apache · cstamas · Sep 24, 2024 · Sep 23, 2024 · Sep 24, 2024 · Sep 24, 2024
diff --git a/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojo.java b/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojo.java
@@ -270,6 +270,22 @@ public abstract class AbstractGpgMojo extends AbstractMojo {
     @Parameter(property = "gpg.bestPractices", defaultValue = "false")
     private boolean bestPractices;
 
+    /**
+     * Whether to terminate the passphrase with LF character or not, as on some systems and some GPG executable combinations
+     * lack of trailing LF may cause GPG to not detect passphrase on STDIN. Since 3.2.0 it was always appended, unless
+     * passphrase itself ended with it. Note: before 3.2.7 the "line separator" was used for termination, that on
+     * other hand caused issues on Windows, where line separator is CRLF while GPG handles LF only.
+     * This parameter affects ONLY the GPG signer, not the BC signer.
+     * <p>
+     * By default, this parameter is {@code true}.
+     *
+     * @since 3.2.7
+     * @see <a href="https://issues.apache.org/jira/browse/MGPG-99">MGPG-99</a>
+     * @see <a href="https://issues.apache.org/jira/browse/MGPG-136">MGPG-136</a>
+     */
+    @Parameter(property = "gpg.terminatePassphrase", defaultValue = "true")
+    private boolean terminatePassphrase;
+
     /**
      * Current user system settings for use in Maven.
      *
@@ -345,6 +361,7 @@ protected AbstractGpgSigner newSigner(MavenProject mavenProject) throws MojoFail
         signer.setPublicKeyring(publicKeyring);
         signer.setLockMode(lockMode);
         signer.setArgs(gpgArguments);
+        signer.setTerminatePassphrase(terminatePassphrase);
 
         // "new way": env prevails
         String passphrase =

diff --git a/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgSigner.java b/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgSigner.java
@@ -46,6 +46,8 @@ public abstract class AbstractGpgSigner {
 
     protected String passphrase;
 
+    protected boolean terminatePassphrase;
+
     private File outputDir;
 
     private File buildDir;
@@ -98,6 +100,10 @@ public void setPassPhrase(String s) {
         passphrase = s;
     }
 
+    public void setTerminatePassphrase(boolean b) {
+        this.terminatePassphrase = b;
+    }
+
     public void setOutputDirectory(File out) {
         outputDir = out;
     }

diff --git a/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java b/src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java
@@ -112,9 +112,10 @@ protected void generateSignatureForFile(File file, File signature) throws MojoEx
             cmd.createArg().setValue("--passphrase-fd");
             cmd.createArg().setValue("0");
 
-            // Prepare the input stream which will be used to pass the passphrase to the executable
-            if (!passphrase.endsWith(System.lineSeparator())) {
-                in = new ByteArrayInputStream((passphrase + System.lineSeparator()).getBytes());
+            // Prepare the STDIN stream which will be used to pass the passphrase to the executable
+            // but obey terminatePassphrase: append LF if asked for
+            if (terminatePassphrase && !passphrase.endsWith("\n")) {
+                in = new ByteArrayInputStream((passphrase + "\n").getBytes());
             } else {
                 in = new ByteArrayInputStream(passphrase.getBytes());
             }