SOP-Java 14.0.0

This is done to fix external-sop tests, which rely on environment variables,
which do not play nicely with binary data

.woodpecker/build.yml

@@ -17,5 +17,5 @@ steps:
       # Code has coverage
       - gradle jacocoRootReport coveralls
     environment:
-      COVERALLS_REPO_TOKEN:
+      coveralls_repo_token:
         from_secret: coveralls_repo_token

external-sop/build.gradle

@@ -15,9 +15,7 @@ repositories {
 dependencies {
     testImplementation "org.junit.jupiter:junit-jupiter-api:$junitVersion"
     testImplementation "org.junit.jupiter:junit-jupiter-params:$junitVersion"
-
+    testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion"
-    testImplementation "org.junit.platform:junit-platform-suite-api:1.13.2"
-    testRuntimeOnly 'org.junit.platform:junit-platform-suite:1.13.2'
 
     api project(":sop-java")
     api "org.slf4j:slf4j-api:$slf4jVersion"

external-sop/src/test/java/sop/testsuite/external/ExternalTestSuite.java

@@ -1,18 +0,0 @@
-// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package sop.testsuite.external;
-
-import org.junit.platform.suite.api.IncludeClassNamePatterns;
-import org.junit.platform.suite.api.SelectPackages;
-import org.junit.platform.suite.api.Suite;
-import org.junit.platform.suite.api.SuiteDisplayName;
-
-@Suite
-@SuiteDisplayName("External SOP Tests")
-@SelectPackages("sop.testsuite.operation")
-@IncludeClassNamePatterns(".*Test")
-public class ExternalTestSuite {
-
-}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalArmorDearmorTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.ArmorDearmorTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalArmorDearmorTest extends ArmorDearmorTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalCertifyValidateUserIdTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.CertifyValidateUserIdTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalCertifyValidateUserIdTest extends CertifyValidateUserIdTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalChangeKeyPasswordTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.ChangeKeyPasswordTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalChangeKeyPasswordTest extends ChangeKeyPasswordTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalDecryptWithSessionKeyTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.DecryptWithSessionKeyTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalDecryptWithSessionKeyTest extends DecryptWithSessionKeyTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalDetachedSignDetachedVerifyTest.java

@@ -0,0 +1,12 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.DetachedSignDetachedVerifyTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalDetachedSignDetachedVerifyTest extends DetachedSignDetachedVerifyTest {
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalEncryptDecryptTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.EncryptDecryptTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalEncryptDecryptTest extends EncryptDecryptTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalExtractCertTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.ExtractCertTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalExtractCertTest extends ExtractCertTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalGenerateKeyTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.GenerateKeyTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalGenerateKeyTest extends GenerateKeyTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalInlineSignInlineDetachDetachedVerifyTest.java

@@ -0,0 +1,14 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.InlineSignInlineDetachDetachedVerifyTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalInlineSignInlineDetachDetachedVerifyTest
+        extends InlineSignInlineDetachDetachedVerifyTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalInlineSignInlineVerifyTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.InlineSignInlineVerifyTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalInlineSignInlineVerifyTest extends InlineSignInlineVerifyTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalListProfilesTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.ListProfilesTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalListProfilesTest extends ListProfilesTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalMergeCertsTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.MergeCertsTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalMergeCertsTest extends MergeCertsTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalRevokeKeyTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.RevokeKeyTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalRevokeKeyTest extends RevokeKeyTest {
+
+}

external-sop/src/test/java/sop/testsuite/external/operation/ExternalVersionTest.java

@@ -0,0 +1,13 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.testsuite.external.operation;
+
+import org.junit.jupiter.api.condition.EnabledIf;
+import sop.testsuite.operation.VersionTest;
+
+@EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
+public class ExternalVersionTest extends VersionTest {
+
+}

settings.gradle

@@ -7,6 +7,5 @@ rootProject.name = 'SOP-Java'
 include 'sop-java',
         'sop-java-picocli',
         'sop-java-testfixtures',
-        'external-sop',
+        'external-sop'
-        'sop-java-json-gson'
 

sop-java-json-gson/README.md

@@ -1,13 +0,0 @@
-<!--
-SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
-
-SPDX-License-Identifier: Apache-2.0
--->
-
-# SOP-Java-JSON-GSON
-
-## JSON Parsing VERIFICATION extension JSON using Gson
-
-Since revision 11, the SOP specification defines VERIFICATIONS extension JSON.
-
-This module implements the `JSONParser` and `JSONSerializer` interfaces using Googles Gson library.

sop-java-json-gson/build.gradle

@@ -1,28 +0,0 @@
-// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-plugins {
-    id 'java-library'
-}
-
-group 'org.pgpainless'
-
-repositories {
-    mavenCentral()
-}
-
-dependencies {
-    implementation "org.junit.jupiter:junit-jupiter-api:$junitVersion"
-    implementation "org.junit.jupiter:junit-jupiter-params:$junitVersion"
-    runtimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion"
-
-    implementation project(":sop-java")
-    api "org.slf4j:slf4j-api:$slf4jVersion"
-    testImplementation "ch.qos.logback:logback-classic:$logbackVersion"
-
-    // @Nonnull, @Nullable...
-    implementation "com.google.code.findbugs:jsr305:$jsrVersion"
-
-    api "com.google.code.gson:gson:$gsonVersion"
-}

sop-java-json-gson/src/main/kotlin/sop/GsonParser.kt

@@ -1,23 +0,0 @@
-// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package sop
-
-import com.google.gson.Gson
-import com.google.gson.JsonSyntaxException
-import com.google.gson.reflect.TypeToken
-import java.text.ParseException
-
-class GsonParser(
-    private val gson: Gson = Gson()
-) : Verification.JSONParser {
-
-    override fun parse(string: String): Verification.JSON {
-        try {
-            return gson.fromJson(string, object : TypeToken<Verification.JSON>(){}.type)
-        } catch (e: JsonSyntaxException) {
-            throw ParseException(e.message, 0)
-        }
-    }
-}

sop-java-json-gson/src/main/kotlin/sop/GsonSerializer.kt

@@ -1,16 +0,0 @@
-// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package sop
-
-import com.google.gson.Gson
-
-class GsonSerializer(
-    private val gson: Gson = Gson()
-) : Verification.JSONSerializer {
-
-    override fun serialize(json: Verification.JSON): String {
-        return gson.toJson(json)
-    }
-}

sop-java-json-gson/src/test/kotlin/sop/GsonSerializerAndParserTest.kt

@@ -1,96 +0,0 @@
-// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package sop
-
-import org.junit.jupiter.api.Assertions.assertEquals
-import org.junit.jupiter.api.Test
-import org.junit.jupiter.api.assertThrows
-import java.text.ParseException
-
-class GsonSerializerAndParserTest {
-
-    private val serializer: GsonSerializer = GsonSerializer()
-    private val parser: GsonParser = GsonParser()
-
-    @Test
-    fun simpleSingleTest() {
-        val before = Verification.JSON("/tmp/alice.pgp")
-
-        val json = serializer.serialize(before)
-        assertEquals("{\"signers\":[\"/tmp/alice.pgp\"]}", json)
-
-        val after = parser.parse(json)
-
-        assertEquals(before, after)
-    }
-
-    @Test
-    fun simpleListTest() {
-        val before = Verification.JSON(listOf("/tmp/alice.pgp", "/tmp/bob.asc"))
-
-        val json = serializer.serialize(before)
-        assertEquals("{\"signers\":[\"/tmp/alice.pgp\",\"/tmp/bob.asc\"]}", json)
-
-        val after = parser.parse(json)
-
-        assertEquals(before, after)
-    }
-
-    @Test
-    fun withCommentTest() {
-        val before = Verification.JSON(
-            listOf("/tmp/alice.pgp"),
-            "This is a comment.",
-            null)
-
-        val json = serializer.serialize(before)
-        assertEquals("{\"signers\":[\"/tmp/alice.pgp\"],\"comment\":\"This is a comment.\"}", json)
-
-        val after = parser.parse(json)
-
-        assertEquals(before, after)
-    }
-
-    @Test
-    fun withExtStringTest() {
-        val before = Verification.JSON(
-            listOf("/tmp/alice.pgp"),
-            "This is a comment.",
-            "This is an ext object string.")
-
-        val json = serializer.serialize(before)
-        assertEquals("{\"signers\":[\"/tmp/alice.pgp\"],\"comment\":\"This is a comment.\",\"ext\":\"This is an ext object string.\"}", json)
-
-        val after = parser.parse(json)
-
-        assertEquals(before, after)
-    }
-
-    @Test
-    fun withExtListTest() {
-        val before = Verification.JSON(
-            listOf("/tmp/alice.pgp"),
-            "This is a comment.",
-            listOf(1.0,2.0,3.0))
-
-        val json = serializer.serialize(before)
-        assertEquals("{\"signers\":[\"/tmp/alice.pgp\"],\"comment\":\"This is a comment.\",\"ext\":[1.0,2.0,3.0]}", json)
-
-        val after = parser.parse(json)
-
-        assertEquals(before, after)
-    }
-
-    @Test
-    fun parseInvalidJSON() {
-        assertThrows<ParseException> { parser.parse("Invalid") }
-    }
-
-    @Test
-    fun parseMalformedJSON() {
-        // Missing '}'
-        assertThrows<ParseException> { parser.parse("{\"signers\":[\"Alice\"]") }
-    }
-}

sop-java-testfixtures/src/main/java/sop/testsuite/assertions/VerificationAssert.java

@@ -8,13 +8,9 @@ import sop.Verification;
 import sop.enums.SignatureMode;
 import sop.testsuite.JUtils;
 
-import java.text.ParseException;
 import java.util.Date;
-import java.util.function.Predicate;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertNotNull;
-import static org.junit.jupiter.api.Assertions.assertTrue;
 
 public final class VerificationAssert {
 
@@ -61,27 +57,6 @@ public final class VerificationAssert {
         return hasDescription(description);
     }
 
-    public VerificationAssert hasValidJSONOrNull(Verification.JSONParser parser)
-            throws ParseException {
-        if (!verification.getJsonOrDescription().isPresent()) {
-            // missing description
-            return this;
-        }
-
-        return hasJSON(parser, null);
-    }
-
-    public VerificationAssert hasJSON(Verification.JSONParser parser, Predicate<Verification.JSON> predicate) {
-        assertTrue(verification.getContainsJson(), "Verification does not appear to contain JSON extension");
-
-        Verification.JSON json = verification.getJson(parser);
-        assertNotNull(verification.getJson(parser), "Verification does not appear to contain valid JSON extension.");
-        if (predicate != null) {
-            assertTrue(predicate.test(json), "JSON object does not match predicate.");
-        }
-        return this;
-    }
-
     public VerificationAssert hasMode(SignatureMode mode) {
         assertEquals(mode, verification.getSignatureMode().get());
         return this;

sop-java-testfixtures/src/main/java/sop/testsuite/operation/AbstractSOPTest.java

@@ -4,13 +4,10 @@
 
 package sop.testsuite.operation;
 
-import kotlin.jvm.functions.Function0;
-import org.junit.jupiter.api.Assumptions;
 import org.junit.jupiter.api.Named;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.junit.jupiter.params.provider.Arguments;
 import sop.SOP;
-import sop.exception.SOPGPException;
 import sop.testsuite.AbortOnUnsupportedOption;
 import sop.testsuite.AbortOnUnsupportedOptionExtension;
 import sop.testsuite.SOPInstanceFactory;
@@ -21,8 +18,6 @@ import java.util.List;
 import java.util.Map;
 import java.util.stream.Stream;
 
-import static org.junit.jupiter.api.Assumptions.assumeTrue;
-
 @ExtendWith(AbortOnUnsupportedOptionExtension.class)
 @AbortOnUnsupportedOption
 public abstract class AbstractSOPTest {
@@ -56,17 +51,6 @@ public abstract class AbstractSOPTest {
         }
     }
 
-    public <T> T assumeSupported(Function0<T> f) {
-        try {
-            T t = f.invoke();
-            assumeTrue(t != null, "Unsupported operation.");
-            return t;
-        } catch (SOPGPException.UnsupportedSubcommand e) {
-            assumeTrue(false, e.getMessage());
-            return null;
-        }
-    }
-
     public static Stream<Arguments> provideBackends() {
         return backends.stream();
     }

sop-java-testfixtures/src/main/java/sop/testsuite/operation/ArmorDearmorTest.java

@@ -20,7 +20,7 @@ import java.util.stream.Stream;
 import static org.junit.jupiter.api.Assertions.assertArrayEquals;
 
 @EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
-public class ArmorDearmorTest extends AbstractSOPTest {
+public class ArmorDearmorTest {
 
     static Stream<Arguments> provideInstances() {
         return AbstractSOPTest.provideBackends();
@@ -31,13 +31,13 @@ public class ArmorDearmorTest extends AbstractSOPTest {
     public void dearmorArmorAliceKey(SOP sop) throws IOException {
         byte[] aliceKey = TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8);
 
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(aliceKey)
                 .getBytes();
 
         Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(dearmored)
                 .getBytes();
 
@@ -52,13 +52,13 @@ public class ArmorDearmorTest extends AbstractSOPTest {
     public void dearmorArmorAliceCert(SOP sop) throws IOException {
         byte[] aliceCert = TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(aliceCert)
                 .getBytes();
 
         Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(dearmored)
                 .getBytes();
 
@@ -73,13 +73,13 @@ public class ArmorDearmorTest extends AbstractSOPTest {
     public void dearmorArmorBobKey(SOP sop) throws IOException {
         byte[] bobKey = TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8);
 
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(bobKey)
                 .getBytes();
 
         Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(dearmored)
                 .getBytes();
 
