Merge 38a0c0dd02 into 89038ebedf

Fixes #432

CHANGELOG.md

@@ -14,9 +14,12 @@ SPDX-License-Identifier: CC0-1.0
   - Rewrote most of the codebase in Kotlin
   - Removed `OpenPgpMetadata` (`decryptionStream.getResult()`) in favor of `MessageMetadata` (`decryptionStream.getMetadata()`)
 - `pgpainless-sop`, `pgpainless-cli`
-  - Bump `sop-java` to `8.0.1`, implementing [SOP Spec Revision 08](https://www.ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-08.html)
+  - Bump `sop-java` to `10.0.0`, implementing [SOP Spec Revision 10](https://www.ietf.org/archive/id/draft-dkg-openpgp-stateless-cli-10.html)
   - Change API of `sop.encrypt` to return a `ReadyWithResult<EncryptionResult>` to expose the session key
   - `decrypt --verify-with`: Fix to not throw `NoSignature` exception (exit code 3) if `VERIFICATIONS` is empty
+  - Separate signature verification operations into `SOPV` interface
+  - Add `version --sopv` option
+  - Throw `BadData` error when passing KEYS where CERTS are expected.
 - Properly feed EOS tokens to the pushdown automaton when reaching the end of stream (thanks @iNPUTmice)
 - Do not choke on unknown signature subpackets (thanks @Jerbell)
 - Prevent timing issues resuting in subkey binding signatures predating the subkey (@thanks Jerbell)
@@ -24,6 +27,12 @@ SPDX-License-Identifier: CC0-1.0
   - `GNUPG_AEAD_ENCRYPTED_DATA` -> `LIBREPGP_OCB_ENCRYPTED_DATA`
   - `GNUPG_VERSION_5_PUBLIC_KEY` -> `LIBREPGP_VERSION_5_PUBLIC_KEY`
 
+## 1.6.7
+- SOP: Fix OOM error when detached-signing large amounts of data (fix #432)
+- Move `CachingBcPublicKeyDataDecryptorFactory` from `org.bouncycastle` packet to `org.pgpainless.decryption_verification` to avoid package split (partially addresses #428)
+- Basic support for Java Modules for `pgpainless-core` and `pgpainless-sop`
+  - Added `Automatic-Module-Name` directive to gradle build files
+
 ## 1.6.6
 - Downgrade `logback-core` and `logback-classic` to `1.2.13` to fix #426
 

pgpainless-core/build.gradle

@@ -27,3 +27,10 @@ dependencies {
     // @Nullable, @Nonnull annotations
     implementation "com.google.code.findbugs:jsr305:3.0.2"
 }
+
+// https://docs.gradle.org/current/userguide/java_library_plugin.html#sec:java_library_modular_auto
+tasks.named('jar') {
+    manifest {
+        attributes('Automatic-Module-Name': 'org.pgpainless.core')
+    }
+}

pgpainless-sop/build.gradle

@@ -34,3 +34,10 @@ test {
     useJUnitPlatform()
     environment("test.implementation", "sop.testsuite.pgpainless.PGPainlessSopInstanceFactory")
 }
+
+// https://docs.gradle.org/current/userguide/java_library_plugin.html#sec:java_library_modular_auto
+tasks.named('jar') {
+    manifest {
+        attributes('Automatic-Module-Name': 'org.pgpainless.sop')
+    }
+}

pgpainless-sop/src/main/java/org/pgpainless/sop/DetachedSignImpl.java

@@ -4,7 +4,6 @@
 
 package org.pgpainless.sop;
 
-import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
@@ -98,10 +97,10 @@ public class DetachedSignImpl implements DetachedSign {
             }
         }
 
-        ByteArrayOutputStream buffer = new ByteArrayOutputStream();
+        OutputStream sink = new NullOutputStream();
         try {
             EncryptionStream signingStream = PGPainless.encryptAndOrSign()
-                    .onOutputStream(buffer)
+                    .onOutputStream(sink)
                     .withOptions(ProducerOptions.sign(signingOptions)
                             .setAsciiArmor(armor));
 

pgpainless-sop/src/main/java/org/pgpainless/sop/NullOutputStream.java

@@ -0,0 +1,17 @@
+// SPDX-FileCopyrightText: 2024 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package org.pgpainless.sop;
+
+import java.io.OutputStream;
+
+/**
+ * {@link OutputStream} that simply discards bytes written to it.
+ */
+public class NullOutputStream extends OutputStream {
+    @Override
+    public void write(int b) {
+        // NOP
+    }
+}

version.gradle

@@ -14,6 +14,6 @@ allprojects {
         logbackVersion = '1.2.13'
         mockitoVersion = '4.5.1'
         slf4jVersion = '1.7.36'
-        sopJavaVersion = '10.0.0-SNAPSHOT'
+        sopJavaVersion = '10.0.0'
     }
 }