org.apache.tools.ant.taskdefs

Class SignJar

java.lang.Object

org.apache.tools.ant.ProjectComponent

org.apache.tools.ant.Task

org.apache.tools.ant.taskdefs.AbstractJarSignerTask

org.apache.tools.ant.taskdefs.SignJar

All Implemented Interfaces:

Cloneable

public class SignJar
extends org.apache.tools.ant.taskdefs.AbstractJarSignerTask

Signs JAR or ZIP files with the javasign command line tool. The tool detailed dependency checking: files are only signed if they are not signed. The signjar attribute can point to the file to generate; if this file exists then its modification date is used as a cue as to whether to resign any JAR file. Timestamp driven signing is based on the unstable and inadequately documented information in the Java1.5 docs

Since:

Ant 1.1

See Also:

beta documentation

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SignJar.JarConfigResolved
static class	SignJar.JarsConfig
static interface	SignJar.SigningListener

Field Summary

Fields

Modifier and Type	Field and Description
protected File	destDir the output directory when using paths.
static String	ERROR_BAD_MAP error string for unit test verification: "Cannot map source file to anything sensible: "
static String	ERROR_MAPPER_WITHOUT_DEST error string for unit test verification: "The destDir attribute is required if a mapper is set"
static String	ERROR_NO_ALIAS error string for unit test verification: "alias attribute must be set"
static String	ERROR_NO_STOREPASS error string for unit test verification: "storepass attribute must be set"
static String	ERROR_SIGNEDJAR_AND_PATHS error string for unit test verification "You cannot specify the signed JAR when using paths or filesets"
static String	ERROR_TODIR_AND_SIGNEDJAR error string for unit test verification: "\'destdir\' and \'signedjar\' cannot both be set"
static String	ERROR_TOO_MANY_MAPPERS error string for unit test verification: "Too many mappers"
protected boolean	internalsf flag for internal sf signing
protected boolean	lazy Whether to assume a jar which has an appropriate .SF file in is already signed.
protected boolean	sectionsonly sign sections only?
protected String	sigfile name to a signature file
protected File	signedjar name of a single jar
protected String	tsacert alias for the TSA in the keystore
protected String	tsaurl URL for a tsa; null implies no tsa support

Fields inherited from class org.apache.tools.ant.taskdefs.AbstractJarSignerTask

alias, ERROR_NO_SOURCE, filesets, jar, JARSIGNER_COMMAND, keypass, keystore, maxMemory, storepass, storetype, strict, verbose

Fields inherited from class org.apache.tools.ant.Task

target, taskName, taskType, wrapper

Fields inherited from class org.apache.tools.ant.ProjectComponent

description, location, project

Constructor Summary

Constructors

Constructor and Description
SignJar()

Method Summary

Methods

Modifier and Type	Method and Description
void	add(org.apache.tools.ant.util.FileNameMapper newMapper) add a mapper to determine file naming policy.
void	execute() sign the jar(s)
File	getBasedir()
String	getDigestAlg() Digest Algorithm; optional
List<org.apache.tools.ant.taskdefs.Property>	getExtraManifestAttributes()
SignJar.SigningListener	getJarListener()
List<SignJar.JarsConfig>	getJarsConfigs()
org.apache.tools.ant.util.FileNameMapper	getMapper() get the active mapper; may be null
Integer	getPack200Effort()
String	getSigAlg() Signature Algorithm; optional
String	getTsacert() get the -tsacert option
String	getTsaurl() get the -tsaurl url
boolean	isDestFlatten()
boolean	isForce() Should the task force signing of a jar even it is already signed?
boolean	isPack200()
protected boolean	isSigned(File file) test for a file being signed, by looking for a signature in the META-INF directory with our alias/sigfile.
boolean	isUnsignFirst()
protected boolean	isUpToDate(File jarFile, File signedjarFile) Compare a jar file with its corresponding signed jar.
void	setBasedir(File basedir)
void	setDestDir(File destDir) Optionally sets the output directory to be used.
void	setDestFlatten(boolean destFlatten)
void	setDigestAlg(String digestAlg) Digest Algorithm; optional
void	setExtraManifestAttributes(List<org.apache.tools.ant.taskdefs.Property> extraManifestAttributes)
void	setForce(boolean b) Whether to force signing of a jar even it is already signed.
void	setInternalsf(boolean internalsf) Flag to include the .SF file inside the signature; optional; default false
void	setJarsConfigs(List<SignJar.JarsConfig> jarsConfigs)
void	setLazy(boolean lazy) flag to control whether the presence of a signature file means a JAR is signed; optional, default false
void	setPack200(boolean pack200)
void	setPack200Effort(Integer pack200Effort)
void	setPreserveLastModified(boolean preserveLastModified) true to indicate that the signed jar modification date remains the same as the original.
void	setRetryCount(int retryCount)
void	setSectionsonly(boolean sectionsonly) flag to compute hash of entire manifest; optional, default false
void	setSigAlg(String sigAlg) Signature Algorithm; optional
void	setSigfile(String sigfile) name of .SF/.DSA file; optional
void	setSignedjar(File signedjar) name of signed JAR file; optional
void	setSigningListener(SignJar.SigningListener jarListener)
void	setTsacert(String tsacert) set the alias in the keystore of the TSA to use;
void	setTsaurl(String tsaurl)
void	setUnsignFirst(boolean unsignFirst)

