Do not stop on receipt verification errors when --force is used.

library/src/main/java/pro/javacard/gp/ReceiptVerifier.java

@@ -44,6 +44,7 @@ static byte[] get_confirmation_data(byte[] response) {
     }
 
     abstract boolean check(ResponseAPDU response, byte[] context);
+    boolean log_only = false;
 
     static public class AESReceiptVerifier extends ReceiptVerifier {
         private final byte[] aes_key;
@@ -52,6 +53,12 @@ public AESReceiptVerifier(byte[] aesKey) {
             aes_key = aesKey.clone();
         }
 
+        public AESReceiptVerifier(byte[] aesKey, boolean log_only) {
+            aes_key = aesKey.clone();
+            this.log_only = log_only;
+        }
+
+        // XXX: the use of "log only" arguments, boolean function and exceptions is not nice. Refactor
         @Override
         boolean check(ResponseAPDU response, byte[] context) throws ReceiptVerificationException {
             byte[] data = response.getData();
@@ -71,11 +78,12 @@ boolean check(ResponseAPDU response, byte[] context) throws ReceiptVerificationE
             boolean verified = Arrays.equals(my, card);
             if (!verified) {
                 log.error("Receipt verification: {}", verified);
-                throw new ReceiptVerificationException("Receipt verification failed");
+                if (!log_only) {
+                    throw new ReceiptVerificationException("Receipt verification failed");
+                }
             } else {
                 log.info("Receipt verification: {}", verified);
             }
-
             return verified;
         }
     }

spotbugs.xml

@@ -1,23 +1,13 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <FindBugsFilter xmlns="https://github.com/spotbugs/filter/3.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="https://github.com/spotbugs/filter/3.0.0 https://raw.githubusercontent.com/spotbugs/spotbugs/3.1.0/spotbugs/etc/findbugsfilter.xsd">
-  <!-- two false positives in Java 11, see https://github.com/spotbugs/spotbugs/issues/756 -->
   <Match>
-    <Bug pattern="RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE"/>
-  </Match>
-  <Match>
-    <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/>
-  </Match>
-  <Match>
-    <Bug pattern="CT_CONSTRUCTOR_THROW"/>
+    <Class name="pro.javacard.gp.GPSession"/>
+    <Bug pattern="EI_EXPOSE_REP,CT_CONSTRUCTOR_THROW"/>
   </Match>
   <Match>
     <Class name="pro.javacard.gp.HexBytes"/>
     <Bug pattern="EI_EXPOSE_REP"/>
   </Match>
-  <Match>
-    <Class name="pro.javacard.gp.GPSession"/>
-    <Bug pattern="EI_EXPOSE_REP"/>
-  </Match>
   <Match>
     <Class name="pro.javacard.gp.GPCrypto"/>
     <Bug pattern="MS_PKGPROTECT"/>

tool/src/main/java/pro/javacard/gptool/GPTool.java

@@ -309,7 +309,8 @@ public int run(BIBO bibo, String[] argv) {
             }
 
             if (args.has(OPT_RECEIPT_KEY)) {
-                ReceiptVerifier verifier = new ReceiptVerifier.AESReceiptVerifier(args.valueOf(OPT_RECEIPT_KEY).v());
+                // XXX: refactor receipts.
+                ReceiptVerifier verifier = new ReceiptVerifier.AESReceiptVerifier(args.valueOf(OPT_RECEIPT_KEY).v(), args.has(OPT_FORCE));
                 gp.setVerifier(verifier);
             }
 
@@ -888,6 +889,7 @@ else if (keyver >= 0x30 && keyver <= 0x3F)
             if (isTrace)
                 e.printStackTrace();
         } catch (ReceiptVerifier.ReceiptVerificationException e) {
+            /// XXX: refactor
             System.err.println("WARNING: Operation completed, but receipt verification failed");
         }
         // Other exceptions escape. fin.