org.apache.tools.ant.taskdefs

Class SignJar

java.lang.Object

org.apache.tools.ant.ProjectComponent

org.apache.tools.ant.Task

org.apache.tools.ant.taskdefs.AbstractJarSignerTask

org.apache.tools.ant.taskdefs.SignJar

All Implemented Interfaces:

Cloneable

public class SignJar
extends AbstractJarSignerTask

Signs JAR or ZIP files with the javasign command line tool. The tool detailed dependency checking: files are only signed if they are not signed. The signjar attribute can point to the file to generate; if this file exists then its modification date is used as a cue as to whether to resign any JAR file. Timestamp driven signing is based on the unstable and inadequately documented information in the Java1.5 docs

Since:

Ant 1.1

See Also:

beta documentation

Field Summary

Fields

Modifier and Type	Field and Description
protected File	destDir the output directory when using paths.
static String	ERROR_BAD_MAP error string for unit test verification: "Cannot map source file to anything sensible: "
static String	ERROR_MAPPER_WITHOUT_DEST error string for unit test verification: "The destDir attribute is required if a mapper is set"
static String	ERROR_NO_ALIAS error string for unit test verification: "alias attribute must be set"
static String	ERROR_NO_STOREPASS error string for unit test verification: "storepass attribute must be set"
static String	ERROR_SIGNEDJAR_AND_PATHS error string for unit test verification "You cannot specify the signed JAR when using paths or filesets"
static String	ERROR_TODIR_AND_SIGNEDJAR error string for unit test verification: "\'destdir\' and \'signedjar\' cannot both be set"
static String	ERROR_TOO_MANY_MAPPERS error string for unit test verification: "Too many mappers"
protected boolean	internalsf flag for internal sf signing
protected boolean	lazy Whether to assume a jar which has an appropriate .SF file in is already signed.
protected boolean	sectionsonly sign sections only?
protected String	sigfile name to a signature file
protected File	signedjar name of a single jar
protected String	tsacert alias for the TSA in the keystore
protected String	tsaproxyhost Proxy host to be used when connecting to TSA server
protected String	tsaproxyport Proxy port to be used when connecting to TSA server
protected String	tsaurl URL for a tsa; null implies no tsa support

Fields inherited from class org.apache.tools.ant.taskdefs.AbstractJarSignerTask

alias, ERROR_NO_SOURCE, filesets, jar, JARSIGNER_COMMAND, keypass, keystore, maxMemory, storepass, storetype, strict, verbose

Constructor Summary

Constructors

Constructor and Description
SignJar()

Method Summary

Modifier and Type	Method and Description
void	add(FileNameMapper newMapper) add a mapper to determine file naming policy.
void	execute() sign the jar(s)
String	getDigestAlg() Digest Algorithm; optional
FileNameMapper	getMapper() get the active mapper; may be null
String	getSigAlg() Signature Algorithm; optional
String	getTsacert() get the -tsacert option
String	getTsaproxyhost() Get the proxy host to be used when connecting to the TSA url
String	getTsaproxyport() Get the proxy host to be used when connecting to the TSA url
String	getTsaurl() get the -tsaurl url
boolean	isForce() Should the task force signing of a jar even it is already signed?
protected boolean	isSigned(File file) test for a file being signed, by looking for a signature in the META-INF directory with our alias/sigfile.
protected boolean	isUpToDate(File jarFile, File signedjarFile) Compare a jar file with its corresponding signed jar.
void	setDestDir(File destDir) Optionally sets the output directory to be used.
void	setDigestAlg(String digestAlg) Digest Algorithm; optional
void	setForce(boolean b) Whether to force signing of a jar even it is already signed.
void	setInternalsf(boolean internalsf) Flag to include the .SF file inside the signature; optional; default false
void	setLazy(boolean lazy) flag to control whether the presence of a signature file means a JAR is signed; optional, default false
void	setPreserveLastModified(boolean preserveLastModified) true to indicate that the signed jar modification date remains the same as the original.
void	setSectionsonly(boolean sectionsonly) flag to compute hash of entire manifest; optional, default false
void	setSigAlg(String sigAlg) Signature Algorithm; optional
void	setSigfile(String sigfile) name of .SF/.DSA file; optional
void	setSignedjar(File signedjar) name of signed JAR file; optional
void	setTsacert(String tsacert) set the alias in the keystore of the TSA to use;
void	setTsaproxyhost(String tsaproxyhost)
void	setTsaproxyport(String tsaproxyport)
void	setTsaurl(String tsaurl)