@@ -94,13 +94,13 @@ public class ArmorDearmorTest extends AbstractSOPTest {
     public void dearmorArmorBobCert(SOP sop) throws IOException {
         byte[] bobCert = TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(bobCert)
                 .getBytes();
 
         Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(dearmored)
                 .getBytes();
 
@@ -115,13 +115,13 @@ public class ArmorDearmorTest extends AbstractSOPTest {
     public void dearmorArmorCarolKey(SOP sop) throws IOException {
         byte[] carolKey = TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8);
 
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(carolKey)
                 .getBytes();
 
         Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(dearmored)
                 .getBytes();
 
@@ -136,13 +136,13 @@ public class ArmorDearmorTest extends AbstractSOPTest {
     public void dearmorArmorCarolCert(SOP sop) throws IOException {
         byte[] carolCert = TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(carolCert)
                 .getBytes();
 
         Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(dearmored)
                 .getBytes();
 
@@ -163,13 +163,13 @@ public class ArmorDearmorTest extends AbstractSOPTest {
                 "CePQFpprprnGEzpE3flQLUc=\n" +
                 "=ZiFR\n" +
                 "-----END PGP MESSAGE-----\n").getBytes(StandardCharsets.UTF_8);
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(message)
                 .getBytes();
 
         Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_MESSAGE));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(dearmored)
                 .getBytes();
 
@@ -191,13 +191,13 @@ public class ArmorDearmorTest extends AbstractSOPTest {
                 "=GHvQ\n" +
                 "-----END PGP SIGNATURE-----\n").getBytes(StandardCharsets.UTF_8);
 
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(signature)
                 .getBytes();
 
         Assertions.assertFalse(JUtils.arrayStartsWith(dearmored, TestData.BEGIN_PGP_SIGNATURE));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(dearmored)
                 .getBytes();
 
@@ -210,11 +210,11 @@ public class ArmorDearmorTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testDearmoringTwiceIsIdempotent(SOP sop) throws IOException {
-        byte[] dearmored = assumeSupported(sop::dearmor)
+        byte[] dearmored = sop.dearmor()
                 .data(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .getBytes();
 
-        byte[] dearmoredAgain = assumeSupported(sop::dearmor)
+        byte[] dearmoredAgain = sop.dearmor()
                 .data(dearmored)
                 .getBytes();
 
@@ -233,7 +233,7 @@ public class ArmorDearmorTest extends AbstractSOPTest {
                 "=GHvQ\n" +
                 "-----END PGP SIGNATURE-----\n").getBytes(StandardCharsets.UTF_8);
 
-        byte[] armoredAgain = assumeSupported(sop::armor)
+        byte[] armoredAgain = sop.armor()
                 .data(armored)
                 .getBytes();
 

sop-java-testfixtures/src/main/java/sop/testsuite/operation/CertifyValidateUserIdTest.java

@@ -18,7 +18,7 @@ import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
 @EnabledIf("sop.testsuite.operation.AbstractSOPTest#hasBackends")
-public class CertifyValidateUserIdTest extends AbstractSOPTest {
+public class CertifyValidateUserIdTest {
 
     static Stream<Arguments> provideInstances() {
         return AbstractSOPTest.provideBackends();
@@ -27,25 +27,25 @@ public class CertifyValidateUserIdTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void certifyUserId(SOP sop) throws IOException {
-        byte[] aliceKey = assumeSupported(sop::generateKey)
+        byte[] aliceKey = sop.generateKey()
                 .withKeyPassword("sw0rdf1sh")
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] aliceCert = assumeSupported(sop::extractCert)
+        byte[] aliceCert = sop.extractCert()
                 .key(aliceKey)
                 .getBytes();
 
-        byte[] bobKey = assumeSupported(sop::generateKey)
+        byte[] bobKey = sop.generateKey()
                 .userId("Bob <bob@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] bobCert = assumeSupported(sop::extractCert)
+        byte[] bobCert = sop.extractCert()
                 .key(bobKey)
                 .getBytes();
 
         // Alice has her own user-id self-certified
-        assertTrue(assumeSupported(sop::validateUserId)
+        assertTrue(sop.validateUserId()
                         .authorities(aliceCert)
                         .userId("Alice <alice@pgpainless.org>")
                         .subjects(aliceCert),
@@ -53,20 +53,20 @@ public class CertifyValidateUserIdTest extends AbstractSOPTest {
 
         // Alice has not yet certified Bobs user-id
         assertThrows(SOPGPException.CertUserIdNoMatch.class, () ->
-                        assumeSupported(sop::validateUserId)
+                        sop.validateUserId()
                                 .authorities(aliceCert)
                                 .userId("Bob <bob@pgpainless.org>")
                                 .subjects(bobCert),
                 "Alice has not yet certified Bobs user-id");
 
-        byte[] bobCertifiedByAlice = assumeSupported(sop::certifyUserId)
+        byte[] bobCertifiedByAlice = sop.certifyUserId()
                 .userId("Bob <bob@pgpainless.org>")
                 .withKeyPassword("sw0rdf1sh")
                 .keys(aliceKey)
                 .certs(bobCert)
                 .getBytes();
 
-        assertTrue(assumeSupported(sop::validateUserId)
+        assertTrue(sop.validateUserId()
                         .userId("Bob <bob@pgpainless.org>")
                         .authorities(aliceCert)
                         .subjects(bobCertifiedByAlice),
@@ -76,28 +76,28 @@ public class CertifyValidateUserIdTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void certifyUserIdUnarmored(SOP sop) throws IOException {
-        byte[] aliceKey = assumeSupported(sop::generateKey)
+        byte[] aliceKey = sop.generateKey()
                 .noArmor()
                 .withKeyPassword("sw0rdf1sh")
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] aliceCert = assumeSupported(sop::extractCert)
+        byte[] aliceCert = sop.extractCert()
                 .noArmor()
                 .key(aliceKey)
                 .getBytes();
 
-        byte[] bobKey = assumeSupported(sop::generateKey)
+        byte[] bobKey = sop.generateKey()
                 .noArmor()
                 .userId("Bob <bob@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] bobCert = assumeSupported(sop::extractCert)
+        byte[] bobCert = sop.extractCert()
                 .noArmor()
                 .key(bobKey)
                 .getBytes();
 
-        byte[] bobCertifiedByAlice = assumeSupported(sop::certifyUserId)
+        byte[] bobCertifiedByAlice = sop.certifyUserId()
                 .noArmor()
                 .userId("Bob <bob@pgpainless.org>")
                 .withKeyPassword("sw0rdf1sh")
@@ -105,7 +105,7 @@ public class CertifyValidateUserIdTest extends AbstractSOPTest {
                 .certs(bobCert)
                 .getBytes();
 
-        assertTrue(assumeSupported(sop::validateUserId)
+        assertTrue(sop.validateUserId()
                         .userId("Bob <bob@pgpainless.org>")
                         .authorities(aliceCert)
                         .subjects(bobCertifiedByAlice),
@@ -115,45 +115,45 @@ public class CertifyValidateUserIdTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void addPetName(SOP sop) throws IOException {
-        byte[] aliceKey = assumeSupported(sop::generateKey)
+        byte[] aliceKey = sop.generateKey()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] aliceCert = assumeSupported(sop::extractCert)
+        byte[] aliceCert = sop.extractCert()
                 .key(aliceKey)
                 .getBytes();
 
-        byte[] bobKey = assumeSupported(sop::generateKey)
+        byte[] bobKey = sop.generateKey()
                 .userId("Bob <bob@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] bobCert = assumeSupported(sop::extractCert)
+        byte[] bobCert = sop.extractCert()
                 .key(bobKey)
                 .getBytes();
 
         assertThrows(SOPGPException.CertUserIdNoMatch.class, () ->
-                        assumeSupported(sop::certifyUserId)
+                        sop.certifyUserId()
                                 .userId("Bobby")
                                 .keys(aliceKey)
                                 .certs(bobCert)
                                 .getBytes(),
                 "Alice cannot create a pet-name for Bob without the --no-require-self-sig flag");
 
-        byte[] bobWithPetName = assumeSupported(sop::certifyUserId)
+        byte[] bobWithPetName = sop.certifyUserId()
                 .userId("Bobby")
                 .noRequireSelfSig()
                 .keys(aliceKey)
                 .certs(bobCert)
                 .getBytes();
 
-        assertTrue(assumeSupported(sop::validateUserId)
+        assertTrue(sop.validateUserId()
                         .userId("Bobby")
                         .authorities(aliceCert)
                         .subjects(bobWithPetName),
                 "Alice accepts the pet-name she gave to Bob");
 
         assertThrows(SOPGPException.CertUserIdNoMatch.class, () ->
-                        assumeSupported(sop::validateUserId)
+                        sop.validateUserId()
                                 .userId("Bobby")
                                 .authorities(bobWithPetName)
                                 .subjects(bobWithPetName),
@@ -163,28 +163,28 @@ public class CertifyValidateUserIdTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void certifyWithRevokedKey(SOP sop) throws IOException {
-        byte[] aliceKey = assumeSupported(sop::generateKey)
+        byte[] aliceKey = sop.generateKey()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] aliceRevokedCert = assumeSupported(sop::revokeKey)
+        byte[] aliceRevokedCert = sop.revokeKey()
                 .keys(aliceKey)
                 .getBytes();
-        byte[] aliceRevokedKey = assumeSupported(sop::updateKey)
+        byte[] aliceRevokedKey = sop.updateKey()
                 .mergeCerts(aliceRevokedCert)
                 .key(aliceKey)
                 .getBytes();
 
-        byte[] bobKey = assumeSupported(sop::generateKey)
+        byte[] bobKey = sop.generateKey()
                 .userId("Bob <bob@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] bobCert = assumeSupported(sop::extractCert)
+        byte[] bobCert = sop.extractCert()
                 .key(bobKey)
                 .getBytes();
 
         assertThrows(SOPGPException.KeyCannotCertify.class, () ->
-                assumeSupported(sop::certifyUserId)
+                sop.certifyUserId()
                         .userId("Bob <bob@pgpainless.org>")
                         .keys(aliceRevokedKey)
                         .certs(bobCert)

sop-java-testfixtures/src/main/java/sop/testsuite/operation/ChangeKeyPasswordTest.java

@@ -32,18 +32,18 @@ public class ChangeKeyPasswordTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void changePasswordFromUnprotectedToProtected(SOP sop) throws IOException {
-        byte[] unprotectedKey = assumeSupported(sop::generateKey).generate().getBytes();
+        byte[] unprotectedKey = sop.generateKey().generate().getBytes();
         byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
-        byte[] protectedKey = assumeSupported(sop::changeKeyPassword).newKeyPassphrase(password).keys(unprotectedKey).getBytes();
+        byte[] protectedKey = sop.changeKeyPassword().newKeyPassphrase(password).keys(unprotectedKey).getBytes();
 
-        assumeSupported(sop::sign).withKeyPassword(password).key(protectedKey).data("Test123".getBytes(StandardCharsets.UTF_8));
+        sop.sign().withKeyPassword(password).key(protectedKey).data("Test123".getBytes(StandardCharsets.UTF_8));
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void changePasswordFromUnprotectedToUnprotected(SOP sop) throws IOException {
-        byte[] unprotectedKey = assumeSupported(sop::generateKey).noArmor().generate().getBytes();
+        byte[] unprotectedKey = sop.generateKey().noArmor().generate().getBytes();
-        byte[] stillUnprotectedKey = assumeSupported(sop::changeKeyPassword).noArmor().keys(unprotectedKey).getBytes();
+        byte[] stillUnprotectedKey = sop.changeKeyPassword().noArmor().keys(unprotectedKey).getBytes();
 
         assertArrayEquals(unprotectedKey, stillUnprotectedKey);
     }
@@ -52,12 +52,12 @@ public class ChangeKeyPasswordTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void changePasswordFromProtectedToUnprotected(SOP sop) throws IOException {
         byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
-        byte[] protectedKey = assumeSupported(sop::generateKey).withKeyPassword(password).generate().getBytes();
+        byte[] protectedKey = sop.generateKey().withKeyPassword(password).generate().getBytes();
-        byte[] unprotectedKey = assumeSupported(sop::changeKeyPassword)
+        byte[] unprotectedKey = sop.changeKeyPassword()
                 .oldKeyPassphrase(password)
                 .keys(protectedKey).getBytes();
 
-        assumeSupported(sop::sign).key(unprotectedKey).data("Test123".getBytes(StandardCharsets.UTF_8));
+        sop.sign().key(unprotectedKey).data("Test123".getBytes(StandardCharsets.UTF_8));
     }
 
     @ParameterizedTest
@@ -65,13 +65,13 @@ public class ChangeKeyPasswordTest extends AbstractSOPTest {
     public void changePasswordFromProtectedToDifferentProtected(SOP sop) throws IOException {
         byte[] oldPassword = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
         byte[] newPassword = "0r4ng3".getBytes(UTF8Util.UTF8);
-        byte[] protectedKey = assumeSupported(sop::generateKey).withKeyPassword(oldPassword).generate().getBytes();
+        byte[] protectedKey = sop.generateKey().withKeyPassword(oldPassword).generate().getBytes();
-        byte[] reprotectedKey = assumeSupported(sop::changeKeyPassword)
+        byte[] reprotectedKey = sop.changeKeyPassword()
                 .oldKeyPassphrase(oldPassword)
                 .newKeyPassphrase(newPassword)
                 .keys(protectedKey).getBytes();
 
-        assumeSupported(sop::sign).key(reprotectedKey).withKeyPassword(newPassword).data("Test123".getBytes(StandardCharsets.UTF_8));
+        sop.sign().key(reprotectedKey).withKeyPassword(newPassword).data("Test123".getBytes(StandardCharsets.UTF_8));
     }
 
