[MGPG-136] Windows passphrase corruption (#120)

Since 3.2.0 version we always appended "line separator" to passphrase unless it itself ended with one. But, this caused problem on Windows, as (our assumption is) that GPG uses binary read of STDIN, and on Windows "line separator" is "\r\n", while GPG handles "\n" only, making passphrase corrupted by presence of unwanted "\r".

---

https://issues.apache.org/jira/browse/MGPG-136

Author: cstamas

src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojo.java

@@ -270,6 +270,22 @@ public abstract class AbstractGpgMojo extends AbstractMojo {
     @Parameter(property = "gpg.bestPractices", defaultValue = "false")
     private boolean bestPractices;
 
+    /**
+     * Whether to terminate the passphrase with LF character or not, as on some systems and some GPG executable combinations
+     * lack of trailing LF may cause GPG to not detect passphrase on STDIN. Since 3.2.0 it was always appended, unless
+     * passphrase itself ended with it. Note: before 3.2.7 the "line separator" was used for termination, that on
+     * other hand caused issues on Windows, where line separator is CRLF while GPG handles LF only.
+     * This parameter affects ONLY the GPG signer, not the BC signer.
+     * <p>
+     * By default, this parameter is {@code true}.
+     *
+     * @since 3.2.7
+     * @see <a href="https://issues.apache.org/jira/browse/MGPG-99">MGPG-99</a>
+     * @see <a href="https://issues.apache.org/jira/browse/MGPG-136">MGPG-136</a>
+     */
+    @Parameter(property = "gpg.terminatePassphrase", defaultValue = "true")
+    private boolean terminatePassphrase;
+
     /**
      * Current user system settings for use in Maven.
      *
@@ -345,6 +361,7 @@ protected AbstractGpgSigner newSigner(MavenProject mavenProject) throws MojoFail
         signer.setPublicKeyring(publicKeyring);
         signer.setLockMode(lockMode);
         signer.setArgs(gpgArguments);
+        signer.setTerminatePassphrase(terminatePassphrase);
 
         // "new way": env prevails
         String passphrase =

src/main/java/org/apache/maven/plugins/gpg/AbstractGpgSigner.java

@@ -46,6 +46,8 @@ public abstract class AbstractGpgSigner {
 
     protected String passphrase;
 
+    protected boolean terminatePassphrase;
+
     private File outputDir;
 
     private File buildDir;
@@ -98,6 +100,10 @@ public void setPassPhrase(String s) {
         passphrase = s;
     }
 
+    public void setTerminatePassphrase(boolean b) {
+        this.terminatePassphrase = b;
+    }
+
     public void setOutputDirectory(File out) {
         outputDir = out;
     }

src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java

@@ -112,9 +112,10 @@ protected void generateSignatureForFile(File file, File signature) throws MojoEx
             cmd.createArg().setValue("--passphrase-fd");
             cmd.createArg().setValue("0");
 
-            // Prepare the input stream which will be used to pass the passphrase to the executable
-            if (!passphrase.endsWith(System.lineSeparator())) {
-                in = new ByteArrayInputStream((passphrase + System.lineSeparator()).getBytes());
+            // Prepare the STDIN stream which will be used to pass the passphrase to the executable
+            // but obey terminatePassphrase: append LF if asked for
+            if (terminatePassphrase && !passphrase.endsWith("\n")) {
+                in = new ByteArrayInputStream((passphrase + "\n").getBytes());
             } else {
                 in = new ByteArrayInputStream(passphrase.getBytes());
             }