Fix indirect parameter passing for change-key-password password arguments

Fixes https://github.com/pgpainless/pgpainless/issues/453 Thanks to @dkg for the report
2024-11-19 13:52:05 +01:00 · 2024-10-31 13:21:52 +01:00 · 2024-10-31 13:21:52 +01:00 · 00925e6511
commit 00925e6511
parent 5ea94233d8
2 changed files with 13 additions and 8 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,6 +6,9 @@ SPDX-License-Identifier: Apache-2.0
 # Changelog
 ## 7.0.2-SNAPSHOT
 - CLI `change-key-password`: Fix indirect parameter passing for new and old passwords (thanks to @dkg for the report)
 ## 7.0.1
 - `decrypt`: Do not throw `NoSignature` exception (exit code 3) if `--verify-with` is provided, but `VERIFICATIONS` is empty.
--- a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/ChangeKeyPasswordCmd.java
+++ b/sop-java-picocli/src/main/java/sop/cli/picocli/commands/ChangeKeyPasswordCmd.java
@ -39,15 +39,17 @@ public class ChangeKeyPasswordCmd extends AbstractSopCmd {
            changeKeyPassword.noArmor();
        }
        try {
            for (String oldKeyPassword : oldKeyPasswords) {
-            changeKeyPassword.oldKeyPassphrase(oldKeyPassword);
+                String password = stringFromInputStream(getInput(oldKeyPassword));
                changeKeyPassword.oldKeyPassphrase(password);
            }
            if (newKeyPassword != null) {
-            changeKeyPassword.newKeyPassphrase(newKeyPassword);
+                String password = stringFromInputStream(getInput(newKeyPassword));
                changeKeyPassword.newKeyPassphrase(password);
            }
        try {
            changeKeyPassword.keys(System.in).writeTo(System.out);
        } catch (IOException e) {
            throw new RuntimeException(e);