org.apache.tools.ant.taskdefs

Class SignJar

java.lang.Object

org.apache.tools.ant.ProjectComponent

org.apache.tools.ant.Task

org.apache.tools.ant.taskdefs.AbstractJarSignerTask

org.apache.tools.ant.taskdefs.SignJar

All Implemented Interfaces:

java.lang.Cloneable

public class SignJar
extends AbstractJarSignerTask

Signs JAR or ZIP files with the javasign command line tool. The tool detailed dependency checking: files are only signed if they are not signed. The signjar attribute can point to the file to generate; if this file exists then its modification date is used as a cue as to whether to resign any JAR file. Timestamp driven signing is based on the unstable and inadequately documented information in the Java1.5 docs

Since:

Ant 1.1

See Also:

beta documentation

Field Summary

Fields

Modifier and Type	Field and Description
protected java.io.File	destDir the output directory when using paths.
static java.lang.String	ERROR_BAD_MAP error string for unit test verification: "Cannot map source file to anything sensible: "
static java.lang.String	ERROR_MAPPER_WITHOUT_DEST error string for unit test verification: "The destDir attribute is required if a mapper is set"
static java.lang.String	ERROR_NO_ALIAS error string for unit test verification: "alias attribute must be set"
static java.lang.String	ERROR_NO_STOREPASS error string for unit test verification: "storepass attribute must be set"
static java.lang.String	ERROR_SIGNEDJAR_AND_PATHS error string for unit test verification "You cannot specify the signed JAR when using paths or filesets"
static java.lang.String	ERROR_TODIR_AND_SIGNEDJAR error string for unit test verification: "\'destdir\' and \'signedjar\' cannot both be set"
static java.lang.String	ERROR_TOO_MANY_MAPPERS error string for unit test verification: "Too many mappers"
protected boolean	internalsf flag for internal sf signing
protected boolean	lazy Whether to assume a jar which has an appropriate .SF file in is already signed.
protected boolean	sectionsonly sign sections only?
protected java.lang.String	sigfile name to a signature file
protected java.io.File	signedjar name of a single jar
protected java.lang.String	tsacert alias for the TSA in the keystore
protected java.lang.String	tsaproxyhost Proxy host to be used when connecting to TSA server
protected java.lang.String	tsaproxyport Proxy port to be used when connecting to TSA server
protected java.lang.String	tsaurl URL for a tsa; null implies no tsa support

Fields inherited from class org.apache.tools.ant.taskdefs.AbstractJarSignerTask

alias, ERROR_NO_SOURCE, filesets, jar, JARSIGNER_COMMAND, keypass, keystore, maxMemory, storepass, storetype, strict, verbose

Fields inherited from class org.apache.tools.ant.Task

target, taskName, taskType, wrapper

Fields inherited from class org.apache.tools.ant.ProjectComponent

description, location, project

Constructor Summary

Constructors

Constructor and Description
SignJar()

Method Summary

Modifier and Type	Method and Description
void	add(FileNameMapper newMapper) add a mapper to determine file naming policy.
void	execute() sign the jar(s)
java.lang.String	getDigestAlg() Digest Algorithm; optional
FileNameMapper	getMapper() get the active mapper; may be null
java.lang.String	getSigAlg() Signature Algorithm; optional
java.lang.String	getTsacert() get the -tsacert option
java.lang.String	getTsaproxyhost() Get the proxy host to be used when connecting to the TSA url
java.lang.String	getTsaproxyport() Get the proxy host to be used when connecting to the TSA url
java.lang.String	getTsaurl() get the -tsaurl url
boolean	isForce() Should the task force signing of a jar even it is already signed?
protected boolean	isSigned(java.io.File file) test for a file being signed, by looking for a signature in the META-INF directory with our alias/sigfile.
protected boolean	isUpToDate(java.io.File jarFile, java.io.File signedjarFile) Compare a jar file with its corresponding signed jar.
void	setDestDir(java.io.File destDir) Optionally sets the output directory to be used.
void	setDigestAlg(java.lang.String digestAlg) Digest Algorithm; optional
void	setForce(boolean b) Whether to force signing of a jar even it is already signed.
void	setInternalsf(boolean internalsf) Flag to include the .SF file inside the signature; optional; default false
void	setLazy(boolean lazy) flag to control whether the presence of a signature file means a JAR is signed; optional, default false
void	setPreserveLastModified(boolean preserveLastModified) true to indicate that the signed jar modification date remains the same as the original.
void	setSectionsonly(boolean sectionsonly) flag to compute hash of entire manifest; optional, default false
void	setSigAlg(java.lang.String sigAlg) Signature Algorithm; optional
void	setSigfile(java.lang.String sigfile) name of .SF/.DSA file; optional
void	setSignedjar(java.io.File signedjar) name of signed JAR file; optional
void	setTsacert(java.lang.String tsacert) set the alias in the keystore of the TSA to use;
void	setTsaproxyhost(java.lang.String tsaproxyhost)
void	setTsaproxyport(java.lang.String tsaproxyport)
void	setTsaurl(java.lang.String tsaurl)