 
@@ -82,8 +82,8 @@ public class ChangeKeyPasswordTest extends AbstractSOPTest {
         byte[] newPassword = "monkey123".getBytes(UTF8Util.UTF8);
         byte[] wrongPassword = "0r4ng3".getBytes(UTF8Util.UTF8);
 
-        byte[] protectedKey = assumeSupported(sop::generateKey).withKeyPassword(oldPassword).generate().getBytes();
+        byte[] protectedKey = sop.generateKey().withKeyPassword(oldPassword).generate().getBytes();
-        assertThrows(SOPGPException.KeyIsProtected.class, () -> assumeSupported(sop::changeKeyPassword)
+        assertThrows(SOPGPException.KeyIsProtected.class, () -> sop.changeKeyPassword()
                 .oldKeyPassphrase(wrongPassword)
                 .newKeyPassphrase(newPassword)
                 .keys(protectedKey).getBytes());
@@ -93,9 +93,9 @@ public class ChangeKeyPasswordTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void nonUtf8PasswordsFail(SOP sop) {
         assertThrows(SOPGPException.PasswordNotHumanReadable.class, () ->
-                assumeSupported(sop::changeKeyPassword).oldKeyPassphrase(new byte[] {(byte) 0xff, (byte) 0xfe}));
+                sop.changeKeyPassword().oldKeyPassphrase(new byte[] {(byte) 0xff, (byte) 0xfe}));
         assertThrows(SOPGPException.PasswordNotHumanReadable.class, () ->
-                assumeSupported(sop::changeKeyPassword).newKeyPassphrase(new byte[] {(byte) 0xff, (byte) 0xfe}));
+                sop.changeKeyPassword().newKeyPassphrase(new byte[] {(byte) 0xff, (byte) 0xfe}));
 
     }
 
@@ -104,16 +104,16 @@ public class ChangeKeyPasswordTest extends AbstractSOPTest {
     public void testNoArmor(SOP sop) throws IOException {
         byte[] oldPassword = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
         byte[] newPassword = "0r4ng3".getBytes(UTF8Util.UTF8);
-        byte[] protectedKey = assumeSupported(sop::generateKey).withKeyPassword(oldPassword).generate().getBytes();
+        byte[] protectedKey = sop.generateKey().withKeyPassword(oldPassword).generate().getBytes();
 
-        byte[] armored = assumeSupported(sop::changeKeyPassword)
+        byte[] armored = sop.changeKeyPassword()
                 .oldKeyPassphrase(oldPassword)
                 .newKeyPassphrase(newPassword)
                 .keys(protectedKey)
                 .getBytes();
         JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_PRIVATE_KEY_BLOCK);
 
-        byte[] unarmored = assumeSupported(sop::changeKeyPassword)
+        byte[] unarmored = sop.changeKeyPassword()
                 .noArmor()
                 .oldKeyPassphrase(oldPassword)
                 .newKeyPassphrase(newPassword)

sop-java-testfixtures/src/main/java/sop/testsuite/operation/DecryptWithSessionKeyTest.java

@@ -41,7 +41,7 @@ public class DecryptWithSessionKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testDecryptAndExtractSessionKey(SOP sop) throws IOException {
-        ByteArrayAndResult<DecryptionResult> bytesAndResult = assumeSupported(sop::decrypt)
+        ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
                 .withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .ciphertext(CIPHERTEXT.getBytes(StandardCharsets.UTF_8))
                 .toByteArrayAndResult();
@@ -54,7 +54,7 @@ public class DecryptWithSessionKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testDecryptWithSessionKey(SOP sop) throws IOException {
-        byte[] decrypted = assumeSupported(sop::decrypt)
+        byte[] decrypted = sop.decrypt()
                 .withSessionKey(SessionKey.fromString(SESSION_KEY))
                 .ciphertext(CIPHERTEXT.getBytes(StandardCharsets.UTF_8))
                 .toByteArrayAndResult()

sop-java-testfixtures/src/main/java/sop/testsuite/operation/DetachedSignDetachedVerifyTest.java

@@ -37,13 +37,13 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     public void signVerifyWithAliceKey(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] signature = assumeSupported(sop::detachedSign)
+        byte[] signature = sop.detachedSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        List<Verification> verificationList = assumeSupported(sop::detachedVerify)
+        List<Verification> verificationList = sop.detachedVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signature)
                 .data(message);
@@ -60,14 +60,14 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     public void signVerifyTextModeWithAliceKey(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] signature = assumeSupported(sop::detachedSign)
+        byte[] signature = sop.detachedSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .mode(SignAs.text)
                 .data(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        List<Verification> verificationList = assumeSupported(sop::detachedVerify)
+        List<Verification> verificationList = sop.detachedVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signature)
                 .data(message);
@@ -85,7 +85,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
         byte[] signature = TestData.ALICE_DETACHED_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
 
-        List<Verification> verificationList = assumeSupported(sop::detachedVerify)
+        List<Verification> verificationList = sop.detachedVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signature)
                 .data(message);
@@ -101,13 +101,13 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     public void signVerifyWithBobKey(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] signature = assumeSupported(sop::detachedSign)
+        byte[] signature = sop.detachedSign()
                 .key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        List<Verification> verificationList = assumeSupported(sop::detachedVerify)
+        List<Verification> verificationList = sop.detachedVerify()
                 .cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signature)
                 .data(message);
@@ -123,13 +123,13 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     public void signVerifyWithCarolKey(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] signature = assumeSupported(sop::detachedSign)
+        byte[] signature = sop.detachedSign()
                 .key(TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        List<Verification> verificationList = assumeSupported(sop::detachedVerify)
+        List<Verification> verificationList = sop.detachedVerify()
                 .cert(TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signature)
                 .data(message);
@@ -145,7 +145,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     public void signVerifyWithEncryptedKey(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] signature = assumeSupported(sop::detachedSign)
+        byte[] signature = sop.detachedSign()
                 .key(TestData.PASSWORD_PROTECTED_KEY.getBytes(StandardCharsets.UTF_8))
                 .withKeyPassword(TestData.PASSWORD)
                 .data(message)
@@ -154,7 +154,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
 
         JUtils.assertArrayStartsWith(signature, TestData.BEGIN_PGP_SIGNATURE);
 
-        List<Verification> verificationList = assumeSupported(sop::detachedVerify)
+        List<Verification> verificationList = sop.detachedVerify()
                 .cert(TestData.PASSWORD_PROTECTED_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signature)
                 .data(message);
@@ -170,18 +170,18 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     public void signArmorVerifyWithBobKey(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] signature = assumeSupported(sop::detachedSign)
+        byte[] signature = sop.detachedSign()
                 .key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
                 .noArmor()
                 .data(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(signature)
                 .getBytes();
 
-        List<Verification> verificationList = assumeSupported(sop::detachedVerify)
+        List<Verification> verificationList = sop.detachedVerify()
                 .cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(armored)
                 .data(message);
@@ -199,7 +199,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
         byte[] signature = TestData.ALICE_DETACHED_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
         Date beforeSignature = new Date(TestData.ALICE_DETACHED_SIGNED_MESSAGE_DATE.getTime() - 1000); // 1 sec before sig
 
-        assertThrows(SOPGPException.NoSignature.class, () -> assumeSupported(sop::detachedVerify)
+        assertThrows(SOPGPException.NoSignature.class, () -> sop.detachedVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .notAfter(beforeSignature)
                 .signatures(signature)
@@ -213,7 +213,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
         byte[] signature = TestData.ALICE_DETACHED_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
         Date afterSignature = new Date(TestData.ALICE_DETACHED_SIGNED_MESSAGE_DATE.getTime() + 1000); // 1 sec after sig
 
-        assertThrows(SOPGPException.NoSignature.class, () -> assumeSupported(sop::detachedVerify)
+        assertThrows(SOPGPException.NoSignature.class, () -> sop.detachedVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .notBefore(afterSignature)
                 .signatures(signature)
@@ -224,13 +224,13 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void signWithAliceVerifyWithBobThrowsNoSignature(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] signatures = assumeSupported(sop::detachedSign)
+        byte[] signatures = sop.detachedSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        assertThrows(SOPGPException.NoSignature.class, () -> assumeSupported(sop::detachedVerify)
+        assertThrows(SOPGPException.NoSignature.class, () -> sop.detachedVerify()
                 .cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signatures)
                 .data(message));
@@ -240,7 +240,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void signVerifyWithEncryptedKeyWithoutPassphraseFails(SOP sop) {
         assertThrows(SOPGPException.KeyIsProtected.class, () ->
-                assumeSupported(sop::detachedSign)
+                sop.detachedSign()
                         .key(TestData.PASSWORD_PROTECTED_KEY.getBytes(StandardCharsets.UTF_8))
                         .data(TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8))
                         .toByteArrayAndResult()
@@ -253,7 +253,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
             throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] signature = assumeSupported(sop::sign)
+        byte[] signature = sop.sign()
                 .key(TestData.PASSWORD_PROTECTED_KEY.getBytes(StandardCharsets.UTF_8))
                 .withKeyPassword("wrong")
                 .withKeyPassword(TestData.PASSWORD) // correct
@@ -262,7 +262,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
                 .toByteArrayAndResult()
                 .getBytes();
 
-        List<Verification> verificationList = assumeSupported(sop::verify)
+        List<Verification> verificationList = sop.verify()
                 .cert(TestData.PASSWORD_PROTECTED_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signature)
                 .data(message);
@@ -279,7 +279,7 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
         assertThrows(SOPGPException.MissingArg.class, () ->
-                assumeSupported(sop::verify)
+                sop.verify()
                         .signatures(TestData.ALICE_DETACHED_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8))
                         .data(message));
     }
@@ -288,14 +288,14 @@ public class DetachedSignDetachedVerifyTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void signVerifyWithMultipleKeys(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] signatures = assumeSupported(sop::detachedSign)
+        byte[] signatures = sop.detachedSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        List<Verification> verificationList = assumeSupported(sop::detachedVerify)
+        List<Verification> verificationList = sop.detachedVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signatures)

sop-java-testfixtures/src/main/java/sop/testsuite/operation/EncryptDecryptTest.java

@@ -49,7 +49,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void encryptDecryptRoundTripPasswordTest(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        ByteArrayAndResult<EncryptionResult> encResult = assumeSupported(sop::encrypt)
+        ByteArrayAndResult<EncryptionResult> encResult = sop.encrypt()
                 .withPassword("sw0rdf1sh")
                 .plaintext(message)
                 .toByteArrayAndResult();
@@ -57,7 +57,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
         byte[] ciphertext = encResult.getBytes();
         Optional<SessionKey> encSessionKey = encResult.getResult().getSessionKey();
 
-        ByteArrayAndResult<DecryptionResult> decResult = assumeSupported(sop::decrypt)
+        ByteArrayAndResult<DecryptionResult> decResult = sop.decrypt()
                 .withPassword("sw0rdf1sh")
                 .ciphertext(ciphertext)
                 .toByteArrayAndResult();
@@ -65,10 +65,9 @@ public class EncryptDecryptTest extends AbstractSOPTest {
         byte[] plaintext = decResult.getBytes();
         Optional<SessionKey> decSessionKey = decResult.getResult().getSessionKey();
 
-        assertArrayEquals(message, plaintext, "Decrypted plaintext does not match original plaintext.");
+        assertArrayEquals(message, plaintext);
         if (encSessionKey.isPresent() && decSessionKey.isPresent()) {
-            assertEquals(encSessionKey.get(), decSessionKey.get(),
+            assertEquals(encSessionKey.get(), decSessionKey.get());
-                    "Extracted Session Key mismatch.");
         }
     }
 
@@ -76,93 +75,91 @@ public class EncryptDecryptTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void encryptDecryptRoundTripAliceTest(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] ciphertext = assumeSupported(sop::encrypt)
+        byte[] ciphertext = sop.encrypt()
                 .withCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .plaintext(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        ByteArrayAndResult<DecryptionResult> bytesAndResult = assumeSupported(sop::decrypt)
+        ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
                 .withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .ciphertext(ciphertext)
                 .toByteArrayAndResult();
 
         byte[] plaintext = bytesAndResult.getBytes();
-        assertArrayEquals(message, plaintext, "Decrypted plaintext does not match original plaintext.");
+        assertArrayEquals(message, plaintext);
 
         DecryptionResult result = bytesAndResult.getResult();
-        if (result.getSessionKey().isPresent()) {
+        assertNotNull(result.getSessionKey().get());
-            assertNotNull(result.getSessionKey().get(), "Session key MUST NOT be null.");
-        }
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void encryptDecryptRoundTripBobTest(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] ciphertext = assumeSupported(sop::encrypt)
+        byte[] ciphertext = sop.encrypt()
                 .withCert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
                 .plaintext(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        byte[] plaintext = assumeSupported(sop::decrypt)
+        byte[] plaintext = sop.decrypt()
                 .withKey(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
                 .ciphertext(ciphertext)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        assertArrayEquals(message, plaintext, "Decrypted plaintext does not match original plaintext.");
+        assertArrayEquals(message, plaintext);
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void encryptDecryptRoundTripCarolTest(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] ciphertext = assumeSupported(sop::encrypt)
+        byte[] ciphertext = sop.encrypt()
                 .withCert(TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8))
                 .plaintext(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        byte[] plaintext = assumeSupported(sop::decrypt)
+        byte[] plaintext = sop.decrypt()
                 .withKey(TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8))
                 .ciphertext(ciphertext)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        assertArrayEquals(message, plaintext, "Decrypted plaintext does not match original plaintext.");
+        assertArrayEquals(message, plaintext);
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void encryptNoArmorThenArmorThenDecryptRoundTrip(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] ciphertext = assumeSupported(sop::encrypt)
+        byte[] ciphertext = sop.encrypt()
                 .withCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .noArmor()
                 .plaintext(message)
                 .toByteArrayAndResult()
                 .getBytes();
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(ciphertext)
                 .getBytes();
 
