Package org.apache.tools.ant.taskdefs
Class SignJar
java.lang.Object
org.apache.tools.ant.ProjectComponent
org.apache.tools.ant.Task
org.apache.tools.ant.taskdefs.AbstractJarSignerTask
org.apache.tools.ant.taskdefs.SignJar
- All Implemented Interfaces:
Cloneable
Signs JAR or ZIP files with the javasign command line tool. The tool detailed
dependency checking: files are only signed if they are not signed. The
signjar
attribute can point to the file to generate; if this file
exists then its modification date is used as a cue as to whether to resign
any JAR file.
Timestamp signature support is based on Java 8- Since:
- Ant 1.1
- See Also:
-
Field Summary
Modifier and TypeFieldDescriptionprotected File
the output directory when using paths.static final String
error string for unit test verification: "Cannot map source file to anything sensible: "static final String
error string for unit test verification: "The destDir attribute is required if a mapper is set"static final String
error string for unit test verification: "alias attribute must be set"static final String
error string for unit test verification: "storepass attribute must be set"static final String
error string for unit test verification "You cannot specify the signed JAR when using paths or filesets"static final String
error string for unit test verification: "\'destdir\' and \'signedjar\' cannot both be set"static final String
error string for unit test verification: "Too many mappers"protected boolean
flag for internal sf signingprotected boolean
Whether to assume a jar which has an appropriate .SF file in is already signed.protected boolean
sign sections only?protected String
name to a signature fileprotected File
name of a single jarprotected String
alias for the TSA in the keystoreprotected String
Proxy host to be used when connecting to TSA serverprotected String
Proxy port to be used when connecting to TSA serverprotected String
URL for a tsa; null implies no tsa supportFields inherited from class org.apache.tools.ant.taskdefs.AbstractJarSignerTask
alias, ERROR_NO_SOURCE, filesets, jar, JARSIGNER_COMMAND, keypass, keystore, maxMemory, storepass, storetype, strict, verbose
Fields inherited from class org.apache.tools.ant.ProjectComponent
description, location, project
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
add
(FileNameMapper newMapper) add a mapper to determine file naming policy.void
execute()
sign the jar(s)Digest Algorithm; optionalget the active mapper; may be nullSignature Algorithm; optionalget the -tsacert optionTSA Digest Algorithm; optionalGet the proxy host to be used when connecting to the TSA urlGet the proxy host to be used when connecting to the TSA urlget the -tsaurl urlboolean
isForce()
Should the task force signing of a jar even it is already signed?protected boolean
test for a file being signed, by looking for a signature in the META-INF directory with our alias/sigfile.protected boolean
isUpToDate
(File jarFile, File signedjarFile) Compare a jar file with its corresponding signed jar.void
setDestDir
(File destDir) Optionally sets the output directory to be used.void
setDigestAlg
(String digestAlg) Digest Algorithm; optionalvoid
setForce
(boolean b) Whether to force signing of a jar even it is already signed.void
setInternalsf
(boolean internalsf) Flag to include the .SF file inside the signature; optional; default falsevoid
setLazy
(boolean lazy) flag to control whether the presence of a signature file means a JAR is signed; optional, default falsevoid
setPreserveLastModified
(boolean preserveLastModified) true to indicate that the signed jar modification date remains the same as the original.void
setSectionsonly
(boolean sectionsonly) flag to compute hash of entire manifest; optional, default falsevoid
Signature Algorithm; optionalvoid
setSigfile
(String sigfile) name of .SF/.DSA file; optionalvoid
setSignedjar
(File signedjar) name of signed JAR file; optionalvoid
setTsacert
(String tsacert) set the alias in the keystore of the TSA to use;void
setTSADigestAlg
(String digestAlg) TSA Digest Algorithm; optionalvoid
setTsaproxyhost
(String tsaproxyhost) void
setTsaproxyport
(String tsaproxyport) void
Methods inherited from class org.apache.tools.ant.taskdefs.AbstractJarSignerTask
addArg, addArgument, addFileset, addSysproperty, addValue, beginExecution, bindToKeystore, createJarSigner, createPath, createUnifiedSourcePath, createUnifiedSources, declareSysProperty, endExecution, getRedirector, hasResources, setAlias, setCommonOptions, setExecutable, setJar, setKeypass, setKeystore, setMaxmemory, setProviderArg, setProviderClass, setProviderName, setStorepass, setStoretype, setStrict, setVerbose
Methods inherited from class org.apache.tools.ant.Task
bindToOwner, getOwningTarget, getRuntimeConfigurableWrapper, getTaskName, getTaskType, getWrapper, handleErrorFlush, handleErrorOutput, handleFlush, handleInput, handleOutput, init, isInvalid, log, log, log, log, maybeConfigure, perform, reconfigure, setOwningTarget, setRuntimeConfigurableWrapper, setTaskName, setTaskType
Methods inherited from class org.apache.tools.ant.ProjectComponent
clone, getDescription, getLocation, getProject, setDescription, setLocation, setProject
