eclipse-jarsigner:sign

Full name:

org.eclipse.cbi.maven.plugins:eclipse-jarsigner-plugin:1.1.3:sign

Description:

Signs project main and attached artifacts using the Eclipse jarsigner webservice. Only artifacts with .jar extension are signed, other artifacts are not signed but a warning message is logged.

Attributes:

  • Requires a Maven project to be executed.
  • Binds by default to the lifecycle phase: package.

Required Parameters

Name Type Since Description
signerUrl String 1.0.4 The signing service URL for signing Jar files. This service should return a signed jar file.
Default value is: http://build.eclipse.org:31338/sign.
User property is: cbi.jarsigner.signerUrl.

Optional Parameters

Name Type Since Description
continueOnFail boolean 1.0.5 (for the parameter, since 1.1.3 for the qualified user property). Whether the build should be stopped if the signing process fails.
Default value is: false.
User property is: cbi.jarsigner.continueOnFail.
deprecatedContinueOnFail boolean 1.0.5 (for the user property, since 1.1.3 for the parameter). Deprecated. The user property continueOnFail is deprecated. You should use the qualified property cbi.jarsigner.continueOnFail instead. The deprecatedContinueOnFail parameter has been introduced to support this deprecated user property for backward compatibility only.
Default value is: false.
User property is: continueOnFail.
deprecatedRetryLimit int 1.1.0 (for the property, since 1.1.3 for the parameter) Deprecated. The user property retryLimit is deprecated. You should use the qualified property cbi.jarsigner.retryLimit instead. The deprecatedRetryLimit parameter has been introduced to support this deprecated user property for backward compatibility only.
Default value is: 3.
User property is: retryLimit.
deprecatedRetryTimer int 1.1.0 (for the user property, since 1.1.3 for the parameter). Deprecated. The user property retryTimer is deprecated. You should use the qualified property cbi.jarsigner.retryTimer instead. The deprecatedRetryTimer parameter has been introduced to support this deprecated user property for backward compatibility only.
Default value is: 10.
User property is: retryTimer.
digestAlgorithm MessageDigestAlgorithm 1.1.3 The digest algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • MD2
  • MD5
  • SHA_1
  • SHA1 Use this value if you need to be compatible with some old frameworks (e.g., Eclipse Equinox 3.7 / Indigo). Use SHA_1 otherwise.
  • SHA_224
  • SHA_256
  • SHA_384
  • SHA_512

Default value is: DEFAULT.
User property is: cbi.jarsigner.digestAlgorithm.
excludeInnerJars boolean 1.0.5 Whether to excludes signing inner jars (not recursive, only apply to first level Jars inside the build Jar file; deeper jars are ignored in all cases).
Default value is: false.
resigningStrategy JarResigner$Strategy 1.1.3 The strategy to be used if the artifacts of the current project are already signed (e.g., when replaced with a baseline version). Valid values are:
  • DO_NOT_RESIGN, do nothing with the jar file
  • THROW_EXCEPTION, throws an exception and stop the build if continueOnFail property is not set
  • RESIGN, resigns the jar with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • RESIGN_WITH_SAME_DIGEST_ALGORITHM, resigns the jar with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • OVERWRITE, removes every signatures from the jar and resigned it with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • OVERWRITE_WITH_SAME_DIGEST_ALGORITHM, removes every signatures from the jar and resign it with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.

Default value is: RESIGN.
User property is: cbi.jarsigner.resigningStrategy.
retryLimit int 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property) Number of times to retry signing if the server fails to sign.
Default value is: 3.
User property is: cbi.jarsigner.retryLimit.
retryTimer int 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property) Number of seconds to wait before retrying to sign.
Default value is: 10.
User property is: cbi.jarsigner.retryTimer.
signatureAlgorithm SignatureAlgorithm 1.1.3 The signature algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • NONEwithRSA
  • MD2withRSA
  • MD5withRSA
  • SHA1withRSA
  • SHA224withRSA
  • SHA256withRSA
  • SHA384withRSA
  • SHA512withRSA
  • SHA1withDSA
  • SHA224withDSA
  • SHA256withDSA
  • NONEwithECDSA
  • SHA1withECDSA
  • SHA224withECDSA
  • SHA256withECDSA
  • SHA384withECDSA
  • SHA512withECDSA

Default value is: DEFAULT.
User property is: cbi.jarsigner.signatureAlgorithm.
skip boolean 1.0.4 Whether the execution of this plugin should be skipped.
Default value is: false.
User property is: cbi.jarsigner.skip.
supportedProjectTypes List - Deprecated. Not used anymore.