-        ByteArrayAndResult<DecryptionResult> bytesAndResult = assumeSupported(sop::decrypt)
+        ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
                 .withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .ciphertext(armored)
                 .toByteArrayAndResult();
 
         byte[] plaintext = bytesAndResult.getBytes();
-        assertArrayEquals(message, plaintext, "Decrypted plaintext does not match original plaintext.");
+        assertArrayEquals(message, plaintext);
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void encryptSignDecryptVerifyRoundTripAliceTest(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] ciphertext = assumeSupported(sop::encrypt)
+        byte[] ciphertext = sop.encrypt()
                 .withCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .signWith(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .mode(EncryptAs.binary)
@@ -170,19 +167,17 @@ public class EncryptDecryptTest extends AbstractSOPTest {
                 .toByteArrayAndResult()
                 .getBytes();
 
-        ByteArrayAndResult<DecryptionResult> bytesAndResult = assumeSupported(sop::decrypt)
+        ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
                 .withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .verifyWithCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .ciphertext(ciphertext)
                 .toByteArrayAndResult();
 
         byte[] plaintext = bytesAndResult.getBytes();
-        assertArrayEquals(message, plaintext, "Decrypted plaintext does not match original plaintext.");
+        assertArrayEquals(message, plaintext);
 
         DecryptionResult result = bytesAndResult.getResult();
-        if (result.getSessionKey().isPresent()) {
+        assertNotNull(result.getSessionKey().get());
-            assertNotNull(result.getSessionKey().get(), "Session key MUST NOT be null.");
-        }
 
         List<Verification> verificationList = result.getVerifications();
         VerificationListAssert.assertThatVerificationList(verificationList)
@@ -196,7 +191,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void encryptSignAsTextDecryptVerifyRoundTripAliceTest(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] ciphertext = assumeSupported(sop::encrypt)
+        byte[] ciphertext = sop.encrypt()
                 .withCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .signWith(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .mode(EncryptAs.text)
@@ -204,14 +199,14 @@ public class EncryptDecryptTest extends AbstractSOPTest {
                 .toByteArrayAndResult()
                 .getBytes();
 
-        ByteArrayAndResult<DecryptionResult> bytesAndResult = assumeSupported(sop::decrypt)
+        ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
                 .withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .verifyWithCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .ciphertext(ciphertext)
                 .toByteArrayAndResult();
 
         byte[] plaintext = bytesAndResult.getBytes();
-        assertArrayEquals(message, plaintext, "Decrypted plaintext does not match original plaintext.");
+        assertArrayEquals(message, plaintext);
 
         DecryptionResult result = bytesAndResult.getResult();
         assertNotNull(result.getSessionKey().get());
@@ -227,17 +222,17 @@ public class EncryptDecryptTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void encryptSignDecryptVerifyRoundTripWithFreshEncryptedKeyTest(SOP sop) throws IOException {
         byte[] keyPassword = "sw0rdf1sh".getBytes(StandardCharsets.UTF_8);
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .withKeyPassword(keyPassword)
                 .userId("Alice <alice@openpgp.org>")
                 .generate()
                 .getBytes();
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .key(key)
                 .getBytes();
 
         byte[] message = "Hello, World!\n".getBytes(StandardCharsets.UTF_8);
-        byte[] ciphertext = assumeSupported(sop::encrypt)
+        byte[] ciphertext = sop.encrypt()
                 .withCert(cert)
                 .signWith(key)
                 .withKeyPassword(keyPassword)
@@ -245,7 +240,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
                 .toByteArrayAndResult()
                 .getBytes();
 
-        ByteArrayAndResult<DecryptionResult> bytesAndResult = assumeSupported(sop::decrypt)
+        ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
                 .withKey(key)
                 .withKeyPassword(keyPassword)
                 .verifyWithCert(cert)
@@ -278,7 +273,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
         Date beforeSignature = new Date(signatureDate.getTime() - 1000); // 1 sec before signing date
 
         assertThrows(SOPGPException.NoSignature.class, () -> {
-            ByteArrayAndResult<DecryptionResult> bytesAndResult = assumeSupported(sop::decrypt)
+            ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
                     .withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                     .verifyWithCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                     .verifyNotAfter(beforeSignature)
@@ -312,7 +307,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
         Date afterSignature = new Date(signatureDate.getTime() + 1000); // 1 sec after signing date
 
         assertThrows(SOPGPException.NoSignature.class, () -> {
-            ByteArrayAndResult<DecryptionResult> bytesAndResult = assumeSupported(sop::decrypt)
+            ByteArrayAndResult<DecryptionResult> bytesAndResult = sop.decrypt()
                     .withKey(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                     .verifyWithCert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                     .verifyNotBefore(afterSignature)
@@ -331,7 +326,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
     public void missingArgsTest(SOP sop) {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        assertThrows(SOPGPException.MissingArg.class, () -> assumeSupported(sop::encrypt)
+        assertThrows(SOPGPException.MissingArg.class, () -> sop.encrypt()
                 .plaintext(message)
                 .toByteArrayAndResult()
                 .getBytes());
@@ -341,7 +336,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void passingSecretKeysForPublicKeysFails(SOP sop) {
         assertThrows(SOPGPException.BadData.class, () ->
-                assumeSupported(sop::encrypt)
+                sop.encrypt()
                         .withCert(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                         .plaintext(TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8))
                         .toByteArrayAndResult()
@@ -351,19 +346,19 @@ public class EncryptDecryptTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void encryptDecryptWithAllSupportedKeyGenerationProfiles(SOP sop) throws IOException {
-        List<Profile> profiles = assumeSupported(sop::listProfiles).generateKey();
+        List<Profile> profiles = sop.listProfiles().generateKey();
 
         List<byte[]> keys = new ArrayList<>();
         List<byte[]> certs = new ArrayList<>();
         for (Profile p : profiles) {
-            byte[] k = assumeSupported(sop::generateKey)
+            byte[] k = sop.generateKey()
                     .profile(p)
                     .userId(p.getName())
                     .generate()
                     .getBytes();
             keys.add(k);
 
-            byte[] c = assumeSupported(sop::extractCert)
+            byte[] c = sop.extractCert()
                     .key(k)
                     .getBytes();
             certs.add(c);
@@ -371,7 +366,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
 
         byte[] plaintext = "Hello, World!\n".getBytes();
 
-        Encrypt encrypt = assumeSupported(sop::encrypt);
+        Encrypt encrypt = sop.encrypt();
         for (byte[] c : certs) {
             encrypt.withCert(c);
         }
@@ -385,7 +380,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
         byte[] ciphertext = encRes.getBytes();
 
         for (byte[] k : keys) {
-            Decrypt decrypt = assumeSupported(sop::decrypt)
+            Decrypt decrypt = sop.decrypt()
                     .withKey(k);
             for (byte[] c : certs) {
                 decrypt.verifyWithCert(c);
@@ -394,7 +389,7 @@ public class EncryptDecryptTest extends AbstractSOPTest {
                     .toByteArrayAndResult();
             DecryptionResult dResult = decRes.getResult();
             byte[] decPlaintext = decRes.getBytes();
-            assertArrayEquals(plaintext, decPlaintext, "Decrypted plaintext does not match original plaintext.");
+            assertArrayEquals(plaintext, decPlaintext);
             assertEquals(certs.size(), dResult.getVerifications().size());
         }
     }

sop-java-testfixtures/src/main/java/sop/testsuite/operation/ExtractCertTest.java

@@ -28,12 +28,12 @@ public class ExtractCertTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void extractArmoredCertFromArmoredKeyTest(SOP sop) throws IOException {
-        InputStream keyIn = assumeSupported(sop::generateKey)
+        InputStream keyIn = sop.generateKey()
                 .userId("Alice <alice@openpgp.org>")
                 .generate()
                 .getInputStream();
 
-        byte[] cert = assumeSupported(sop::extractCert).key(keyIn).getBytes();
+        byte[] cert = sop.extractCert().key(keyIn).getBytes();
         JUtils.assertArrayStartsWith(cert, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK);
         JUtils.assertArrayEndsWithIgnoreNewlines(cert, TestData.END_PGP_PUBLIC_KEY_BLOCK);
     }
@@ -41,7 +41,7 @@ public class ExtractCertTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void extractAliceCertFromAliceKeyTest(SOP sop) throws IOException {
-        byte[] armoredCert = assumeSupported(sop::extractCert)
+        byte[] armoredCert = sop.extractCert()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .getBytes();
         JUtils.assertAsciiArmorEquals(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8), armoredCert);
@@ -50,7 +50,7 @@ public class ExtractCertTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void extractBobsCertFromBobsKeyTest(SOP sop) throws IOException {
-        byte[] armoredCert = assumeSupported(sop::extractCert)
+        byte[] armoredCert = sop.extractCert()
                 .key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
                 .getBytes();
         JUtils.assertAsciiArmorEquals(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8), armoredCert);
@@ -59,7 +59,7 @@ public class ExtractCertTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void extractCarolsCertFromCarolsKeyTest(SOP sop) throws IOException {
-        byte[] armoredCert = assumeSupported(sop::extractCert)
+        byte[] armoredCert = sop.extractCert()
                 .key(TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8))
                 .getBytes();
         JUtils.assertAsciiArmorEquals(TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8), armoredCert);
@@ -68,12 +68,12 @@ public class ExtractCertTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void extractUnarmoredCertFromArmoredKeyTest(SOP sop) throws IOException {
-        InputStream keyIn = assumeSupported(sop::generateKey)
+        InputStream keyIn = sop.generateKey()
                 .userId("Alice <alice@openpgp.org>")
                 .generate()
                 .getInputStream();
 
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .noArmor()
                 .key(keyIn)
                 .getBytes();
@@ -84,13 +84,13 @@ public class ExtractCertTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void extractArmoredCertFromUnarmoredKeyTest(SOP sop) throws IOException {
-        InputStream keyIn = assumeSupported(sop::generateKey)
+        InputStream keyIn = sop.generateKey()
                 .userId("Alice <alice@openpgp.org>")
                 .noArmor()
                 .generate()
                 .getInputStream();
 
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .key(keyIn)
                 .getBytes();
 
@@ -101,13 +101,13 @@ public class ExtractCertTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void extractUnarmoredCertFromUnarmoredKeyTest(SOP sop) throws IOException {
-        InputStream keyIn = assumeSupported(sop::generateKey)
+        InputStream keyIn = sop.generateKey()
                 .noArmor()
                 .userId("Alice <alice@openpgp.org>")
                 .generate()
                 .getInputStream();
 
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .noArmor()
                 .key(keyIn)
                 .getBytes();

sop-java-testfixtures/src/main/java/sop/testsuite/operation/GenerateKeyTest.java

@@ -33,7 +33,7 @@ public class GenerateKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void generateKeyTest(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@openpgp.org>")
                 .generate()
                 .getBytes();
@@ -45,7 +45,7 @@ public class GenerateKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void generateKeyNoArmor(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@openpgp.org>")
                 .noArmor()
                 .generate()
@@ -57,7 +57,7 @@ public class GenerateKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void generateKeyWithMultipleUserIdsTest(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@openpgp.org>")
                 .userId("Bob <bob@openpgp.org>")
                 .generate()
@@ -70,7 +70,7 @@ public class GenerateKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void generateKeyWithoutUserIdTest(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .generate()
                 .getBytes();
 
@@ -81,7 +81,7 @@ public class GenerateKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void generateKeyWithPasswordTest(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@openpgp.org>")
                 .withKeyPassword("sw0rdf1sh")
                 .generate()
@@ -94,7 +94,7 @@ public class GenerateKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void generateKeyWithMultipleUserIdsAndPassword(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@openpgp.org>")
                 .userId("Bob <bob@openpgp.org>")
                 .withKeyPassword("sw0rdf1sh")
@@ -108,17 +108,17 @@ public class GenerateKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void generateSigningOnlyKey(SOP sop) throws IOException {
-        byte[] signingOnlyKey = assumeSupported(sop::generateKey)
+        byte[] signingOnlyKey = sop.generateKey()
                 .signingOnly()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
-        byte[] signingOnlyCert = assumeSupported(sop::extractCert)
+        byte[] signingOnlyCert = sop.extractCert()
                 .key(signingOnlyKey)
                 .getBytes();
 
         assertThrows(SOPGPException.CertCannotEncrypt.class, () ->
-                assumeSupported(sop::encrypt).withCert(signingOnlyCert)
+                sop.encrypt().withCert(signingOnlyCert)
                         .plaintext(TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8))
                         .toByteArrayAndResult()
                         .getBytes());
@@ -127,7 +127,7 @@ public class GenerateKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void generateKeyWithSupportedProfiles(SOP sop) throws IOException {
-        List<Profile> profiles = assumeSupported(sop::listProfiles)
+        List<Profile> profiles = sop.listProfiles()
                 .generateKey();
 
         for (Profile profile : profiles) {
@@ -138,7 +138,7 @@ public class GenerateKeyTest extends AbstractSOPTest {
     private void generateKeyWithProfile(SOP sop, String profile) throws IOException {
         byte[] key;
         try {
-            key = assumeSupported(sop::generateKey)
+            key = sop.generateKey()
                     .profile(profile)
                     .userId("Alice <alice@pgpainless.org>")
                     .generate()

sop-java-testfixtures/src/main/java/sop/testsuite/operation/InlineSignInlineDetachDetachedVerifyTest.java

@@ -36,12 +36,12 @@ public class InlineSignInlineDetachDetachedVerifyTest extends AbstractSOPTest {
     public void inlineSignThenDetachThenDetachedVerifyTest(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] inlineSigned = assumeSupported(sop::inlineSign)
+        byte[] inlineSigned = sop.inlineSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .getBytes();
 