Methods inherited from class org.apache.tools.ant.taskdefs.AbstractJarSignerTask

addFileset, addSysproperty, addValue, beginExecution, bindToKeystore, createJarSigner, createPath, createUnifiedSourcePath, createUnifiedSources, declareSysProperty, endExecution, getRedirector, hasResources, setAlias, setCommonOptions, setExecutable, setJar, setKeypass, setKeystore, setMaxmemory, setStorepass, setStoretype, setStrict, setVerbose

Methods inherited from class org.apache.tools.ant.Task

bindToOwner, getOwningTarget, getRuntimeConfigurableWrapper, getTaskName, getTaskType, getWrapper, handleErrorFlush, handleErrorOutput, handleFlush, handleInput, handleOutput, init, isInvalid, log, log, log, log, maybeConfigure, perform, reconfigure, setOwningTarget, setRuntimeConfigurableWrapper, setTaskName, setTaskType

Methods inherited from class org.apache.tools.ant.ProjectComponent

clone, getDescription, getLocation, getProject, setDescription, setLocation, setProject

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

destDir

protected File destDir

the output directory when using paths.

ERROR_BAD_MAP

public static final String ERROR_BAD_MAP

error string for unit test verification: "Cannot map source file to anything sensible: "

See Also:

Constant Field Values

ERROR_MAPPER_WITHOUT_DEST

public static final String ERROR_MAPPER_WITHOUT_DEST

error string for unit test verification: "The destDir attribute is required if a mapper is set"

See Also:

Constant Field Values

ERROR_NO_ALIAS

public static final String ERROR_NO_ALIAS

error string for unit test verification: "alias attribute must be set"

See Also:

Constant Field Values

ERROR_NO_STOREPASS

public static final String ERROR_NO_STOREPASS

error string for unit test verification: "storepass attribute must be set"

See Also:

Constant Field Values

ERROR_SIGNEDJAR_AND_PATHS

public static final String ERROR_SIGNEDJAR_AND_PATHS

error string for unit test verification "You cannot specify the signed JAR when using paths or filesets"

See Also:

Constant Field Values

ERROR_TODIR_AND_SIGNEDJAR

public static final String ERROR_TODIR_AND_SIGNEDJAR

error string for unit test verification: "\'destdir\' and \'signedjar\' cannot both be set"

See Also:

Constant Field Values

ERROR_TOO_MANY_MAPPERS

public static final String ERROR_TOO_MANY_MAPPERS

error string for unit test verification: "Too many mappers"

See Also:

Constant Field Values

internalsf

protected boolean internalsf

flag for internal sf signing

lazy

protected boolean lazy

Whether to assume a jar which has an appropriate .SF file in is already signed.

sectionsonly

protected boolean sectionsonly

sign sections only?

sigfile

protected String sigfile

name to a signature file

signedjar

protected File signedjar

name of a single jar

tsacert

protected String tsacert

alias for the TSA in the keystore

tsaproxyhost

protected String tsaproxyhost

Proxy host to be used when connecting to TSA server

tsaproxyport

protected String tsaproxyport

Proxy port to be used when connecting to TSA server

tsaurl

protected String tsaurl

URL for a tsa; null implies no tsa support

Constructor Detail

SignJar

public SignJar()

Method Detail

add

public void add(FileNameMapper newMapper)

add a mapper to determine file naming policy. Only used with toDir processing.

Parameters:

newMapper - the mapper to add.