Parameter Details

continueOnFail:

Whether the build should be stopped if the signing process fails.
  • Type: boolean
  • Since: 1.0.5 (for the parameter, since 1.1.3 for the qualified user property).
  • Required: No
  • User Property: cbi.jarsigner.continueOnFail
  • Default: false

deprecatedContinueOnFail:

Deprecated. The user property continueOnFail is deprecated. You should use the qualified property cbi.jarsigner.continueOnFail instead. The deprecatedContinueOnFail parameter has been introduced to support this deprecated user property for backward compatibility only.
Whether the build should be stopped if the signing process fails.
  • Type: boolean
  • Since: 1.0.5 (for the user property, since 1.1.3 for the parameter).
  • Required: No
  • User Property: continueOnFail
  • Default: false

deprecatedRetryLimit:

Deprecated. The user property retryLimit is deprecated. You should use the qualified property cbi.jarsigner.retryLimit instead. The deprecatedRetryLimit parameter has been introduced to support this deprecated user property for backward compatibility only.
Number of times to retry signing if the server fails to sign.
  • Type: int
  • Since: 1.1.0 (for the property, since 1.1.3 for the parameter)
  • Required: No
  • User Property: retryLimit
  • Default: 3

deprecatedRetryTimer:

Deprecated. The user property retryTimer is deprecated. You should use the qualified property cbi.jarsigner.retryTimer instead. The deprecatedRetryTimer parameter has been introduced to support this deprecated user property for backward compatibility only.
Number of seconds to wait before retrying to sign.
  • Type: int
  • Since: 1.1.0 (for the user property, since 1.1.3 for the parameter).
  • Required: No
  • User Property: retryTimer
  • Default: 10

digestAlgorithm:

The digest algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • MD2
  • MD5
  • SHA_1
  • SHA1 Use this value if you need to be compatible with some old frameworks (e.g., Eclipse Equinox 3.7 / Indigo). Use SHA_1 otherwise.
  • SHA_224
  • SHA_256
  • SHA_384
  • SHA_512
  • Type: org.eclipse.cbi.common.security.MessageDigestAlgorithm
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.digestAlgorithm
  • Default: DEFAULT

excludeInnerJars:

Whether to excludes signing inner jars (not recursive, only apply to first level Jars inside the build Jar file; deeper jars are ignored in all cases).
  • Type: boolean
  • Since: 1.0.5
  • Required: No
  • Default: false

resigningStrategy:

The strategy to be used if the artifacts of the current project are already signed (e.g., when replaced with a baseline version). Valid values are:
  • DO_NOT_RESIGN, do nothing with the jar file
  • THROW_EXCEPTION, throws an exception and stop the build if continueOnFail property is not set
  • RESIGN, resigns the jar with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • RESIGN_WITH_SAME_DIGEST_ALGORITHM, resigns the jar with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • OVERWRITE, removes every signatures from the jar and resigned it with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • OVERWRITE_WITH_SAME_DIGEST_ALGORITHM, removes every signatures from the jar and resign it with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • Type: org.eclipse.cbi.maven.plugins.jarsigner.JarResigner$Strategy
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.resigningStrategy
  • Default: RESIGN

retryLimit:

Number of times to retry signing if the server fails to sign.
  • Type: int
  • Since: 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property)
  • Required: No
  • User Property: cbi.jarsigner.retryLimit
  • Default: 3

retryTimer:

Number of seconds to wait before retrying to sign.
  • Type: int
  • Since: 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property)
  • Required: No
  • User Property: cbi.jarsigner.retryTimer
  • Default: 10

signatureAlgorithm:

The signature algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • NONEwithRSA
  • MD2withRSA
  • MD5withRSA
  • SHA1withRSA
  • SHA224withRSA
  • SHA256withRSA
  • SHA384withRSA
  • SHA512withRSA
  • SHA1withDSA
  • SHA224withDSA
  • SHA256withDSA
  • NONEwithECDSA
  • SHA1withECDSA
  • SHA224withECDSA
  • SHA256withECDSA
  • SHA384withECDSA
  • SHA512withECDSA
  • Type: org.eclipse.cbi.common.security.SignatureAlgorithm
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.signatureAlgorithm
  • Default: DEFAULT

signerUrl:

The signing service URL for signing Jar files. This service should return a signed jar file.
  • Type: java.lang.String
  • Since: 1.0.4
  • Required: Yes
  • User Property: cbi.jarsigner.signerUrl
  • Default: http://build.eclipse.org:31338/sign

skip:

Whether the execution of this plugin should be skipped.
  • Type: boolean
  • Since: 1.0.4
  • Required: No
  • User Property: cbi.jarsigner.skip
  • Default: false

supportedProjectTypes:

Deprecated. Not used anymore.
Project types which this plugin supports.
  • Type: java.util.List
  • Required: No