-        ByteArrayAndResult<Signatures> bytesAndResult = assumeSupported(sop::inlineDetach)
+        ByteArrayAndResult<Signatures> bytesAndResult = sop.inlineDetach()
                 .message(inlineSigned)
                 .toByteArrayAndResult();
 
@@ -51,7 +51,7 @@ public class InlineSignInlineDetachDetachedVerifyTest extends AbstractSOPTest {
         byte[] signatures = bytesAndResult.getResult()
                 .getBytes();
 
-        List<Verification> verifications = assumeSupported(sop::detachedVerify)
+        List<Verification> verifications = sop.detachedVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(signatures)
                 .data(plaintext);
@@ -64,12 +64,12 @@ public class InlineSignInlineDetachDetachedVerifyTest extends AbstractSOPTest {
     public void inlineSignThenDetachNoArmorThenArmorThenDetachedVerifyTest(SOP sop) throws IOException {
         byte[] message = "Hello, World!\n".getBytes(StandardCharsets.UTF_8);
 
-        byte[] inlineSigned = assumeSupported(sop::inlineSign)
+        byte[] inlineSigned = sop.inlineSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .getBytes();
 
-        ByteArrayAndResult<Signatures> bytesAndResult = assumeSupported(sop::inlineDetach)
+        ByteArrayAndResult<Signatures> bytesAndResult = sop.inlineDetach()
                 .noArmor()
                 .message(inlineSigned)
                 .toByteArrayAndResult();
@@ -81,12 +81,12 @@ public class InlineSignInlineDetachDetachedVerifyTest extends AbstractSOPTest {
                 .getBytes();
         Assertions.assertFalse(JUtils.arrayStartsWith(signatures, TestData.BEGIN_PGP_SIGNATURE));
 
-        byte[] armored = assumeSupported(sop::armor)
+        byte[] armored = sop.armor()
                 .data(signatures)
                 .getBytes();
         JUtils.assertArrayStartsWith(armored, TestData.BEGIN_PGP_SIGNATURE);
 
-        List<Verification> verifications = assumeSupported(sop::detachedVerify)
+        List<Verification> verifications = sop.detachedVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .signatures(armored)
                 .data(plaintext);

sop-java-testfixtures/src/main/java/sop/testsuite/operation/InlineSignInlineVerifyTest.java

@@ -40,14 +40,14 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
     public void inlineSignVerifyAlice(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] inlineSigned = assumeSupported(sop::inlineSign)
+        byte[] inlineSigned = sop.inlineSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .getBytes();
 
         JUtils.assertArrayStartsWith(inlineSigned, TestData.BEGIN_PGP_MESSAGE);
 
-        ByteArrayAndResult<List<Verification>> bytesAndResult = assumeSupported(sop::inlineVerify)
+        ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(inlineSigned)
                 .toByteArrayAndResult();
@@ -66,7 +66,7 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
     public void inlineSignVerifyAliceNoArmor(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] inlineSigned = assumeSupported(sop::inlineSign)
+        byte[] inlineSigned = sop.inlineSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .noArmor()
                 .data(message)
@@ -74,7 +74,7 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
 
         Assertions.assertFalse(JUtils.arrayStartsWith(inlineSigned, TestData.BEGIN_PGP_MESSAGE));
 
-        ByteArrayAndResult<List<Verification>> bytesAndResult = assumeSupported(sop::inlineVerify)
+        ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(inlineSigned)
                 .toByteArrayAndResult();
@@ -93,7 +93,7 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
     public void clearsignVerifyAlice(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] clearsigned = assumeSupported(sop::inlineSign)
+        byte[] clearsigned = sop.inlineSign()
                 .key(TestData.ALICE_KEY.getBytes(StandardCharsets.UTF_8))
                 .mode(InlineSignAs.clearsigned)
                 .data(message)
@@ -101,13 +101,12 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
 
         JUtils.assertArrayStartsWith(clearsigned, TestData.BEGIN_PGP_SIGNED_MESSAGE);
 
-        ByteArrayAndResult<List<Verification>> bytesAndResult = assumeSupported(sop::inlineVerify)
+        ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(clearsigned)
                 .toByteArrayAndResult();
 
-        assertArrayEquals(message, bytesAndResult.getBytes(),
+        assertArrayEquals(message, bytesAndResult.getBytes());
-                "ASCII armored message does not appear to start with the 'BEGIN PGP SIGNED MESSAGE' header.");
 
         List<Verification> verificationList = bytesAndResult.getResult();
         VerificationListAssert.assertThatVerificationList(verificationList)
@@ -122,7 +121,7 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
         byte[] message = TestData.ALICE_INLINE_SIGNED_MESSAGE.getBytes(StandardCharsets.UTF_8);
         Date signatureDate = TestData.ALICE_INLINE_SIGNED_MESSAGE_DATE;
 
-        ByteArrayAndResult<List<Verification>> bytesAndResult = assumeSupported(sop::inlineVerify)
+        ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .toByteArrayAndResult();
@@ -142,7 +141,7 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
         Date signatureDate = TestData.ALICE_INLINE_SIGNED_MESSAGE_DATE;
         Date afterSignature = new Date(signatureDate.getTime() + 1000); // 1 sec before sig
 
-        assertThrows(SOPGPException.NoSignature.class, () -> assumeSupported(sop::inlineVerify)
+        assertThrows(SOPGPException.NoSignature.class, () -> sop.inlineVerify()
                 .notBefore(afterSignature)
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(message)
@@ -156,7 +155,7 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
         Date signatureDate = TestData.ALICE_INLINE_SIGNED_MESSAGE_DATE;
         Date beforeSignature = new Date(signatureDate.getTime() - 1000); // 1 sec before sig
 
-        assertThrows(SOPGPException.NoSignature.class, () -> assumeSupported(sop::inlineVerify)
+        assertThrows(SOPGPException.NoSignature.class, () -> sop.inlineVerify()
                 .notAfter(beforeSignature)
                 .cert(TestData.ALICE_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(message)
@@ -168,14 +167,14 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
     public void inlineSignVerifyBob(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] inlineSigned = assumeSupported(sop::inlineSign)
+        byte[] inlineSigned = sop.inlineSign()
                 .key(TestData.BOB_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .getBytes();
 
         JUtils.assertArrayStartsWith(inlineSigned, TestData.BEGIN_PGP_MESSAGE);
 
-        ByteArrayAndResult<List<Verification>> bytesAndResult = assumeSupported(sop::inlineVerify)
+        ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
                 .cert(TestData.BOB_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(inlineSigned)
                 .toByteArrayAndResult();
@@ -194,14 +193,14 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
     public void inlineSignVerifyCarol(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] inlineSigned = assumeSupported(sop::inlineSign)
+        byte[] inlineSigned = sop.inlineSign()
                 .key(TestData.CAROL_KEY.getBytes(StandardCharsets.UTF_8))
                 .data(message)
                 .getBytes();
 
         JUtils.assertArrayStartsWith(inlineSigned, TestData.BEGIN_PGP_MESSAGE);
 
-        ByteArrayAndResult<List<Verification>> bytesAndResult = assumeSupported(sop::inlineVerify)
+        ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
                 .cert(TestData.CAROL_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(inlineSigned)
                 .toByteArrayAndResult();
@@ -220,14 +219,14 @@ public class InlineSignInlineVerifyTest extends AbstractSOPTest {
     public void inlineSignVerifyProtectedKey(SOP sop) throws IOException {
         byte[] message = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
 
-        byte[] inlineSigned = assumeSupported(sop::inlineSign)
+        byte[] inlineSigned = sop.inlineSign()
                 .withKeyPassword(TestData.PASSWORD)
                 .key(TestData.PASSWORD_PROTECTED_KEY.getBytes(StandardCharsets.UTF_8))
                 .mode(InlineSignAs.binary)
                 .data(message)
                 .getBytes();
 
-        ByteArrayAndResult<List<Verification>> bytesAndResult = assumeSupported(sop::inlineVerify)
+        ByteArrayAndResult<List<Verification>> bytesAndResult = sop.inlineVerify()
                 .cert(TestData.PASSWORD_PROTECTED_CERT.getBytes(StandardCharsets.UTF_8))
                 .data(inlineSigned)
                 .toByteArrayAndResult();

sop-java-testfixtures/src/main/java/sop/testsuite/operation/ListProfilesTest.java

@@ -26,7 +26,8 @@ public class ListProfilesTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void listGenerateKeyProfiles(SOP sop) {
-        List<Profile> profiles = assumeSupported(sop::listProfiles)
+        List<Profile> profiles = sop
+                .listProfiles()
                 .generateKey();
 
         assertFalse(profiles.isEmpty());
@@ -35,7 +36,8 @@ public class ListProfilesTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void listEncryptProfiles(SOP sop) {
-        List<Profile> profiles = assumeSupported(sop::listProfiles)
+        List<Profile> profiles = sop
+                .listProfiles()
                 .encrypt();
 
         assertFalse(profiles.isEmpty());
@@ -44,7 +46,8 @@ public class ListProfilesTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void listUnsupportedProfiles(SOP sop) {
-        assertThrows(SOPGPException.UnsupportedProfile.class, () -> assumeSupported(sop::listProfiles)
+        assertThrows(SOPGPException.UnsupportedProfile.class, () -> sop
+                .listProfiles()
                 .subcommand("invalid"));
     }
 }

sop-java-testfixtures/src/main/java/sop/testsuite/operation/MergeCertsTest.java

@@ -24,16 +24,16 @@ public class MergeCertsTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testMergeWithItself(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
 
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .key(key)
                 .getBytes();
 
-        byte[] merged = assumeSupported(sop::mergeCerts)
+        byte[] merged = sop.mergeCerts()
                 .updates(cert)
                 .baseCertificates(cert)
                 .getBytes();
@@ -44,17 +44,17 @@ public class MergeCertsTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testMergeWithItselfArmored(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .noArmor()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
 
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .key(key)
                 .getBytes();
 
-        byte[] merged = assumeSupported(sop::mergeCerts)
+        byte[] merged = sop.mergeCerts()
                 .updates(cert)
                 .baseCertificates(cert)
                 .getBytes();
@@ -65,18 +65,18 @@ public class MergeCertsTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testMergeWithItselfViaBase(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
 
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .key(key)
                 .getBytes();
 
         byte[] certs = ArraysKt.plus(cert, cert);
 
-        byte[] merged = assumeSupported(sop::mergeCerts)
+        byte[] merged = sop.mergeCerts()
                 .updates(cert)
                 .baseCertificates(certs)
                 .getBytes();
@@ -87,20 +87,20 @@ public class MergeCertsTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testApplyBaseToUpdate(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
 
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .key(key)
                 .getBytes();
 
-        byte[] update = assumeSupported(sop::revokeKey)
+        byte[] update = sop.revokeKey()
                 .keys(key)
                 .getBytes();
 
-        byte[] merged = assumeSupported(sop::mergeCerts)
+        byte[] merged = sop.mergeCerts()
                 .updates(cert)
                 .baseCertificates(update)
                 .getBytes();
@@ -111,20 +111,20 @@ public class MergeCertsTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testApplyUpdateToBase(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey)
+        byte[] key = sop.generateKey()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
 
-        byte[] cert = assumeSupported(sop::extractCert)
+        byte[] cert = sop.extractCert()
                 .key(key)
                 .getBytes();
 
-        byte[] update = assumeSupported(sop::revokeKey)
+        byte[] update = sop.revokeKey()
                 .keys(key)
                 .getBytes();
 
-        byte[] merged = assumeSupported(sop::mergeCerts)
+        byte[] merged = sop.mergeCerts()
                 .updates(update)
                 .baseCertificates(cert)
                 .getBytes();
@@ -135,25 +135,25 @@ public class MergeCertsTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void testApplyUpdateToMissingBaseDoesNothing(SOP sop) throws IOException {
-        byte[] aliceKey = assumeSupported(sop::generateKey)
+        byte[] aliceKey = sop.generateKey()
                 .userId("Alice <alice@pgpainless.org>")
                 .generate()
                 .getBytes();
 
-        byte[] aliceCert = assumeSupported(sop::extractCert)
+        byte[] aliceCert = sop.extractCert()
                 .key(aliceKey)
                 .getBytes();
 
-        byte[] bobKey = assumeSupported(sop::generateKey)
+        byte[] bobKey = sop.generateKey()
                 .userId("Bob <bob@pgpainless.org>")
                 .generate()
                 .getBytes();
 
-        byte[] bobCert = assumeSupported(sop::extractCert)
+        byte[] bobCert = sop.extractCert()
                 .key(bobKey)
                 .getBytes();
 
