eclipse-jarsigner:sign

Full name:

org.eclipse.cbi.maven.plugins:eclipse-jarsigner-plugin:1.1.5:sign

Description:

Signs project main and attached artifacts using the Eclipse jarsigner webservice. Only artifacts with .jar extension are signed, other artifacts are not signed but a warning message is logged.

Attributes:

  • Requires a Maven project to be executed.
  • Binds by default to the lifecycle phase: package.

Required Parameters

Name Type Since Description
<signerUrl> String 1.0.4 The signing service URL for signing Jar files. This service should return a signed jar file.
Default value is: http://build.eclipse.org:31338/sign.
User property is: cbi.jarsigner.signerUrl.

Optional Parameters

Name Type Since Description
<connectTimeoutMillis> int 1.1.4 Deprecated. Use timeoutMillis instead. This one is for establishing the TCP connection only, you may be looking for a wall timeout instead.
Default value is: 5000.
User property is: cbi.jarsigner.connectTimeoutMillis.
<continueOnFail> boolean 1.0.5 (for the parameter, since 1.1.3 for the qualified user property). Whether the build should be stopped if the signing process fails.
Default value is: false.
User property is: cbi.jarsigner.continueOnFail.
<deprecatedContinueOnFail> boolean 1.0.5 (for the user property, since 1.1.3 for the parameter). Deprecated. The user property continueOnFail is deprecated. You should use the qualified property cbi.jarsigner.continueOnFail instead. The deprecatedContinueOnFail parameter has been introduced to support this deprecated user property for backward compatibility only.
Default value is: false.
User property is: continueOnFail.
<deprecatedRetryLimit> int 1.1.0 (for the property, since 1.1.3 for the parameter) Deprecated. The user property retryLimit is deprecated. You should use the qualified property cbi.jarsigner.retryLimit instead. The deprecatedRetryLimit parameter has been introduced to support this deprecated user property for backward compatibility only.
Default value is: 3.
User property is: retryLimit.
<deprecatedRetryTimer> int 1.1.0 (for the user property, since 1.1.3 for the parameter). Deprecated. The user property retryTimer is deprecated. You should use the qualified property cbi.jarsigner.retryTimer instead. The deprecatedRetryTimer parameter has been introduced to support this deprecated user property for backward compatibility only.
Default value is: 10.
User property is: retryTimer.
<digestAlgorithm> MessageDigestAlgorithm 1.1.3 The digest algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • MD2
  • MD5
  • SHA_1
  • SHA1 Use this value if you need to be compatible with some old frameworks (e.g., Eclipse Equinox 3.7 / Indigo). Use SHA_1 otherwise.
  • SHA_224
  • SHA_256
  • SHA_384
  • SHA_512

Default value is: DEFAULT.
User property is: cbi.jarsigner.digestAlgorithm.
<excludeInnerJars> boolean 1.0.5 Whether to excludes signing inner jars (not recursive, only apply to first level Jars inside the build Jar file; deeper jars are ignored in all cases).
Default value is: false.
<resigningStrategy> JarResigner$Strategy 1.1.3 The strategy to be used if the artifacts of the current project are already signed (e.g., when replaced with a baseline version). Valid values are:
  • DO_NOT_RESIGN, do nothing with the jar file
  • THROW_EXCEPTION, throws an exception and stop the build if continueOnFail property is not set
  • RESIGN, resigns the jar with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • RESIGN_WITH_SAME_DIGEST_ALGORITHM, resigns the jar with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • OVERWRITE, removes every signatures from the jar and resigned it with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • OVERWRITE_WITH_SAME_DIGEST_ALGORITHM, removes every signatures from the jar and resign it with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.

Default value is: RESIGN.
User property is: cbi.jarsigner.resigningStrategy.
<retryLimit> int 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property) Number of times to retry signing if the server fails to sign.
Default value is: 3.
User property is: cbi.jarsigner.retryLimit.
<retryTimer> int 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property) Number of seconds to wait before retrying to sign.
Default value is: 10.
User property is: cbi.jarsigner.retryTimer.
<sigFile> String 1.1.5 (no description)
User property is: cbi.jarsigner.sigFile.
<signatureAlgorithm> SignatureAlgorithm 1.1.3 The signature algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • NONEwithRSA
  • MD2withRSA
  • MD5withRSA
  • SHA1withRSA
  • SHA224withRSA
  • SHA256withRSA
  • SHA384withRSA
  • SHA512withRSA
  • SHA1withDSA
  • SHA224withDSA
  • SHA256withDSA
  • NONEwithECDSA
  • SHA1withECDSA
  • SHA224withECDSA
  • SHA256withECDSA
  • SHA384withECDSA
  • SHA512withECDSA

Default value is: DEFAULT.
User property is: cbi.jarsigner.signatureAlgorithm.
<skip> boolean 1.0.4 Whether the execution of this plugin should be skipped.
Default value is: false.
User property is: cbi.jarsigner.skip.
<supportedProjectTypes> List - Deprecated. Not used anymore.
<timeoutMillis> int 1.1.5 Defines the wall timeout in milliseconds for performing the remote request. A timeout value of zero is interpreted as an infinite timeout.
Default value is: 0.
User property is: cbi.jarsigner.timeoutMillis.

