCmd extends AbstractSopCmd { changeKeyPassword.noArmor(); } - for (String oldKeyPassword : oldKeyPasswords) { - changeKeyPassword.oldKeyPassphrase(oldKeyPassword); - } - - if (newKeyPassword != null) { - changeKeyPassword.newKeyPassphrase(newKeyPassword); - } - try { + for (String oldKeyPassword : oldKeyPasswords) { + String password = stringFromInputStream(getInput(oldKeyPassword)); + changeKeyPassword.oldKeyPassphrase(password); + } + + if (newKeyPassword != null) { + String password = stringFromInputStream(getInput(newKeyPassword)); + changeKeyPassword.newKeyPassphrase(password); + } + changeKeyPassword.keys(System.in).writeTo(System.out); } catch (IOException e) { throw new RuntimeException(e); diff --git a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/DecryptCmd.java b/sop-java-picocli/src/main/java/sop/cli/picocli/commands/DecryptCmd.java index a681b4d..a870931 100644 --- a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/DecryptCmd.java +++ b/sop-java-picocli/src/main/java/sop/cli/picocli/commands/DecryptCmd.java @@ -115,11 +115,6 @@ public class DecryptCmd extends AbstractSopCmd { private void writeVerifyOut(DecryptionResult result) throws IOException { if (verifyOut != null) { - if (result.getVerifications().isEmpty()) { - String errorMsg = getMsg("sop.error.runtime.no_verifiable_signature_found"); - throw new SOPGPException.NoSignature(errorMsg); - } - try (OutputStream fileOut = getOutput(verifyOut)) { PrintWriter writer = new PrintWriter(fileOut); for (Verification verification : result.getVerifications()) { diff --git a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/RevokeKeyCmd.java b/sop-java-picocli/src/main/java/sop/cli/picocli/commands/RevokeKeyCmd.java index 45f22fa..3c2e45b 100644 --- a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/RevokeKeyCmd.java +++ b/sop-java-picocli/src/main/java/sop/cli/picocli/commands/RevokeKeyCmd.java @@ -11,6 +11,8 @@ import sop.exception.SOPGPException; import sop.operation.RevokeKey; import java.io.IOException; +import java.util.ArrayList; +import java.util.List; @CommandLine.Command(name = "revoke-key", resourceBundle = "msg_revoke-key", @@ -23,7 +25,7 @@ public class RevokeKeyCmd extends AbstractSopCmd { @CommandLine.Option(names = "--with-key-password", paramLabel = "PASSWORD") - String withKeyPassword; + List withKeyPassword = new ArrayList<>(); @Override public void run() { @@ -36,8 +38,10 @@ public class RevokeKeyCmd extends AbstractSopCmd { if (withKeyPassword != null) { try { - String password = stringFromInputStream(getInput(withKeyPassword)); - revokeKey.withKeyPassword(password); + for (String passwordFile : withKeyPassword) { + String password = stringFromInputStream(getInput(passwordFile)); + revokeKey.withKeyPassword(password); + } } catch (SOPGPException.UnsupportedOption e) { String errorMsg = getMsg("sop.error.feature_support.option_not_supported", "--with-key-password"); throw new SOPGPException.UnsupportedOption(errorMsg, e); diff --git a/sop-java-picocli/src/test/java/sop/cli/picocli/commands/DecryptCmdTest.java b/sop-java-picocli/src/test/java/sop/cli/picocli/commands/DecryptCmdTest.java index e3dd198..edfd052 100644 --- a/sop-java-picocli/src/test/java/sop/cli/picocli/commands/DecryptCmdTest.java +++ b/sop-java-picocli/src/test/java/sop/cli/picocli/commands/DecryptCmdTest.java @@ -21,6 +21,7 @@ import sop.operation.Decrypt; import sop.util.HexUtil; import sop.util.UTCUtil; +import javax.annotation.Nonnull; import java.io.BufferedReader; import java.io.ByteArrayOutputStream; import java.io.File; @@ -247,15 +248,17 @@ public class DecryptCmdTest { } @Test - @ExpectSystemExitWithStatus(SOPGPException.NoSignature.EXIT_CODE) - public void assertNoSignatureExceptionCausesExit3() throws SOPGPException.CannotDecrypt, SOPGPException.MissingArg, SOPGPException.BadData, IOException { + public void assertNoVerificationsIsOkay() throws SOPGPException.CannotDecrypt, SOPGPException.MissingArg, SOPGPException.BadData, IOException { + File tempFile = File.createTempFile("verify-with-", ".tmp"); + File verifyOut = new File(tempFile.getParent(), "verifications.out"); + verifyOut.deleteOnExit(); when(decrypt.ciphertext((InputStream) any())).thenReturn(new ReadyWithResult() { @Override - public DecryptionResult writeTo(OutputStream outputStream) throws SOPGPException.NoSignature { - throw new SOPGPException.NoSignature(); + public DecryptionResult writeTo(@Nonnull OutputStream outputStream) throws SOPGPException.NoSignature { + return new DecryptionResult(null, Collections.emptyList()); } }); - SopCLI.main(new String[] {"decrypt"}); + SopCLI.main(new String[] {"decrypt", "--verify-with", tempFile.getAbsolutePath(), "--verifications-out", verifyOut.getAbsolutePath()}); } @Test diff --git a/version.gradle b/version.gradle index d8ddfd6..8e50153 100644 --- a/version.gradle +++ b/version.gradle @@ -4,8 +4,8 @@ allprojects { ext { - shortVersion = '7.0.1' - isSnapshot = true + shortVersion = '7.0.2' + isSnapshot = false minAndroidSdk = 10 javaSourceCompatibility = 1.8 gsonVersion = '2.10.1'