Methods inherited from class org.apache.tools.ant.taskdefs.AbstractJarSignerTask

addArg, addArgument, addFileset, addSysproperty, addValue, beginExecution, bindToKeystore, createJarSigner, createPath, createUnifiedSourcePath, createUnifiedSources, declareSysProperty, endExecution, getRedirector, hasResources, setAlias, setCommonOptions, setExecutable, setJar, setKeypass, setKeystore, setMaxmemory, setProviderArg, setProviderClass, setProviderName, setStorepass, setStoretype, setStrict, setVerbose

Methods inherited from class org.apache.tools.ant.Task

bindToOwner, getOwningTarget, getRuntimeConfigurableWrapper, getTaskName, getTaskType, getWrapper, handleErrorFlush, handleErrorOutput, handleFlush, handleInput, handleOutput, init, isInvalid, log, log, log, log, maybeConfigure, perform, reconfigure, setOwningTarget, setRuntimeConfigurableWrapper, setTaskName, setTaskType

Methods inherited from class org.apache.tools.ant.ProjectComponent

clone, getDescription, getLocation, getProject, setDescription, setLocation, setProject

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

sigfile

protected java.lang.String sigfile

name to a signature file

signedjar

protected java.io.File signedjar

name of a single jar

internalsf

protected boolean internalsf

flag for internal sf signing

sectionsonly

protected boolean sectionsonly

sign sections only?

lazy

protected boolean lazy

Whether to assume a jar which has an appropriate .SF file in is already signed.

destDir

protected java.io.File destDir

the output directory when using paths.

tsaurl

protected java.lang.String tsaurl

URL for a tsa; null implies no tsa support

tsaproxyhost

protected java.lang.String tsaproxyhost

Proxy host to be used when connecting to TSA server

tsaproxyport

protected java.lang.String tsaproxyport

Proxy port to be used when connecting to TSA server

tsacert

protected java.lang.String tsacert

alias for the TSA in the keystore

ERROR_TODIR_AND_SIGNEDJAR

public static final java.lang.String ERROR_TODIR_AND_SIGNEDJAR

error string for unit test verification: "\'destdir\' and \'signedjar\' cannot both be set"

See Also:

Constant Field Values

ERROR_TOO_MANY_MAPPERS

public static final java.lang.String ERROR_TOO_MANY_MAPPERS

error string for unit test verification: "Too many mappers"

See Also:

Constant Field Values

ERROR_SIGNEDJAR_AND_PATHS

public static final java.lang.String ERROR_SIGNEDJAR_AND_PATHS

error string for unit test verification "You cannot specify the signed JAR when using paths or filesets"

See Also:

Constant Field Values

ERROR_BAD_MAP

public static final java.lang.String ERROR_BAD_MAP

error string for unit test verification: "Cannot map source file to anything sensible: "

See Also:

Constant Field Values

ERROR_MAPPER_WITHOUT_DEST

public static final java.lang.String ERROR_MAPPER_WITHOUT_DEST

error string for unit test verification: "The destDir attribute is required if a mapper is set"

See Also:

Constant Field Values

ERROR_NO_ALIAS

public static final java.lang.String ERROR_NO_ALIAS

error string for unit test verification: "alias attribute must be set"

See Also:

Constant Field Values

ERROR_NO_STOREPASS

public static final java.lang.String ERROR_NO_STOREPASS

error string for unit test verification: "storepass attribute must be set"

See Also:

Constant Field Values

Constructor Detail

SignJar

public SignJar()

Method Detail

setSigfile

public void setSigfile(java.lang.String sigfile)

name of .SF/.DSA file; optional

Parameters:

sigfile - the name of the .SF/.DSA file

setSignedjar

public void setSignedjar(java.io.File signedjar)

name of signed JAR file; optional

Parameters:

signedjar - the name of the signed jar file

setInternalsf

public void setInternalsf(boolean internalsf)

