SOP-Java 7.0.2

Fixes https://github.com/pgpainless/pgpainless/issues/453
Thanks to @dkg for the report

CHANGELOG.md

@@ -6,6 +6,13 @@ SPDX-License-Identifier: Apache-2.0
 
 # Changelog
 
+## 7.0.2-SNAPSHOT
+- CLI `change-key-password`: Fix indirect parameter passing for new and old passwords (thanks to @dkg for the report)
+- Backport: revoke-key command: Allow for multiple '--with-key-password' options
+
+## 7.0.1
+- `decrypt`: Do not throw `NoSignature` exception (exit code 3) if `--verify-with` is provided, but `VERIFICATIONS` is empty.
+
 ## 7.0.0
 - Update implementation to [SOP Specification revision 07](https://www.ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-07.html).
   - Add support for new `revoke-key` subcommand

sop-java-picocli/src/main/java/sop/cli/picocli/commands/ChangeKeyPasswordCmd.java

@@ -39,15 +39,17 @@ public class ChangeKeyPasswordCmd extends AbstractSopCmd {
             changeKeyPassword.noArmor();
         }
 
-        for (String oldKeyPassword : oldKeyPasswords) {
-            changeKeyPassword.oldKeyPassphrase(oldKeyPassword);
-        }
-
-        if (newKeyPassword != null) {
-            changeKeyPassword.newKeyPassphrase(newKeyPassword);
-        }
-
         try {
+            for (String oldKeyPassword : oldKeyPasswords) {
+                String password = stringFromInputStream(getInput(oldKeyPassword));
+                changeKeyPassword.oldKeyPassphrase(password);
+            }
+
+            if (newKeyPassword != null) {
+                String password = stringFromInputStream(getInput(newKeyPassword));
+                changeKeyPassword.newKeyPassphrase(password);
+            }
+
             changeKeyPassword.keys(System.in).writeTo(System.out);
         } catch (IOException e) {
             throw new RuntimeException(e);

sop-java-picocli/src/main/java/sop/cli/picocli/commands/DecryptCmd.java

@@ -115,11 +115,6 @@ public class DecryptCmd extends AbstractSopCmd {
 
     private void writeVerifyOut(DecryptionResult result) throws IOException {
         if (verifyOut != null) {
-            if (result.getVerifications().isEmpty()) {
-                String errorMsg = getMsg("sop.error.runtime.no_verifiable_signature_found");
-                throw new SOPGPException.NoSignature(errorMsg);
-            }
-
             try (OutputStream fileOut = getOutput(verifyOut)) {
                 PrintWriter writer = new PrintWriter(fileOut);
                 for (Verification verification : result.getVerifications()) {

sop-java-picocli/src/main/java/sop/cli/picocli/commands/RevokeKeyCmd.java

@@ -11,6 +11,8 @@ import sop.exception.SOPGPException;
 import sop.operation.RevokeKey;
 
 import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
 
 @CommandLine.Command(name = "revoke-key",
         resourceBundle = "msg_revoke-key",
@@ -23,7 +25,7 @@ public class RevokeKeyCmd extends AbstractSopCmd {
 
     @CommandLine.Option(names = "--with-key-password",
             paramLabel = "PASSWORD")
-    String withKeyPassword;
+    List<String> withKeyPassword = new ArrayList<>();
 
     @Override
     public void run() {
@@ -36,8 +38,10 @@ public class RevokeKeyCmd extends AbstractSopCmd {
 
         if (withKeyPassword != null) {
             try {
-                String password = stringFromInputStream(getInput(withKeyPassword));
-                revokeKey.withKeyPassword(password);
+                for (String passwordFile : withKeyPassword) {
+                    String password = stringFromInputStream(getInput(passwordFile));
+                    revokeKey.withKeyPassword(password);
+                }
             } catch (SOPGPException.UnsupportedOption e) {
                 String errorMsg = getMsg("sop.error.feature_support.option_not_supported", "--with-key-password");
                 throw new SOPGPException.UnsupportedOption(errorMsg, e);

sop-java-picocli/src/test/java/sop/cli/picocli/commands/DecryptCmdTest.java

@@ -21,6 +21,7 @@ import sop.operation.Decrypt;
 import sop.util.HexUtil;
 import sop.util.UTCUtil;
 
+import javax.annotation.Nonnull;
 import java.io.BufferedReader;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
@@ -247,15 +248,17 @@ public class DecryptCmdTest {
     }
 
     @Test
-    @ExpectSystemExitWithStatus(SOPGPException.NoSignature.EXIT_CODE)
-    public void assertNoSignatureExceptionCausesExit3() throws SOPGPException.CannotDecrypt, SOPGPException.MissingArg, SOPGPException.BadData, IOException {
+    public void assertNoVerificationsIsOkay() throws SOPGPException.CannotDecrypt, SOPGPException.MissingArg, SOPGPException.BadData, IOException {
+        File tempFile = File.createTempFile("verify-with-", ".tmp");
+        File verifyOut = new File(tempFile.getParent(), "verifications.out");
+        verifyOut.deleteOnExit();
         when(decrypt.ciphertext((InputStream) any())).thenReturn(new ReadyWithResult<DecryptionResult>() {
             @Override
-            public DecryptionResult writeTo(OutputStream outputStream) throws SOPGPException.NoSignature {
-                throw new SOPGPException.NoSignature();
+            public DecryptionResult writeTo(@Nonnull OutputStream outputStream) throws SOPGPException.NoSignature {
+                return new DecryptionResult(null, Collections.emptyList());
             }
         });
-        SopCLI.main(new String[] {"decrypt"});
+        SopCLI.main(new String[] {"decrypt", "--verify-with", tempFile.getAbsolutePath(), "--verifications-out", verifyOut.getAbsolutePath()});
     }
 
     @Test

version.gradle

@@ -4,8 +4,8 @@
 
 allprojects {
     ext {
-        shortVersion = '7.0.1'
-        isSnapshot = true
+        shortVersion = '7.0.2'
+        isSnapshot = false
         minAndroidSdk = 10
         javaSourceCompatibility = 1.8
         gsonVersion = '2.10.1'