Parameter Details

<connectTimeoutMillis>

Deprecated. Use timeoutMillis instead. This one is for establishing the TCP connection only, you may be looking for a wall timeout instead.
Defines the timeout in milliseconds for establishing a TCP connection with the signing server. A timeout value of zero is interpreted as an infinite timeout.
  • Type: int
  • Since: 1.1.4
  • Required: No
  • User Property: cbi.jarsigner.connectTimeoutMillis
  • Default: 5000

<continueOnFail>

Whether the build should be stopped if the signing process fails.
  • Type: boolean
  • Since: 1.0.5 (for the parameter, since 1.1.3 for the qualified user property).
  • Required: No
  • User Property: cbi.jarsigner.continueOnFail
  • Default: false

<deprecatedContinueOnFail>

Deprecated. The user property continueOnFail is deprecated. You should use the qualified property cbi.jarsigner.continueOnFail instead. The deprecatedContinueOnFail parameter has been introduced to support this deprecated user property for backward compatibility only.
Whether the build should be stopped if the signing process fails.
  • Type: boolean
  • Since: 1.0.5 (for the user property, since 1.1.3 for the parameter).
  • Required: No
  • User Property: continueOnFail
  • Default: false

<deprecatedRetryLimit>

Deprecated. The user property retryLimit is deprecated. You should use the qualified property cbi.jarsigner.retryLimit instead. The deprecatedRetryLimit parameter has been introduced to support this deprecated user property for backward compatibility only.
Number of times to retry signing if the server fails to sign.
  • Type: int
  • Since: 1.1.0 (for the property, since 1.1.3 for the parameter)
  • Required: No
  • User Property: retryLimit
  • Default: 3

<deprecatedRetryTimer>

Deprecated. The user property retryTimer is deprecated. You should use the qualified property cbi.jarsigner.retryTimer instead. The deprecatedRetryTimer parameter has been introduced to support this deprecated user property for backward compatibility only.
Number of seconds to wait before retrying to sign.
  • Type: int
  • Since: 1.1.0 (for the user property, since 1.1.3 for the parameter).
  • Required: No
  • User Property: retryTimer
  • Default: 10

<digestAlgorithm>

The digest algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • MD2
  • MD5
  • SHA_1
  • SHA1 Use this value if you need to be compatible with some old frameworks (e.g., Eclipse Equinox 3.7 / Indigo). Use SHA_1 otherwise.
  • SHA_224
  • SHA_256
  • SHA_384
  • SHA_512
  • Type: org.eclipse.cbi.common.security.MessageDigestAlgorithm
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.digestAlgorithm
  • Default: DEFAULT

<excludeInnerJars>

Whether to excludes signing inner jars (not recursive, only apply to first level Jars inside the build Jar file; deeper jars are ignored in all cases).
  • Type: boolean
  • Since: 1.0.5
  • Required: No
  • Default: false

<resigningStrategy>

The strategy to be used if the artifacts of the current project are already signed (e.g., when replaced with a baseline version). Valid values are:
  • DO_NOT_RESIGN, do nothing with the jar file
  • THROW_EXCEPTION, throws an exception and stop the build if continueOnFail property is not set
  • RESIGN, resigns the jar with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • RESIGN_WITH_SAME_DIGEST_ALGORITHM, resigns the jar with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • OVERWRITE, removes every signatures from the jar and resigned it with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • OVERWRITE_WITH_SAME_DIGEST_ALGORITHM, removes every signatures from the jar and resign it with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • Type: org.eclipse.cbi.maven.plugins.jarsigner.JarResigner$Strategy
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.resigningStrategy
  • Default: RESIGN

<retryLimit>

Number of times to retry signing if the server fails to sign.
  • Type: int
  • Since: 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property)
  • Required: No
  • User Property: cbi.jarsigner.retryLimit
  • Default: 3

<retryTimer>

Number of seconds to wait before retrying to sign.
  • Type: int
  • Since: 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property)
  • Required: No
  • User Property: cbi.jarsigner.retryTimer
  • Default: 10

<sigFile>

(no description)
  • Type: java.lang.String
  • Since: 1.1.5
  • Required: No
  • User Property: cbi.jarsigner.sigFile

<signatureAlgorithm>

The signature algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • NONEwithRSA
  • MD2withRSA
  • MD5withRSA
  • SHA1withRSA
  • SHA224withRSA
  • SHA256withRSA
  • SHA384withRSA
  • SHA512withRSA
  • SHA1withDSA
  • SHA224withDSA
  • SHA256withDSA
  • NONEwithECDSA
  • SHA1withECDSA
  • SHA224withECDSA
  • SHA256withECDSA
  • SHA384withECDSA
  • SHA512withECDSA
  • Type: org.eclipse.cbi.common.security.SignatureAlgorithm
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.signatureAlgorithm
  • Default: DEFAULT

<signerUrl>

The signing service URL for signing Jar files. This service should return a signed jar file.
  • Type: java.lang.String
  • Since: 1.0.4
  • Required: Yes
  • User Property: cbi.jarsigner.signerUrl
  • Default: http://build.eclipse.org:31338/sign

<skip>

Whether the execution of this plugin should be skipped.
  • Type: boolean
  • Since: 1.0.4
  • Required: No
  • User Property: cbi.jarsigner.skip
  • Default: false

<supportedProjectTypes>

Deprecated. Not used anymore.
Project types which this plugin supports.
  • Type: java.util.List
  • Required: No

<timeoutMillis>

Defines the wall timeout in milliseconds for performing the remote request. A timeout value of zero is interpreted as an infinite timeout.
  • Type: int
  • Since: 1.1.5
  • Required: No
  • User Property: cbi.jarsigner.timeoutMillis
  • Default: 0