Methods inherited from class org.apache.tools.ant.taskdefs.AbstractJarSignerTask

addFileset, addSysproperty, addValue, beginExecution, bindToKeystore, createJarSigner, createPath, createUnifiedSourcePath, createUnifiedSources, declareSysProperty, endExecution, getRedirector, hasResources, setAlias, setCommonOptions, setExecutable, setJar, setKeypass, setKeystore, setMaxmemory, setStorepass, setStoretype, setStrict, setVerbose

Methods inherited from class org.apache.tools.ant.Task

bindToOwner, getOwningTarget, getRuntimeConfigurableWrapper, getTaskName, getTaskType, getWrapper, handleErrorFlush, handleErrorOutput, handleFlush, handleInput, handleOutput, init, isInvalid, log, log, log, log, maybeConfigure, perform, reconfigure, setOwningTarget, setRuntimeConfigurableWrapper, setTaskName, setTaskType

Methods inherited from class org.apache.tools.ant.ProjectComponent

clone, getDescription, getLocation, getProject, setDescription, setLocation, setProject

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

sigfile

protected String sigfile

name to a signature file

signedjar

protected File signedjar

name of a single jar

internalsf

protected boolean internalsf

flag for internal sf signing

sectionsonly

protected boolean sectionsonly

sign sections only?

lazy

protected boolean lazy

Whether to assume a jar which has an appropriate .SF file in is already signed.

destDir

protected File destDir

the output directory when using paths.

tsaurl

protected String tsaurl

URL for a tsa; null implies no tsa support

tsacert

protected String tsacert

alias for the TSA in the keystore

ERROR_TODIR_AND_SIGNEDJAR

public static final String ERROR_TODIR_AND_SIGNEDJAR

error string for unit test verification: "\'destdir\' and \'signedjar\' cannot both be set"

See Also:

Constant Field Values

ERROR_TOO_MANY_MAPPERS

public static final String ERROR_TOO_MANY_MAPPERS

error string for unit test verification: "Too many mappers"

See Also:

Constant Field Values

ERROR_SIGNEDJAR_AND_PATHS

public static final String ERROR_SIGNEDJAR_AND_PATHS

error string for unit test verification "You cannot specify the signed JAR when using paths or filesets"

See Also:

Constant Field Values

ERROR_BAD_MAP

public static final String ERROR_BAD_MAP

error string for unit test verification: "Cannot map source file to anything sensible: "

See Also:

Constant Field Values

ERROR_MAPPER_WITHOUT_DEST

public static final String ERROR_MAPPER_WITHOUT_DEST

error string for unit test verification: "The destDir attribute is required if a mapper is set"

See Also:

Constant Field Values

ERROR_NO_ALIAS

public static final String ERROR_NO_ALIAS

error string for unit test verification: "alias attribute must be set"

See Also:

Constant Field Values

ERROR_NO_STOREPASS

public static final String ERROR_NO_STOREPASS

error string for unit test verification: "storepass attribute must be set"

See Also:

Constant Field Values

Constructor Detail

SignJar

public SignJar()

Method Detail

setSigningListener

public void setSigningListener(SignJar.SigningListener jarListener)

getJarListener

public SignJar.SigningListener getJarListener()

setRetryCount

public void setRetryCount(int retryCount)

setSigfile

public void setSigfile(String sigfile)

name of .SF/.DSA file; optional

Parameters:

sigfile - the name of the .SF/.DSA file

setSignedjar

public void setSignedjar(File signedjar)

name of signed JAR file; optional

Parameters:

signedjar - the name of the signed jar file

setInternalsf

public void setInternalsf(boolean internalsf)

Flag to include the .SF file inside the signature; optional; default false

Parameters:

internalsf - if true include the .SF file inside the signature

setSectionsonly

public void setSectionsonly(boolean sectionsonly)

flag to compute hash of entire manifest; optional, default false

Parameters:

sectionsonly - flag to compute hash of entire manifest

setLazy

public void setLazy(boolean lazy)

flag to control whether the presence of a signature file means a JAR is signed; optional, default false

Parameters:

lazy - flag to control whether the presence of a signature

setDestDir

public void setDestDir(File destDir)

Optionally sets the output directory to be used.