-
Field Details
-
ERROR_TODIR_AND_SIGNEDJAR
error string for unit test verification: "\'destdir\' and \'signedjar\' cannot both be set"- See Also:
-
ERROR_TOO_MANY_MAPPERS
error string for unit test verification: "Too many mappers"- See Also:
-
ERROR_SIGNEDJAR_AND_PATHS
error string for unit test verification "You cannot specify the signed JAR when using paths or filesets"- See Also:
-
ERROR_BAD_MAP
error string for unit test verification: "Cannot map source file to anything sensible: "- See Also:
-
ERROR_MAPPER_WITHOUT_DEST
error string for unit test verification: "The destDir attribute is required if a mapper is set"- See Also:
-
ERROR_NO_ALIAS
error string for unit test verification: "alias attribute must be set"- See Also:
-
ERROR_NO_STOREPASS
error string for unit test verification: "storepass attribute must be set"- See Also:
-
sigfile
name to a signature file -
signedjar
name of a single jar -
internalsf
protected boolean internalsfflag for internal sf signing -
sectionsonly
protected boolean sectionsonlysign sections only? -
lazy
protected boolean lazyWhether to assume a jar which has an appropriate .SF file in is already signed. -
destDir
the output directory when using paths. -
tsaurl
URL for a tsa; null implies no tsa support -
tsaproxyhost
Proxy host to be used when connecting to TSA server -
tsaproxyport
Proxy port to be used when connecting to TSA server -
tsacert
alias for the TSA in the keystore
-
-
Constructor Details
-
SignJar
public SignJar()
-
-
Method Details
-
setSigfile
name of .SF/.DSA file; optional- Parameters:
sigfile
- the name of the .SF/.DSA file
-
setSignedjar
name of signed JAR file; optional- Parameters:
signedjar
- the name of the signed jar file
-
setInternalsf
public void setInternalsf(boolean internalsf) Flag to include the .SF file inside the signature; optional; default false- Parameters:
internalsf
- if true include the .SF file inside the signature
-
setSectionsonly
public void setSectionsonly(boolean sectionsonly) flag to compute hash of entire manifest; optional, default false- Parameters:
sectionsonly
- flag to compute hash of entire manifest
-
setLazy
public void setLazy(boolean lazy) flag to control whether the presence of a signature file means a JAR is signed; optional, default false- Parameters:
lazy
- flag to control whether the presence of a signature
-
setDestDir
Optionally sets the output directory to be used.- Parameters:
destDir
- the directory in which to place signed jars- Since:
- Ant 1.7
-
add
add a mapper to determine file naming policy. Only used with toDir processing.- Parameters:
newMapper
- the mapper to add.- Since:
- Ant 1.7
-
getMapper
get the active mapper; may be null- Returns:
- mapper or null
- Since:
- Ant 1.7
-
getTsaurl
-
setTsaurl
- Parameters:
tsaurl
- the tsa url.- Since:
- Ant 1.7
-
getTsaproxyhost
Get the proxy host to be used when connecting to the TSA url- Returns:
- url or null
- Since:
- Ant 1.9.5
-
setTsaproxyhost
- Parameters:
tsaproxyhost
- the proxy host to be used when connecting to the TSA.- Since:
- Ant 1.9.5
-
getTsaproxyport
Get the proxy host to be used when connecting to the TSA url- Returns:
- url or null
- Since:
- Ant 1.9.5
-
setTsaproxyport
- Parameters:
tsaproxyport
- the proxy port to be used when connecting to the TSA.- Since:
- Ant 1.9.5
-
getTsacert
get the -tsacert option- Returns:
- a certificate alias or null
- Since:
- Ant 1.7
-
setTsacert
set the alias in the keystore of the TSA to use;- Parameters:
tsacert
- the cert alias.
-
setForce
public void setForce(boolean b) Whether to force signing of a jar even it is already signed.- Parameters:
b
- boolean- Since:
- Ant 1.8.0
-
isForce
public boolean isForce()Should the task force signing of a jar even it is already signed?- Returns:
- boolean
- Since:
- Ant 1.8.0
-
setSigAlg
Signature Algorithm; optional- Parameters:
sigAlg
- the signature algorithm
-
getSigAlg
-
setDigestAlg
Digest Algorithm; optional- Parameters:
digestAlg
- the digest algorithm
-
getDigestAlg
-
setTSADigestAlg
TSA Digest Algorithm; optional- Parameters:
digestAlg
- the tsa digest algorithm- Since:
- Ant 1.10.2
-
getTSADigestAlg
-
execute
sign the jar(s)- Overrides:
execute
in classTask
- Throws:
BuildException
- on errors
-
isUpToDate
Compare a jar file with its corresponding signed jar. The logic for this is complex, and best explained in the source itself. Essentially if either file doesn't exist, or the destfile has an out of date timestamp, then the return value is false.
If we are signing ourself, the check
isSigned(File)
is used to trigger the process.- Parameters:
jarFile
- the unsigned jar filesignedjarFile
- the result signed jar file- Returns:
- true if the signedjarFile is considered up to date
-
isSigned
test for a file being signed, by looking for a signature in the META-INF directory with our alias/sigfile.- Parameters:
file
- the file to be checked- Returns:
- true if the file is signed
- See Also:
-
setPreserveLastModified
public void setPreserveLastModified(boolean preserveLastModified) true to indicate that the signed jar modification date remains the same as the original. Defaults to false- Parameters:
preserveLastModified
- if true preserve the last modified time
-