-        byte[] merged = assumeSupported(sop::mergeCerts)
+        byte[] merged = sop.mergeCerts()
                 .updates(bobCert)
                 .baseCertificates(aliceCert)
                 .getBytes();

sop-java-testfixtures/src/main/java/sop/testsuite/operation/RevokeKeyTest.java

@@ -36,8 +36,8 @@ public class RevokeKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void revokeUnprotectedKey(SOP sop) throws IOException {
-        byte[] secretKey = assumeSupported(sop::generateKey).userId("Alice <alice@pgpainless.org>").generate().getBytes();
+        byte[] secretKey = sop.generateKey().userId("Alice <alice@pgpainless.org>").generate().getBytes();
-        byte[] revocation = assumeSupported(sop::revokeKey).keys(secretKey).getBytes();
+        byte[] revocation = sop.revokeKey().keys(secretKey).getBytes();
 
         assertTrue(JUtils.arrayStartsWith(revocation, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
         assertFalse(Arrays.equals(secretKey, revocation));
@@ -46,8 +46,8 @@ public class RevokeKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void revokeUnprotectedKeyNoArmor(SOP sop) throws IOException {
-        byte[] secretKey = assumeSupported(sop::generateKey).userId("Alice <alice@pgpainless.org>").generate().getBytes();
+        byte[] secretKey = sop.generateKey().userId("Alice <alice@pgpainless.org>").generate().getBytes();
-        byte[] revocation = assumeSupported(sop::revokeKey).noArmor().keys(secretKey).getBytes();
+        byte[] revocation = sop.revokeKey().noArmor().keys(secretKey).getBytes();
 
         assertFalse(JUtils.arrayStartsWith(revocation, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
     }
@@ -55,8 +55,8 @@ public class RevokeKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void revokeUnprotectedKeyUnarmored(SOP sop) throws IOException {
-        byte[] secretKey = assumeSupported(sop::generateKey).userId("Alice <alice@pgpainless.org>").noArmor().generate().getBytes();
+        byte[] secretKey = sop.generateKey().userId("Alice <alice@pgpainless.org>").noArmor().generate().getBytes();
-        byte[] revocation = assumeSupported(sop::revokeKey).noArmor().keys(secretKey).getBytes();
+        byte[] revocation = sop.revokeKey().noArmor().keys(secretKey).getBytes();
 
         assertFalse(JUtils.arrayStartsWith(revocation, TestData.BEGIN_PGP_PUBLIC_KEY_BLOCK));
         assertFalse(Arrays.equals(secretKey, revocation));
@@ -65,18 +65,18 @@ public class RevokeKeyTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void revokeCertificateFails(SOP sop) throws IOException {
-        byte[] secretKey = assumeSupported(sop::generateKey).generate().getBytes();
+        byte[] secretKey = sop.generateKey().generate().getBytes();
-        byte[] certificate = assumeSupported(sop::extractCert).key(secretKey).getBytes();
+        byte[] certificate = sop.extractCert().key(secretKey).getBytes();
 
-        assertThrows(SOPGPException.BadData.class, () -> assumeSupported(sop::revokeKey).keys(certificate).getBytes());
+        assertThrows(SOPGPException.BadData.class, () -> sop.revokeKey().keys(certificate).getBytes());
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void revokeProtectedKey(SOP sop) throws IOException {
         byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
-        byte[] secretKey = assumeSupported(sop::generateKey).withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
+        byte[] secretKey = sop.generateKey().withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
-        byte[] revocation = assumeSupported(sop::revokeKey).withKeyPassword(password).keys(secretKey).getBytes();
+        byte[] revocation = sop.revokeKey().withKeyPassword(password).keys(secretKey).getBytes();
 
         assertFalse(Arrays.equals(secretKey, revocation));
     }
@@ -86,8 +86,8 @@ public class RevokeKeyTest extends AbstractSOPTest {
     public void revokeProtectedKeyWithMultiplePasswordOptions(SOP sop) throws IOException {
         byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
         byte[] wrongPassword = "0r4ng3".getBytes(UTF8Util.UTF8);
-        byte[] secretKey = assumeSupported(sop::generateKey).withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
+        byte[] secretKey = sop.generateKey().withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
-        byte[] revocation = assumeSupported(sop::revokeKey).withKeyPassword(wrongPassword).withKeyPassword(password).keys(secretKey).getBytes();
+        byte[] revocation = sop.revokeKey().withKeyPassword(wrongPassword).withKeyPassword(password).keys(secretKey).getBytes();
 
         assertFalse(Arrays.equals(secretKey, revocation));
     }
@@ -96,9 +96,9 @@ public class RevokeKeyTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void revokeProtectedKeyWithMissingPassphraseFails(SOP sop) throws IOException {
         byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
-        byte[] secretKey = assumeSupported(sop::generateKey).withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
+        byte[] secretKey = sop.generateKey().withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
 
-        assertThrows(SOPGPException.KeyIsProtected.class, () -> assumeSupported(sop::revokeKey).keys(secretKey).getBytes());
+        assertThrows(SOPGPException.KeyIsProtected.class, () -> sop.revokeKey().keys(secretKey).getBytes());
     }
 
     @ParameterizedTest
@@ -106,27 +106,27 @@ public class RevokeKeyTest extends AbstractSOPTest {
     public void revokeProtectedKeyWithWrongPassphraseFails(SOP sop) throws IOException {
         byte[] password = "sw0rdf1sh".getBytes(UTF8Util.UTF8);
         String wrongPassword = "or4ng3";
-        byte[] secretKey = assumeSupported(sop::generateKey).withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
+        byte[] secretKey = sop.generateKey().withKeyPassword(password).userId("Alice <alice@pgpainless.org>").generate().getBytes();
 
-        assertThrows(SOPGPException.KeyIsProtected.class, () -> assumeSupported(sop::revokeKey).withKeyPassword(wrongPassword).keys(secretKey).getBytes());
+        assertThrows(SOPGPException.KeyIsProtected.class, () -> sop.revokeKey().withKeyPassword(wrongPassword).keys(secretKey).getBytes());
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void revokeKeyIsNowHardRevoked(SOP sop) throws IOException {
-        byte[] key = assumeSupported(sop::generateKey).generate().getBytes();
+        byte[] key = sop.generateKey().generate().getBytes();
-        byte[] cert = assumeSupported(sop::extractCert).key(key).getBytes();
+        byte[] cert = sop.extractCert().key(key).getBytes();
 
         // Sign a message with the key
         byte[] msg = TestData.PLAINTEXT.getBytes(StandardCharsets.UTF_8);
-        byte[] signedMsg = assumeSupported(sop::inlineSign).key(key).data(msg).getBytes();
+        byte[] signedMsg = sop.inlineSign().key(key).data(msg).getBytes();
 
         // Verifying the message with the valid cert works
-        List<Verification> result = assumeSupported(sop::inlineVerify).cert(cert).data(signedMsg).toByteArrayAndResult().getResult();
+        List<Verification> result = sop.inlineVerify().cert(cert).data(signedMsg).toByteArrayAndResult().getResult();
         VerificationListAssert.assertThatVerificationList(result).hasSingleItem();
 
         // Now hard revoke the key and re-check signature, expecting no valid certification
-        byte[] revokedCert = assumeSupported(sop::revokeKey).keys(key).getBytes();
+        byte[] revokedCert = sop.revokeKey().keys(key).getBytes();
-        assertThrows(SOPGPException.NoSignature.class, () -> assumeSupported(sop::inlineVerify).cert(revokedCert).data(signedMsg).toByteArrayAndResult());
+        assertThrows(SOPGPException.NoSignature.class, () -> sop.inlineVerify().cert(revokedCert).data(signedMsg).toByteArrayAndResult());
     }
 }

sop-java-testfixtures/src/main/java/sop/testsuite/operation/VersionTest.java

@@ -28,7 +28,7 @@ public class VersionTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void versionNameTest(SOP sop) {
-        String name = assumeSupported(sop::version).getName();
+        String name = sop.version().getName();
         assertNotNull(name);
         assertFalse(name.isEmpty());
     }
@@ -36,21 +36,21 @@ public class VersionTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void versionVersionTest(SOP sop) {
-        String version = assumeSupported(sop::version).getVersion();
+        String version = sop.version().getVersion();
         assertFalse(version.isEmpty());
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void backendVersionTest(SOP sop) {
-        String backend = assumeSupported(sop::version).getBackendVersion();
+        String backend = sop.version().getBackendVersion();
         assertFalse(backend.isEmpty());
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void extendedVersionTest(SOP sop) {
-        String extended = assumeSupported(sop::version).getExtendedVersion();
+        String extended = sop.version().getExtendedVersion();
         assertFalse(extended.isEmpty());
     }
 
@@ -58,27 +58,27 @@ public class VersionTest extends AbstractSOPTest {
     @MethodSource("provideInstances")
     public void sopSpecVersionTest(SOP sop) {
         try {
-            assumeSupported(sop::version).getSopSpecVersion();
+            sop.version().getSopSpecVersion();
         } catch (RuntimeException e) {
             throw new TestAbortedException("SOP backend does not support 'version --sop-spec' yet.");
         }
 
-        String sopSpec = assumeSupported(sop::version).getSopSpecVersion();
+        String sopSpec = sop.version().getSopSpecVersion();
-        if (assumeSupported(sop::version).isSopSpecImplementationIncomplete()) {
+        if (sop.version().isSopSpecImplementationIncomplete()) {
             assertTrue(sopSpec.startsWith("~draft-dkg-openpgp-stateless-cli-"));
         } else {
             assertTrue(sopSpec.startsWith("draft-dkg-openpgp-stateless-cli-"));
         }
 
-        int sopRevision = assumeSupported(sop::version).getSopSpecRevisionNumber();
+        int sopRevision = sop.version().getSopSpecRevisionNumber();
-        assertTrue(assumeSupported(sop::version).getSopSpecRevisionName().endsWith("" + sopRevision));
+        assertTrue(sop.version().getSopSpecRevisionName().endsWith("" + sopRevision));
     }
 
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void sopVVersionTest(SOP sop) {
         try {
-            assumeSupported(sop::version).getSopVVersion();
+            sop.version().getSopVVersion();
         } catch (SOPGPException.UnsupportedOption e) {
             throw new TestAbortedException(
                     "Implementation does (gracefully) not provide coverage for any sopv interface version.");
@@ -90,6 +90,6 @@ public class VersionTest extends AbstractSOPTest {
     @ParameterizedTest
     @MethodSource("provideInstances")
     public void sopJavaVersionTest(SOP sop) {
-        assertNotNull(assumeSupported(sop::version).getSopJavaVersion());
+        assertNotNull(sop.version().getSopJavaVersion());
     }
 }

sop-java/src/main/kotlin/sop/SOPV.kt

@@ -12,41 +12,27 @@ import sop.operation.Version
 /** Subset of [SOP] implementing only OpenPGP signature verification. */
 interface SOPV {
 
-    /**
+    /** Get information about the implementations name and version. */
-     * Get information about the implementations name and version.
-     *
-     * @since sopv 1.0
-     */
     fun version(): Version?
 
     /**
      * Verify detached signatures. If you need to verify an inline-signed message, use
      * [inlineVerify] instead.
-     *
-     * @since sopv 1.0
      */
     fun verify(): DetachedVerify? = detachedVerify()
 
     /**
      * Verify detached signatures. If you need to verify an inline-signed message, use
      * [inlineVerify] instead.
-     *
-     * @since sopv 1.0
      */
     fun detachedVerify(): DetachedVerify?
 
     /**
      * Verify signatures of an inline-signed message. If you need to verify detached signatures over
      * a message, use [detachedVerify] instead.
-     *
-     * @since sopv 1.0
      */
     fun inlineVerify(): InlineVerify?
 
-    /**
+    /** Validate a UserID in an OpenPGP certificate. */
-     * Validate a UserID in an OpenPGP certificate.
-     *
-     * @since sopv 1.2
-     */
     fun validateUserId(): ValidateUserId?
 }

sop-java/src/main/kotlin/sop/operation/AbstractSign.kt

@@ -61,18 +61,9 @@ interface AbstractSign<T> {
      * @param password password
      * @return builder instance
      * @throws UnsupportedOption if key passwords are not supported
+     * @throws PasswordNotHumanReadable if the provided passphrase is not human-readable
      */
-    @Throws(UnsupportedOption::class)
+    @Throws(UnsupportedOption::class, PasswordNotHumanReadable::class)
-    fun withKeyPassword(password: CharArray): T = withKeyPassword(password.concatToString())
-
-    /**
-     * Provide the password for the secret key used for signing.
-     *
-     * @param password password
-     * @return builder instance
-     * @throws UnsupportedOption if key passwords are not supported
-     */
-    @Throws(UnsupportedOption::class)
     fun withKeyPassword(password: String): T = withKeyPassword(password.toByteArray(UTF8Util.UTF8))
 
     /**

sop-java/src/main/kotlin/sop/operation/Armor.kt

@@ -9,7 +9,6 @@ import java.io.InputStream
 import sop.Ready
 import sop.exception.SOPGPException.BadData
 
-/** Interface for armoring binary OpenPGP data. */
 interface Armor {
 
     /**

sop-java/src/main/kotlin/sop/operation/CertifyUserId.kt

@@ -7,111 +7,35 @@ package sop.operation
 import java.io.IOException
 import java.io.InputStream
 import sop.Ready
-import sop.exception.SOPGPException.*
+import sop.exception.SOPGPException
 import sop.util.UTF8Util
 
-/** Interface for issuing certifications over UserIDs on certificates. */
 interface CertifyUserId {
 
-    /** Disable ASCII armor for the output. */
+    @Throws(SOPGPException.UnsupportedOption::class) fun noArmor(): CertifyUserId
-    @Throws(UnsupportedOption::class) fun noArmor(): CertifyUserId
 
-    /**
+    @Throws(SOPGPException.UnsupportedOption::class) fun userId(userId: String): CertifyUserId
-     * Add a user-id that shall be certified on the certificates.
-     *
-     * @param userId user-id
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
-     */
-    @Throws(UnsupportedOption::class) fun userId(userId: String): CertifyUserId
 
-    /**
+    @Throws(SOPGPException.PasswordNotHumanReadable::class, SOPGPException.UnsupportedOption::class)
-     * Provide the password for the secret key used for signing.
-     *
-     * @param password password
-     * @return builder instance
-     * @throws UnsupportedOption if key passwords are not supported
-     */
-    @Throws(UnsupportedOption::class)
-    fun withKeyPassword(password: CharArray): CertifyUserId =
-        withKeyPassword(password.concatToString())
-
-    /**
-     * Provide the password for the secret key used for signing.
-     *
-     * @param password password
-     * @return builder instance
-     * @throws UnsupportedOption if key passwords are not supported
-     */
-    @Throws(UnsupportedOption::class)
     fun withKeyPassword(password: String): CertifyUserId =
         withKeyPassword(password.toByteArray(UTF8Util.UTF8))
 
