| ------ |
| Overview |
| ------ |
| Olivier Lamy |
| ------ |
| 2011-11-01 |
| ------ |
| |
| ~~ Licensed to the Apache Software Foundation (ASF) under one |
| ~~ or more contributor license agreements. See the NOTICE file |
| ~~ distributed with this work for additional information |
| ~~ regarding copyright ownership. The ASF licenses this file |
| ~~ to you under the Apache License, Version 2.0 (the |
| ~~ "License"); you may not use this file except in compliance |
| ~~ with the License. You may obtain a copy of the License at |
| ~~ |
| ~~ http://www.apache.org/licenses/LICENSE-2.0 |
| ~~ |
| ~~ Unless required by applicable law or agreed to in writing, |
| ~~ software distributed under the License is distributed on an |
| ~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| ~~ KIND, either express or implied. See the License for the |
| ~~ specific language governing permissions and limitations |
| ~~ under the License. |
| |
| ~~ NOTE: For help with the syntax of this file, see: |
| ~~ http://maven.apache.org/doxia/references/apt-format.html |
| |
| Overview |
| |
| This component provides some utilities to sign/verify jars/files in your Mojos. |
| |
| * Dependency declaration |
| |
| +--------- |
| <dependency> |
| <groupId>org.apache.maven.shared</groupId> |
| <artifactId>maven-jarsigner</artifactId> |
| <version>${project.version}</version> |
| </dependency> |
| +--------- |
| |
| * Sign a jar |
| |
| You must construct a JarSignerSignRequest. See {{{./apidocs/org/apache/maven/shared/jarsigner/JarSignerSignRequest.html}javadoc}} for more available options. |
| |
| +--------- |
| |
| JarSignerSignRequest jarSignerRequest = new JarSignerSignRequest(); |
| jarSignerRequest.setArchive( target ); |
| jarSignerRequest.setKeystore( "src/test/keystore" ); |
| jarSignerRequest.setVerbose( true ); |
| jarSignerRequest.setAlias( "foo_alias" ); |
| jarSignerRequest.setKeypass( "key-passwd" ); |
| jarSignerRequest.setStorepass( "changeit" ); |
| jarSignerRequest.setSignedjar( new File( "target/ssimple.jar" ) ); |
| |
| +--------- |
| |
| Now you can use the component to sign your jar: |
| |
| +--------- |
| |
| JarSignerResult jarSignerResult = jarSigner.execute( jarSignerRequest ); |
| // control the execution result |
| jarSignerResult.getExitCode() |
| // get exception |
| jarSignerResult.getExecutionException() |
| |
| +--------- |
| |
| * Verify a signed jar |
| |
| You must construct a JarSignerVerifyRequest. See {{{./apidocs/org/apache/maven/shared/jarsigner/JarSignerVerifyRequest.html}javadoc}} for more available options. |
| |
| +---------- |
| JarSignerVerifyRequest request = new JarSignerVerifyRequest(); |
| request.setCerts( true ); |
| request.setVerbose( true ); |
| request.setArchive( new File( "target/ssimple.jar" ) ); |
| +---------- |
| |
| Now you can use the component to verify your signe jar: |
| |
| +---------- |
| JarSignerResult jarSignerResult = jarSigner.execute( request ); |
| // control the execution result |
| jarSignerResult.getExitCode() |
| // get exception |
| jarSignerResult.getExecutionException() |
| +---------- |
| |