Parameters:

destDir - the directory in which to place signed jars

Since:

Ant 1.7

add

public void add(org.apache.tools.ant.util.FileNameMapper newMapper)

add a mapper to determine file naming policy. Only used with toDir processing.

Parameters:

newMapper - the mapper to add.

Since:

Ant 1.7

getMapper

public org.apache.tools.ant.util.FileNameMapper getMapper()

get the active mapper; may be null

Returns:

mapper or null

Since:

Ant 1.7

getTsaurl

public String getTsaurl()

get the -tsaurl url

Returns:

url or null

Since:

Ant 1.7

setTsaurl

public void setTsaurl(String tsaurl)

Parameters:

tsaurl - the tsa url.

Since:

Ant 1.7

getTsacert

public String getTsacert()

get the -tsacert option

Returns:

a certificate alias or null

Since:

Ant 1.7

setTsacert

public void setTsacert(String tsacert)

set the alias in the keystore of the TSA to use;

Parameters:

tsacert - the cert alias.

setForce

public void setForce(boolean b)

Whether to force signing of a jar even it is already signed.

Since:

Ant 1.8.0

isForce

public boolean isForce()

Should the task force signing of a jar even it is already signed?

Since:

Ant 1.8.0

setSigAlg

public void setSigAlg(String sigAlg)

Signature Algorithm; optional

Parameters:

sigAlg - the signature algorithm

getSigAlg

public String getSigAlg()

Signature Algorithm; optional

setDigestAlg

public void setDigestAlg(String digestAlg)

Digest Algorithm; optional

Parameters:

digestAlg - the digest algorithm

getDigestAlg

public String getDigestAlg()

Digest Algorithm; optional

isUnsignFirst

public boolean isUnsignFirst()

setUnsignFirst

public void setUnsignFirst(boolean unsignFirst)

getExtraManifestAttributes

public List<org.apache.tools.ant.taskdefs.Property> getExtraManifestAttributes()

setExtraManifestAttributes

public void setExtraManifestAttributes(List<org.apache.tools.ant.taskdefs.Property> extraManifestAttributes)

getJarsConfigs

public List<SignJar.JarsConfig> getJarsConfigs()

setJarsConfigs

public void setJarsConfigs(List<SignJar.JarsConfig> jarsConfigs)

getBasedir

public File getBasedir()

setBasedir

public void setBasedir(File basedir)

isDestFlatten

public boolean isDestFlatten()

setDestFlatten

public void setDestFlatten(boolean destFlatten)

isPack200

public boolean isPack200()

setPack200

public void setPack200(boolean pack200)

getPack200Effort

public Integer getPack200Effort()

setPack200Effort

public void setPack200Effort(Integer pack200Effort)

execute

public void execute()
             throws org.apache.tools.ant.BuildException

sign the jar(s)

Overrides:

execute in class org.apache.tools.ant.Task

Throws:

org.apache.tools.ant.BuildException - on errors

isUpToDate

protected boolean isUpToDate(File jarFile,
                 File signedjarFile)

Compare a jar file with its corresponding signed jar. The logic for this is complex, and best explained in the source itself. Essentially if either file doesnt exist, or the destfile has an out of date timestamp, then the return value is false.

If we are signing ourself, the check isSigned(File) is used to trigger the process.

Parameters:

jarFile - the unsigned jar file

signedjarFile - the result signed jar file

Returns:

true if the signedjarFile is considered up to date

isSigned

protected boolean isSigned(File file)

test for a file being signed, by looking for a signature in the META-INF directory with our alias/sigfile.

Parameters:

file - the file to be checked

Returns:

true if the file is signed

See Also:

IsSigned.isSigned(File, String)

setPreserveLastModified

public void setPreserveLastModified(boolean preserveLastModified)

true to indicate that the signed jar modification date remains the same as the original. Defaults to false

Parameters:

preserveLastModified - if true preserve the last modified time