-    /**
+    @Throws(SOPGPException.PasswordNotHumanReadable::class, SOPGPException.UnsupportedOption::class)
-     * Provide the password for the secret key used for signing.
-     *
-     * @param password password
-     * @return builder instance
-     * @throws UnsupportedOption if key passwords are not supported
-     * @throws PasswordNotHumanReadable if the provided password is not human-readable
-     */
-    @Throws(PasswordNotHumanReadable::class, UnsupportedOption::class)
     fun withKeyPassword(password: ByteArray): CertifyUserId
 
-    /**
+    @Throws(SOPGPException.UnsupportedOption::class) fun noRequireSelfSig(): CertifyUserId
-     * If this option is provided, it is possible to certify user-ids on certificates, which do not
-     * have a self-certification for the user-id. You can use this option to add pet-name
-     * certifications to certificates, e.g. "Mom".
-     *
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
-     */
-    @Throws(UnsupportedOption::class) fun noRequireSelfSig(): CertifyUserId
 
-    /**
+    @Throws(SOPGPException.BadData::class, IOException::class, SOPGPException.KeyIsProtected::class)
-     * Provide signing keys for issuing the certifications.
+    fun keys(keys: InputStream): CertifyUserId
-     *
-     * @param keys input stream containing one or more signing key
-     * @return builder instance
-     * @throws BadData if the keys cannot be read
-     * @throws IOException if an IO error occurs
-     */
-    @Throws(BadData::class, IOException::class) fun keys(keys: InputStream): CertifyUserId
 
-    /**
+    @Throws(SOPGPException.BadData::class, IOException::class, SOPGPException.KeyIsProtected::class)
-     * Provide signing keys for issuing the certifications.
-     *
-     * @param keys byte array containing one or more signing key
-     * @return builder instance
-     * @throws BadData if the keys cannot be read
-     * @throws IOException if an IO error occurs
-     */
-    @Throws(BadData::class, IOException::class)
     fun keys(keys: ByteArray): CertifyUserId = keys(keys.inputStream())
 
-    /**
+    @Throws(
-     * Provide the certificates that you want to create certifications for.
+        SOPGPException.BadData::class, IOException::class, SOPGPException.CertUserIdNoMatch::class)
-     *
-     * @param certs input stream containing the certificates
-     * @return object to require the certified certificates from
-     * @throws BadData if the certificates cannot be read
-     * @throws IOException if an IO error occurs
-     * @throws KeyIsProtected if one or more signing keys are passphrase protected and cannot be
-     *   unlocked
-     */
-    @Throws(BadData::class, IOException::class, CertUserIdNoMatch::class, KeyIsProtected::class)
     fun certs(certs: InputStream): Ready
 
-    /**
+    @Throws(
-     * Provide the certificates that you want to create certifications for.
+        SOPGPException.BadData::class, IOException::class, SOPGPException.CertUserIdNoMatch::class)
-     *
-     * @param certs byte array containing the certificates
-     * @return object to require the certified certificates from
-     * @throws BadData if the certificates cannot be read
-     * @throws IOException if an IO error occurs
-     * @throws KeyIsProtected if one or more signing keys are passphrase protected and cannot be
-     *   unlocked
-     */
-    @Throws(BadData::class, IOException::class, CertUserIdNoMatch::class, KeyIsProtected::class)
     fun certs(certs: ByteArray): Ready = certs(certs.inputStream())
 }

sop-java/src/main/kotlin/sop/operation/ChangeKeyPassword.kt

@@ -11,7 +11,6 @@ import sop.exception.SOPGPException.KeyIsProtected
 import sop.exception.SOPGPException.PasswordNotHumanReadable
 import sop.util.UTF8Util
 
-/** Interface for changing key passwords. */
 interface ChangeKeyPassword {
 
     /**
@@ -29,8 +28,13 @@ interface ChangeKeyPassword {
      * @param oldPassphrase old passphrase
      * @return builder instance
      */
-    fun oldKeyPassphrase(oldPassphrase: CharArray): ChangeKeyPassword =
+    @Throws(PasswordNotHumanReadable::class)
-        oldKeyPassphrase(oldPassphrase.concatToString())
+    fun oldKeyPassphrase(oldPassphrase: ByteArray): ChangeKeyPassword =
+        try {
+            oldKeyPassphrase(UTF8Util.decodeUTF8(oldPassphrase))
+        } catch (e: CharacterCodingException) {
+            throw PasswordNotHumanReadable("Password MUST be a valid UTF8 string.")
+        }
 
     /**
      * Provide a passphrase to unlock the secret key. This method can be provided multiple times to
@@ -42,23 +46,6 @@ interface ChangeKeyPassword {
      */
     fun oldKeyPassphrase(oldPassphrase: String): ChangeKeyPassword
 
-    /**
-     * Provide a passphrase to unlock the secret key. This method can be provided multiple times to
-     * provide separate passphrases that are tried as a means to unlock any secret key material
-     * encountered.
-     *
-     * @param oldPassphrase old passphrase
-     * @return builder instance
-     * @throws PasswordNotHumanReadable if the old key passphrase is not human-readable
-     */
-    @Throws(PasswordNotHumanReadable::class)
-    fun oldKeyPassphrase(oldPassphrase: ByteArray): ChangeKeyPassword =
-        try {
-            oldKeyPassphrase(UTF8Util.decodeUTF8(oldPassphrase))
-        } catch (e: CharacterCodingException) {
-            throw PasswordNotHumanReadable("Password MUST be a valid UTF8 string.")
-        }
-
     /**
      * Provide a passphrase to re-lock the secret key with. This method can only be used once, and
      * all key material encountered will be encrypted with the given passphrase. If this method is
@@ -67,8 +54,13 @@ interface ChangeKeyPassword {
      * @param newPassphrase new passphrase
      * @return builder instance
      */
-    fun newKeyPassphrase(newPassphrase: CharArray): ChangeKeyPassword =
+    @Throws(PasswordNotHumanReadable::class)
-        newKeyPassphrase(newPassphrase.concatToString())
+    fun newKeyPassphrase(newPassphrase: ByteArray): ChangeKeyPassword =
+        try {
+            newKeyPassphrase(UTF8Util.decodeUTF8(newPassphrase))
+        } catch (e: CharacterCodingException) {
+            throw PasswordNotHumanReadable("Password MUST be a valid UTF8 string.")
+        }
 
     /**
      * Provide a passphrase to re-lock the secret key with. This method can only be used once, and
@@ -80,23 +72,6 @@ interface ChangeKeyPassword {
      */
     fun newKeyPassphrase(newPassphrase: String): ChangeKeyPassword
 
-    /**
-     * Provide a passphrase to re-lock the secret key with. This method can only be used once, and
-     * all key material encountered will be encrypted with the given passphrase. If this method is
-     * not called, the key material will not be protected.
-     *
-     * @param newPassphrase new passphrase
-     * @return builder instance
-     * @throws PasswordNotHumanReadable if the passphrase is not human-readable
-     */
-    @Throws(PasswordNotHumanReadable::class)
-    fun newKeyPassphrase(newPassphrase: ByteArray): ChangeKeyPassword =
-        try {
-            newKeyPassphrase(UTF8Util.decodeUTF8(newPassphrase))
-        } catch (e: CharacterCodingException) {
-            throw PasswordNotHumanReadable("Password MUST be a valid UTF8 string.")
-        }
-
     /**
      * Provide the key material.
      *

sop-java/src/main/kotlin/sop/operation/Dearmor.kt

@@ -10,7 +10,6 @@ import sop.Ready
 import sop.exception.SOPGPException.BadData
 import sop.util.UTF8Util
 
-/** Interface for removing ASCII armor from OpenPGP data. */
 interface Dearmor {
 
     /**

sop-java/src/main/kotlin/sop/operation/Decrypt.kt

@@ -13,7 +13,6 @@ import sop.SessionKey
 import sop.exception.SOPGPException.*
 import sop.util.UTF8Util
 
-/** Interface for decrypting encrypted OpenPGP messages. */
 interface Decrypt {
 
     /**

sop-java/src/main/kotlin/sop/operation/DetachedSign.kt

@@ -11,7 +11,6 @@ import sop.SigningResult
 import sop.enums.SignAs
 import sop.exception.SOPGPException.*
 
-/** Interface for creating detached signatures over plaintext messages. */
 interface DetachedSign : AbstractSign<DetachedSign> {
 
     /**

sop-java/src/main/kotlin/sop/operation/DetachedVerify.kt

@@ -8,7 +8,6 @@ import java.io.IOException
 import java.io.InputStream
 import sop.exception.SOPGPException.BadData
 
-/** Interface for verifying detached OpenPGP signatures over plaintext messages. */
 interface DetachedVerify : AbstractVerify<DetachedVerify>, VerifySignatures {
 
     /**

sop-java/src/main/kotlin/sop/operation/Encrypt.kt

@@ -13,7 +13,6 @@ import sop.enums.EncryptAs
 import sop.exception.SOPGPException.*
 import sop.util.UTF8Util
 
-/** Interface for creating encrypted OpenPGP messages. */
 interface Encrypt {
 
     /**

sop-java/src/main/kotlin/sop/operation/ExtractCert.kt

@@ -9,7 +9,6 @@ import java.io.InputStream
 import sop.Ready
 import sop.exception.SOPGPException.BadData
 
-/** Interface for extracting certificates from OpenPGP keys. */
 interface ExtractCert {
 
     /**

sop-java/src/main/kotlin/sop/operation/GenerateKey.kt

@@ -10,7 +10,6 @@ import sop.Ready
 import sop.exception.SOPGPException.*
 import sop.util.UTF8Util
 
-/** Interface for generating OpenPGP keys. */
 interface GenerateKey {
 
     /**

sop-java/src/main/kotlin/sop/operation/InlineDetach.kt

@@ -10,7 +10,6 @@ import sop.ReadyWithResult
 import sop.Signatures
 import sop.exception.SOPGPException.BadData
 
-/** Interface for detaching inline signatures from OpenPGP messages. */
 interface InlineDetach {
 
     /**

sop-java/src/main/kotlin/sop/operation/InlineSign.kt

@@ -10,7 +10,6 @@ import sop.Ready
 import sop.enums.InlineSignAs
 import sop.exception.SOPGPException.*
 
-/** Interface for creating inline-signed OpenPGP messages. */
 interface InlineSign : AbstractSign<InlineSign> {
 
     /**

sop-java/src/main/kotlin/sop/operation/InlineVerify.kt

@@ -11,7 +11,7 @@ import sop.Verification
 import sop.exception.SOPGPException.BadData
 import sop.exception.SOPGPException.NoSignature
 
-/** Interface for verification of inline-signed messages. */
+/** API for verification of inline-signed messages. */
 interface InlineVerify : AbstractVerify<InlineVerify> {
 
     /**

sop-java/src/main/kotlin/sop/operation/ListProfiles.kt

@@ -6,7 +6,7 @@ package sop.operation
 
 import sop.Profile
 
-/** Interface to list supported profiles of other subcommands. */
+/** Subcommand to list supported profiles of other subcommands. */
 interface ListProfiles {
 
     /**

sop-java/src/main/kotlin/sop/operation/MergeCerts.kt

@@ -7,58 +7,21 @@ package sop.operation
 import java.io.IOException
 import java.io.InputStream
 import sop.Ready
-import sop.exception.SOPGPException.*
+import sop.exception.SOPGPException
 
-/** Interface for merging multiple copies of the same certificate into one. */
 interface MergeCerts {
 
-    /**
+    @Throws(SOPGPException.UnsupportedOption::class) fun noArmor(): MergeCerts
-     * Disable ASCII armor for the output certificate.
-     *
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
-     */
-    @Throws(UnsupportedOption::class) fun noArmor(): MergeCerts
 
-    /**
+    @Throws(SOPGPException.BadData::class, IOException::class)
-     * Provide updated copies of the base certificate.
+    fun updates(updateCerts: InputStream): MergeCerts
-     *
-     * @param updateCerts input stream containing an updated copy of the base cert
-     * @return builder instance
-     * @throws BadData if the update cannot be read
-     * @throws IOException if an IO error occurs
-     */
-    @Throws(BadData::class, IOException::class) fun updates(updateCerts: InputStream): MergeCerts
 
-    /**
+    @Throws(SOPGPException.BadData::class, IOException::class)
-     * Provide updated copies of the base certificate.
-     *
-     * @param updateCerts byte array containing an updated copy of the base cert
-     * @return builder instance
-     * @throws BadData if the update cannot be read
-     * @throws IOException if an IO error occurs
-     */
-    @Throws(BadData::class, IOException::class)
     fun updates(updateCerts: ByteArray): MergeCerts = updates(updateCerts.inputStream())
 
-    /**
+    @Throws(SOPGPException.BadData::class, IOException::class)
-     * Provide the base certificate into which updates shall be merged.
+    fun baseCertificates(certs: InputStream): Ready
-     *
-     * @param certs input stream containing the base OpenPGP certificate
-     * @return object to require the merged certificate from
-     * @throws BadData if the base certificate cannot be read
-     * @throws IOException if an IO error occurs
-     */
-    @Throws(BadData::class, IOException::class) fun baseCertificates(certs: InputStream): Ready
 
-    /**
+    @Throws(SOPGPException.BadData::class, IOException::class)
-     * Provide the base certificate into which updates shall be merged.
-     *
-     * @param certs byte array containing the base OpenPGP certificate
-     * @return object to require the merged certificate from
-     * @throws BadData if the base certificate cannot be read
-     * @throws IOException if an IO error occurs
-     */
-    @Throws(BadData::class, IOException::class)
     fun baseCertificates(certs: ByteArray): Ready = baseCertificates(certs.inputStream())
 }

sop-java/src/main/kotlin/sop/operation/RevokeKey.kt

@@ -4,13 +4,12 @@
 
 package sop.operation
 
-import java.io.IOException
 import java.io.InputStream
 import sop.Ready
-import sop.exception.SOPGPException.*
+import sop.exception.SOPGPException.PasswordNotHumanReadable
+import sop.exception.SOPGPException.UnsupportedOption
 import sop.util.UTF8Util
 
