Skip to content

sprosper/GST-jarsigner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.settings
.settings
 
 
bin/org/gstjs
bin/org/gstjs
 
 
launchers/maven
launchers/maven
 
 
releases
releases
 
 
src/main
src/main
 
 
.classpath
.classpath
 
 
.gitignore
.gitignore
 
 
.project
.project
 
 
README.MD
README.MD
 
 
pom.xml
pom.xml
 
 

Repository files navigation

This is a tool to fast sign jar with certificate on an USB token. Oracle jarsigner tool have the problem of access USB to calculate jar classes hashes an this critically slow down the overall process when jar contains thousands of elements.

Usage:

With installed driver and connected token, using a java version >= 1.8, type:

java -jar GST-jarsigner-1.0.jar [parameters] jar-file alias

mandatory parameters

-providerArg token configuration file

-storepass token password

optional parameters:

[-test] debug output

[-signaturename ] name of file .SF/.RSA

[-tsa ] Timestamping Authority URL

example:

java -jar GST-jarsigner-1.0.jar -test -signaturename MYSIGNNAME -providerArg C:\eToken.cfg -storepass *** -tsa http://rfc3161timestamp.globalsign.com/advanced application.jar "te-ed12c5f8-6b3e-43c4-8461-7f58b7325a46"

Example of configuration file eToken.cfg:

name=eToken library=c:\WINDOWS\system32\eTPKCS11.dll

The tool will sign jar-file with certificate on token specified with alias. Sign Algorihtm is SHA256_RSA.

I realized this project starting from this:

https://github.com/kaikramer/keystore-explorer

taking a look to Oracle jarsigner code for the token interaction, and removing the graphical stuff to use it in an automatic maven build.

This is a little example of use in maven:

...
<plugin>
	<groupId>org.codehaus.mojo</groupId>
	<artifactId>exec-maven-plugin</artifactId>
	<executions>
		<execution>
		<id>Sign ${project.artifactId}-${project.version} with certificate on token</id>
			<goals>
				<goal>exec</goal>
			</goals>
			<phase>package</phase>
			<configuration>
				<executable>${java8.home}/bin/java</executable>
				<arguments>
					<argument>-jar</argument>
					<argument>${signJar-jar}</argument>
					<argument>-providerArg</argument>
					<argument>${confirmatoken-configurationfile}</argument>
					<argument>-tsa</argument>
					<argument>${tsaUrl}</argument>
					<argument>-storepass</argument>
					<argument>${token-password}</argument>
					<argument>target/${project.artifactId}-${project.version}.jar</argument>
					<argument>${confirmatoken-alias}</argument>
				</arguments>
			</configuration>
		</execution>
	</executions>
</plugin>
 ...

I'm not a java expert and I went right to the result for my needs.

So you will find a lot of "dirty" code :), but I can assure it works fine for the purpouse!

About

jarsigner to fast sign with GlobalSign certificate on token

Topics

jarsigner

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages