[ https://issues.apache.org/jira/browse/MGPG-99?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tamas Cservenak reassigned MGPG-99: ----------------------------------- Assignee: Tamas Cservenak > Passcode byte array provided to gpg executable on stdin is not terminated > ------------------------------------------------------------------------- > > Key: MGPG-99 > URL: https://issues.apache.org/jira/browse/MGPG-99 > Project: Maven GPG Plugin > Issue Type: Bug > Affects Versions: 3.1.0 > Reporter: Niels Bertram > Assignee: Tamas Cservenak > Priority: Minor > Fix For: 3.2.0 > > Attachments: image-2023-08-15-10-40-10-637.png > > > We ran into a strange issue using the maven-gpg-plugin with gnu gpg 2.3.7. > The 2.x versions of gpg prefer to take the passcode for the signing key via > stdin and the maven-gpg-plugin does setup the signing process accordingly > with the `--passphrase-fd 0` > [argument|https://github.com/apache/maven-gpg-plugin/blob/master/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java#L102] > provided to the command process. > On [Line > 106|https://github.com/apache/maven-gpg-plugin/blob/master/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java#L106] > the passcode is written to as bytes to the input stream that is then > provided in [Line > 173|https://github.com/apache/maven-gpg-plugin/blob/master/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java#L173] > to the gpg process. > Unfortunately it appears that gpg requires a `CR` or `LF` to recognise that > the passcode is provided as arg 0 on stdin. In our case it does not and the > process fails with following error: `gpg: signing failed: No pinentry` . > The use of the loopback pinentry device is properly configured by the plugin > but the hint for us was that the gpg executable did not know there was any > input on stdin. > After some experimentation, we found that appending a `CR` character to the > passcode will trigger the stdin to provide the passcode to the program. > This "fix" looks like this in the `settings.xml` file. > !image-2023-08-15-10-40-10-637.png! -- This message was sent by Atlassian Jira (v8.20.10#820010)