-/** Interface for creating certificate revocations. */
 interface RevokeKey {
 
     /**
@@ -26,18 +25,9 @@ interface RevokeKey {
      * @param password password
      * @return builder instance
      * @throws UnsupportedOption if the implementation does not support key passwords
+     * @throws PasswordNotHumanReadable if the password is not human-readable
      */
-    @Throws(UnsupportedOption::class)
+    @Throws(UnsupportedOption::class, PasswordNotHumanReadable::class)
-    fun withKeyPassword(password: CharArray): RevokeKey = withKeyPassword(password.concatToString())
-
-    /**
-     * Provide the decryption password for the secret key.
-     *
-     * @param password password
-     * @return builder instance
-     * @throws UnsupportedOption if the implementation does not support key passwords
-     */
-    @Throws(UnsupportedOption::class)
     fun withKeyPassword(password: String): RevokeKey =
         withKeyPassword(password.toByteArray(UTF8Util.UTF8))
 
@@ -52,27 +42,7 @@ interface RevokeKey {
     @Throws(UnsupportedOption::class, PasswordNotHumanReadable::class)
     fun withKeyPassword(password: ByteArray): RevokeKey
 
-    /**
-     * Provide the key that you want to revoke.
-     *
-     * @param bytes byte array containing the OpenPGP key
-     * @return object to require the revocation certificate from
-     * @throws BadData if the key cannot be read
-     * @throws KeyIsProtected if the key is protected and cannot be unlocked
-     * @throws IOException if an IO error occurs
-     */
-    @Throws(BadData::class, KeyIsProtected::class, IOException::class)
     fun keys(bytes: ByteArray): Ready = keys(bytes.inputStream())
 
-    /**
-     * Provide the key that you want to revoke.
-     *
-     * @param keys input stream containing the OpenPGP key
-     * @return object to require the revocation certificate from
-     * @throws BadData if the key cannot be read
-     * @throws KeyIsProtected if the key is protected and cannot be unlocked
-     * @throws IOException if an IO error occurs
-     */
-    @Throws(BadData::class, KeyIsProtected::class, IOException::class)
     fun keys(keys: InputStream): Ready
 }

sop-java/src/main/kotlin/sop/operation/UpdateKey.kt

@@ -7,10 +7,9 @@ package sop.operation
 import java.io.IOException
 import java.io.InputStream
 import sop.Ready
-import sop.exception.SOPGPException.*
+import sop.exception.SOPGPException
 import sop.util.UTF8Util
 
-/** Interface for bringing an OpenPGP key up to date. */
 interface UpdateKey {
 
     /**
@@ -23,39 +22,21 @@ interface UpdateKey {
     /**
      * Allow key to be used for signing only. If this option is not present, the operation may add a
      * new, encryption-capable component key.
-     *
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
      */
-    @Throws(UnsupportedOption::class) fun signingOnly(): UpdateKey
+    @Throws(SOPGPException.UnsupportedOption::class) fun signingOnly(): UpdateKey
 
     /**
      * Do not allow adding new capabilities to the key. If this option is not present, the operation
      * may add support for new capabilities to the key.
-     *
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
      */
-    @Throws(UnsupportedOption::class) fun noAddedCapabilities(): UpdateKey
+    @Throws(SOPGPException.UnsupportedOption::class) fun noAddedCapabilities(): UpdateKey
 
     /**
      * Provide a passphrase for unlocking the secret key.
      *
      * @param password password
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
      */
-    @Throws(UnsupportedOption::class)
+    @Throws(SOPGPException.PasswordNotHumanReadable::class, SOPGPException.UnsupportedOption::class)
-    fun withKeyPassword(password: CharArray): UpdateKey = withKeyPassword(password.concatToString())
-
-    /**
-     * Provide a passphrase for unlocking the secret key.
-     *
-     * @param password password
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
-     */
-    @Throws(UnsupportedOption::class)
     fun withKeyPassword(password: String): UpdateKey =
         withKeyPassword(password.toByteArray(UTF8Util.UTF8))
 
@@ -63,11 +44,8 @@ interface UpdateKey {
      * Provide a passphrase for unlocking the secret key.
      *
      * @param password password
-     * @return builder instance
-     * @throws PasswordNotHumanReadable if the password is not human-readable
-     * @throws UnsupportedOption if this option is not supported
      */
-    @Throws(PasswordNotHumanReadable::class, UnsupportedOption::class)
+    @Throws(SOPGPException.PasswordNotHumanReadable::class, SOPGPException.UnsupportedOption::class)
     fun withKeyPassword(password: ByteArray): UpdateKey
 
     /**
@@ -75,12 +53,9 @@ interface UpdateKey {
      * These certificates will be merged into the key.
      *
      * @param certs input stream of certificates
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
-     * @throws BadData if the certificate cannot be read
-     * @throws IOException if an IO error occurs
      */
-    @Throws(UnsupportedOption::class, BadData::class, IOException::class)
+    @Throws(
+        SOPGPException.UnsupportedOption::class, SOPGPException.BadData::class, IOException::class)
     fun mergeCerts(certs: InputStream): UpdateKey
 
     /**
@@ -88,12 +63,9 @@ interface UpdateKey {
      * These certificates will be merged into the key.
      *
      * @param certs binary certificates
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
-     * @throws BadData if the certificate cannot be read
-     * @throws IOException if an IO error occurs
      */
-    @Throws(UnsupportedOption::class, BadData::class, IOException::class)
+    @Throws(
+        SOPGPException.UnsupportedOption::class, SOPGPException.BadData::class, IOException::class)
     fun mergeCerts(certs: ByteArray): UpdateKey = mergeCerts(certs.inputStream())
 
     /**
@@ -101,12 +73,12 @@ interface UpdateKey {
      *
      * @param key input stream containing the key
      * @return handle to acquire the updated OpenPGP key from
-     * @throws BadData if the key cannot be read
-     * @throws IOException if an IO error occurs
-     * @throws KeyIsProtected if the key is passphrase protected and cannot be unlocked
-     * @throws PrimaryKeyBad if the primary key is bad (e.g. expired, too weak)
      */
-    @Throws(BadData::class, IOException::class, KeyIsProtected::class, PrimaryKeyBad::class)
+    @Throws(
+        SOPGPException.BadData::class,
+        IOException::class,
+        SOPGPException.KeyIsProtected::class,
+        SOPGPException.PrimaryKeyBad::class)
     fun key(key: InputStream): Ready
 
     /**
@@ -114,11 +86,11 @@ interface UpdateKey {
      *
      * @param key binary OpenPGP key
      * @return handle to acquire the updated OpenPGP key from
-     * @throws BadData if the key cannot be read
-     * @throws IOException if an IO error occurs
-     * @throws KeyIsProtected if the key is passphrase protected and cannot be unlocked
-     * @throws PrimaryKeyBad if the primary key is bad (e.g. expired, too weak)
      */
-    @Throws(BadData::class, IOException::class, KeyIsProtected::class, PrimaryKeyBad::class)
+    @Throws(
+        SOPGPException.BadData::class,
+        IOException::class,
+        SOPGPException.KeyIsProtected::class,
+        SOPGPException.PrimaryKeyBad::class)
     fun key(key: ByteArray): Ready = key(key.inputStream())
 }

sop-java/src/main/kotlin/sop/operation/ValidateUserId.kt

@@ -7,9 +7,9 @@ package sop.operation
 import java.io.IOException
 import java.io.InputStream
 import java.util.*
-import sop.exception.SOPGPException.*
+import sop.exception.SOPGPException
 
-/** Interface to validate UserIDs on certificates. */
+/** Subcommand to validate UserIDs on certificates. */
 interface ValidateUserId {
 
     /**
@@ -17,16 +17,15 @@ interface ValidateUserId {
      * e-mail address part of each correctly bound User ID. The rest of each correctly bound User ID
      * is ignored.
      *
-     * @return builder instance
+     * @return this
-     * @throws UnsupportedOption if this option is not supported
      */
-    @Throws(UnsupportedOption::class) fun addrSpecOnly(): ValidateUserId
+    @Throws(SOPGPException.UnsupportedOption::class) fun addrSpecOnly(): ValidateUserId
 
     /**
      * Set the UserID to validate. To match only the email address, call [addrSpecOnly].
      *
      * @param userId UserID or email address
-     * @return builder instance
+     * @return this
      */
     fun userId(userId: String): ValidateUserId
 
@@ -35,22 +34,19 @@ interface ValidateUserId {
      * if it was bound by an authoritative certificate.
      *
      * @param certs authoritative certificates
-     * @return builder instance
+     * @return this
-     * @throws BadData if the authority certificates cannot be read
-     * @throws IOException if an IO error occurs
      */
-    @Throws(BadData::class, IOException::class) fun authorities(certs: InputStream): ValidateUserId
+    @Throws(SOPGPException.BadData::class, IOException::class)
+    fun authorities(certs: InputStream): ValidateUserId
 
     /**
      * Add certificates, which act as authorities. The [userId] is only considered correctly bound,
      * if it was bound by an authoritative certificate.
      *
      * @param certs authoritative certificates
-     * @return builder instance
+     * @return this
-     * @throws BadData if the authority certificates cannot be read
-     * @throws IOException if an IO error occurs
      */
-    @Throws(BadData::class, IOException::class)
+    @Throws(SOPGPException.BadData::class, IOException::class)
     fun authorities(certs: ByteArray): ValidateUserId = authorities(certs.inputStream())
 
     /**
@@ -58,12 +54,13 @@ interface ValidateUserId {
      *
      * @param certs subject certificates
      * @return true if all subject certificates have a correct binding to the UserID.
-     * @throws BadData if the subject certificates are malformed
+     * @throws SOPGPException.BadData if the subject certificates are malformed
      * @throws IOException if a parser exception happens
-     * @throws CertUserIdNoMatch if any subject certificate does not have a correctly bound UserID
+     * @throws SOPGPException.CertUserIdNoMatch if any subject certificate does not have a correctly
-     *   that matches [userId].
+     *   bound UserID that matches [userId].
      */
-    @Throws(BadData::class, IOException::class, CertUserIdNoMatch::class)
+    @Throws(
+        SOPGPException.BadData::class, IOException::class, SOPGPException.CertUserIdNoMatch::class)
     fun subjects(certs: InputStream): Boolean
 
     /**
@@ -71,20 +68,14 @@ interface ValidateUserId {
      *
      * @param certs subject certificates
      * @return true if all subject certificates have a correct binding to the UserID.
-     * @throws BadData if the subject certificates are malformed
+     * @throws SOPGPException.BadData if the subject certificates are malformed
      * @throws IOException if a parser exception happens
-     * @throws CertUserIdNoMatch if any subject certificate does not have a correctly bound UserID
+     * @throws SOPGPException.CertUserIdNoMatch if any subject certificate does not have a correctly
-     *   that matches [userId].
+     *   bound UserID that matches [userId].
      */
-    @Throws(BadData::class, IOException::class, CertUserIdNoMatch::class)
+    @Throws(
+        SOPGPException.BadData::class, IOException::class, SOPGPException.CertUserIdNoMatch::class)
     fun subjects(certs: ByteArray): Boolean = subjects(certs.inputStream())
 
-    /**
+    fun validateAt(date: Date): ValidateUserId
-     * Provide a reference time for user-id validation.
-     *
-     * @param date reference time
-     * @return builder instance
-     * @throws UnsupportedOption if this option is not supported
-     */
-    @Throws(UnsupportedOption::class) fun validateAt(date: Date): ValidateUserId
 }

sop-java/src/main/kotlin/sop/operation/VerifySignatures.kt

@@ -10,7 +10,6 @@ import sop.Verification
 import sop.exception.SOPGPException.BadData
 import sop.exception.SOPGPException.NoSignature
 
-/** API handle for verifying signatures. */
 interface VerifySignatures {
 
     /**

sop-java/src/main/kotlin/sop/operation/Version.kt

@@ -10,7 +10,6 @@ import java.util.*
 import kotlin.jvm.Throws
 import sop.exception.SOPGPException
 
-/** Interface for acquiring version information about the SOP implementation. */
 interface Version {
 
     /**

sop-java/src/test/java/sop/VerificationJSONTest.java

@@ -7,7 +7,6 @@ package sop;
 import org.jetbrains.annotations.NotNull;
 import org.junit.jupiter.api.Test;
 import sop.enums.SignatureMode;
-import sop.testsuite.assertions.VerificationAssert;
 
 import java.text.ParseException;
 import java.util.ArrayList;
@@ -159,8 +158,6 @@ public class VerificationJSONTest {
         assertNull(json.getExt());
 
         verification = new Verification(verification.getCreationTime(), verification.getSigningKeyFingerprint(), verification.getSigningCertFingerprint(), verification.getSignatureMode().get(), json, dummySerializer);
-        VerificationAssert.assertThatVerification(verification)
-                        .hasJSON(dummyParser, j -> j.getSigners().contains("alice.pgp"));
         assertEquals(string, verification.toString());
     }
 }

version.gradle

@@ -4,8 +4,8 @@
 
 allprojects {
     ext {
-        shortVersion = '14.0.1'
+        shortVersion = '14.0.0'
-        isSnapshot = true
+        isSnapshot = false
         javaSourceCompatibility = 11
         gsonVersion = '2.10.1'
         jsrVersion = '3.0.2'