Flag to include the .SF file inside the signature; optional; default false

Parameters:

internalsf - if true include the .SF file inside the signature

setSectionsonly

public void setSectionsonly(boolean sectionsonly)

flag to compute hash of entire manifest; optional, default false

Parameters:

sectionsonly - flag to compute hash of entire manifest

setLazy

public void setLazy(boolean lazy)

flag to control whether the presence of a signature file means a JAR is signed; optional, default false

Parameters:

lazy - flag to control whether the presence of a signature

setDestDir

public void setDestDir(java.io.File destDir)

Optionally sets the output directory to be used.

Parameters:

destDir - the directory in which to place signed jars

Since:

Ant 1.7

add

public void add(FileNameMapper newMapper)

add a mapper to determine file naming policy. Only used with toDir processing.

Parameters:

newMapper - the mapper to add.

Since:

Ant 1.7

getMapper

public FileNameMapper getMapper()

get the active mapper; may be null

Returns:

mapper or null

Since:

Ant 1.7

getTsaurl

public java.lang.String getTsaurl()

get the -tsaurl url

Returns:

url or null

Since:

Ant 1.7

setTsaurl

public void setTsaurl(java.lang.String tsaurl)

Parameters:

tsaurl - the tsa url.

Since:

Ant 1.7

getTsaproxyhost

public java.lang.String getTsaproxyhost()

Get the proxy host to be used when connecting to the TSA url

Returns:

url or null

Since:

Ant 1.9.5

setTsaproxyhost

public void setTsaproxyhost(java.lang.String tsaproxyhost)

Parameters:

tsaproxyhost - the proxy host to be used when connecting to the TSA.

Since:

Ant 1.9.5

getTsaproxyport

public java.lang.String getTsaproxyport()

Get the proxy host to be used when connecting to the TSA url

Returns:

url or null

Since:

Ant 1.9.5

setTsaproxyport

public void setTsaproxyport(java.lang.String tsaproxyport)

Parameters:

tsaproxyport - the proxy port to be used when connecting to the TSA.

Since:

Ant 1.9.5

getTsacert

public java.lang.String getTsacert()

get the -tsacert option

Returns:

a certificate alias or null

Since:

Ant 1.7

setTsacert

public void setTsacert(java.lang.String tsacert)

set the alias in the keystore of the TSA to use;

Parameters:

tsacert - the cert alias.

setForce

public void setForce(boolean b)

Whether to force signing of a jar even it is already signed.

Parameters:

b - boolean

Since:

Ant 1.8.0

isForce

public boolean isForce()

Should the task force signing of a jar even it is already signed?

Returns:

boolean

Since:

Ant 1.8.0

setSigAlg

public void setSigAlg(java.lang.String sigAlg)

Signature Algorithm; optional

Parameters:

sigAlg - the signature algorithm

getSigAlg

public java.lang.String getSigAlg()

Signature Algorithm; optional

Returns:

String

setDigestAlg

public void setDigestAlg(java.lang.String digestAlg)

Digest Algorithm; optional

Parameters:

digestAlg - the digest algorithm

getDigestAlg

public java.lang.String getDigestAlg()

Digest Algorithm; optional

Returns:

String

execute

public void execute()
             throws BuildException

sign the jar(s)

Overrides:

execute in class Task

Throws:

BuildException - on errors

isUpToDate

protected boolean isUpToDate(java.io.File jarFile,
                             java.io.File signedjarFile)

Compare a jar file with its corresponding signed jar. The logic for this is complex, and best explained in the source itself. Essentially if either file doesn't exist, or the destfile has an out of date timestamp, then the return value is false.

If we are signing ourself, the check isSigned(File) is used to trigger the process.

Parameters:

jarFile - the unsigned jar file

signedjarFile - the result signed jar file

Returns:

true if the signedjarFile is considered up to date

isSigned

protected boolean isSigned(java.io.File file)

test for a file being signed, by looking for a signature in the META-INF directory with our alias/sigfile.

Parameters:

file - the file to be checked

Returns:

true if the file is signed

See Also:

IsSigned.isSigned(File, String)

setPreserveLastModified

public void setPreserveLastModified(boolean preserveLastModified)

true to indicate that the signed jar modification date remains the same as the original. Defaults to false

Parameters:

preserveLastModified - if true preserve the last modified time