diff --git a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/GenerateKeyCmd.java b/sop-java-picocli/src/main/java/sop/cli/picocli/commands/GenerateKeyCmd.java
deleted file mode 100644
index eea992e..0000000
--- a/sop-java-picocli/src/main/java/sop/cli/picocli/commands/GenerateKeyCmd.java
+++ /dev/null
@@ -1,85 +0,0 @@
-// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package sop.cli.picocli.commands;
-
-import picocli.CommandLine;
-import sop.Ready;
-import sop.cli.picocli.SopCLI;
-import sop.exception.SOPGPException;
-import sop.operation.GenerateKey;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-@CommandLine.Command(name = "generate-key",
-        resourceBundle = "msg_generate-key",
-        exitCodeOnInvalidInput = SOPGPException.UnsupportedOption.EXIT_CODE)
-public class GenerateKeyCmd extends AbstractSopCmd {
-
-    @CommandLine.Option(names = "--no-armor",
-            negatable = true)
-    boolean armor = true;
-
-    @CommandLine.Parameters(paramLabel = "USERID")
-    List<String> userId = new ArrayList<>();
-
-    @CommandLine.Option(names = "--with-key-password",
-            paramLabel = "PASSWORD")
-    String withKeyPassword;
-
-    @CommandLine.Option(names = "--profile",
-            paramLabel = "PROFILE")
-    String profile;
-
-    @CommandLine.Option(names = "--signing-only")
-    boolean signingOnly = false;
-
-    @Override
-    public void run() {
-        GenerateKey generateKey = throwIfUnsupportedSubcommand(
-                SopCLI.getSop().generateKey(), "generate-key");
-
-        if (profile != null) {
-            try {
-                generateKey.profile(profile);
-            } catch (SOPGPException.UnsupportedProfile e) {
-                String errorMsg = getMsg("sop.error.usage.profile_not_supported", "generate-key", profile);
-                throw new SOPGPException.UnsupportedProfile(errorMsg, e);
-            }
-        }
-
-        if (signingOnly) {
-            generateKey.signingOnly();
-        }
-
-        for (String userId : userId) {
-            generateKey.userId(userId);
-        }
-
-        if (!armor) {
-            generateKey.noArmor();
-        }
-
-        if (withKeyPassword != null) {
-            try {
-                String password = stringFromInputStream(getInput(withKeyPassword));
-                generateKey.withKeyPassword(password);
-            } catch (SOPGPException.UnsupportedOption e) {
-                String errorMsg = getMsg("sop.error.feature_support.option_not_supported", "--with-key-password");
-                throw new SOPGPException.UnsupportedOption(errorMsg, e);
-            } catch (IOException e) {
-                throw new RuntimeException(e);
-            }
-        }
-
-        try {
-            Ready ready = generateKey.generate();
-            ready.writeTo(System.out);
-        } catch (IOException e) {
-            throw new RuntimeException(e);
-        }
-    }
-}
diff --git a/sop-java-picocli/src/main/kotlin/sop/cli/picocli/commands/GenerateKeyCmd.kt b/sop-java-picocli/src/main/kotlin/sop/cli/picocli/commands/GenerateKeyCmd.kt
new file mode 100644
index 0000000..fb5e321
--- /dev/null
+++ b/sop-java-picocli/src/main/kotlin/sop/cli/picocli/commands/GenerateKeyCmd.kt
@@ -0,0 +1,76 @@
+// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package sop.cli.picocli.commands
+
+import java.io.IOException
+import picocli.CommandLine.*
+import sop.cli.picocli.SopCLI
+import sop.exception.SOPGPException.UnsupportedOption
+import sop.exception.SOPGPException.UnsupportedProfile
+
+@Command(
+    name = "generate-key",
+    resourceBundle = "msg_generate-key",
+    exitCodeOnInvalidInput = UnsupportedOption.EXIT_CODE)
+class GenerateKeyCmd : AbstractSopCmd() {
+
+    @Option(names = ["--no-armor"], negatable = true) var armor = true
+
+    @Parameters(paramLabel = "USERID") var userId: List<String> = listOf()
+
+    @Option(names = ["---with-key-password"], paramLabel = "PASSWORD")
+    var withKeyPassword: String? = null
+
+    @Option(names = ["--profile"], paramLabel = "PROFILE") var profile: String? = null
+
+    @Option(names = ["--signing-only"]) var signingOnly: Boolean = false
+
+    override fun run() {
+        val generateKey =
+            throwIfUnsupportedSubcommand(SopCLI.getSop().generateKey(), "generate-key")
+
+        profile?.let {
+            try {
+                generateKey.profile(it)
+            } catch (e: UnsupportedProfile) {
+                val errorMsg =
+                    getMsg("sop.error.usage.profile_not_supported", "generate-key", profile!!)
+                throw UnsupportedProfile(errorMsg, e)
+            }
+        }
+
+        if (signingOnly) {
+            generateKey.signingOnly()
+        }
+
+        for (userId in userId) {
+            generateKey.userId(userId)
+        }
+
+        if (!armor) {
+            generateKey.noArmor()
+        }
+
+        withKeyPassword?.let {
+            try {
+                val password = stringFromInputStream(getInput(it))
+                generateKey.withKeyPassword(password)
+            } catch (e: UnsupportedOption) {
+                val errorMsg =
+                    getMsg("sop.error.feature_support.option_not_supported", "--with-key-password")
+                throw UnsupportedOption(errorMsg, e)
+            } catch (e: IOException) {
+                throw RuntimeException(e)
+            }
+        }
+
+        try {
+            val ready = generateKey.generate()
+            ready.writeTo(System.out)
+        } catch (e: IOException) {
+            throw RuntimeException(e)
+        }
+    }
+}