Since:

Ant 1.7

execute

public void execute()
             throws BuildException

sign the jar(s)

Overrides:

execute in class Task

Throws:

BuildException - on errors

getDigestAlg

public String getDigestAlg()

Digest Algorithm; optional

getMapper

public FileNameMapper getMapper()

get the active mapper; may be null

Returns:

mapper or null

Since:

Ant 1.7

getSigAlg

public String getSigAlg()

Signature Algorithm; optional

getTsacert

public String getTsacert()

get the -tsacert option

Returns:

a certificate alias or null

Since:

Ant 1.7

getTsaproxyhost

public String getTsaproxyhost()

Get the proxy host to be used when connecting to the TSA url

Returns:

url or null

Since:

Ant 1.9.5

getTsaproxyport

public String getTsaproxyport()

Get the proxy host to be used when connecting to the TSA url

Returns:

url or null

Since:

Ant 1.9.5

getTsaurl

public String getTsaurl()

get the -tsaurl url

Returns:

url or null

Since:

Ant 1.7

isForce

public boolean isForce()

Should the task force signing of a jar even it is already signed?

Since:

Ant 1.8.0

isSigned

protected boolean isSigned(File file)

test for a file being signed, by looking for a signature in the META-INF directory with our alias/sigfile.

Parameters:

file - the file to be checked

Returns:

true if the file is signed

See Also:

IsSigned.isSigned(File, String)

isUpToDate

protected boolean isUpToDate(File jarFile,
                             File signedjarFile)

Compare a jar file with its corresponding signed jar. The logic for this is complex, and best explained in the source itself. Essentially if either file doesn't exist, or the destfile has an out of date timestamp, then the return value is false.

If we are signing ourself, the check isSigned(File) is used to trigger the process.

Parameters:

jarFile - the unsigned jar file

signedjarFile - the result signed jar file

Returns:

true if the signedjarFile is considered up to date

setDestDir

public void setDestDir(File destDir)

Optionally sets the output directory to be used.

Parameters:

destDir - the directory in which to place signed jars

Since:

Ant 1.7

setDigestAlg

public void setDigestAlg(String digestAlg)

Digest Algorithm; optional

Parameters:

digestAlg - the digest algorithm

setForce

public void setForce(boolean b)

Whether to force signing of a jar even it is already signed.

Since:

Ant 1.8.0

setInternalsf

public void setInternalsf(boolean internalsf)

Flag to include the .SF file inside the signature; optional; default false

Parameters:

internalsf - if true include the .SF file inside the signature

setLazy

public void setLazy(boolean lazy)

flag to control whether the presence of a signature file means a JAR is signed; optional, default false

Parameters:

lazy - flag to control whether the presence of a signature

setPreserveLastModified

public void setPreserveLastModified(boolean preserveLastModified)

true to indicate that the signed jar modification date remains the same as the original. Defaults to false

Parameters:

preserveLastModified - if true preserve the last modified time

setSectionsonly

public void setSectionsonly(boolean sectionsonly)

flag to compute hash of entire manifest; optional, default false

Parameters:

sectionsonly - flag to compute hash of entire manifest

setSigAlg

public void setSigAlg(String sigAlg)

Signature Algorithm; optional

Parameters:

sigAlg - the signature algorithm

setSigfile

public void setSigfile(String sigfile)

name of .SF/.DSA file; optional

Parameters:

sigfile - the name of the .SF/.DSA file

setSignedjar

public void setSignedjar(File signedjar)

name of signed JAR file; optional

Parameters:

signedjar - the name of the signed jar file

setTsacert

public void setTsacert(String tsacert)

set the alias in the keystore of the TSA to use;

Parameters:

tsacert - the cert alias.

setTsaproxyhost

public void setTsaproxyhost(String tsaproxyhost)

Parameters:

tsaproxyhost - the proxy host to be used when connecting to the TSA.

Since:

Ant 1.9.5

setTsaproxyport

public void setTsaproxyport(String tsaproxyport)

Parameters:

tsaproxyport - the proxy port to be used when connecting to the TSA.

Since:

Ant 1.9.5

setTsaurl

public void setTsaurl(String tsaurl)

Parameters:

tsaurl - the tsa url.

Since:

Ant 1.7