This component provides some utilities to sign/verify jars/files in your Mojos.
<dependency>
<groupId>org.apache.maven.shared</groupId>
<artifactId>maven-jarsigner</artifactId>
<version>1.1</version>
</dependency>You must construct a JarSignerSignRequest. See javadoc for more available options.
JarSignerSignRequest jarSignerRequest = new JarSignerSignRequest();
jarSignerRequest.setArchive( target );
jarSignerRequest.setKeystore( "src/test/keystore" );
jarSignerRequest.setVerbose( true );
jarSignerRequest.setAlias( "foo_alias" );
jarSignerRequest.setKeypass( "key-passwd" );
jarSignerRequest.setStorepass( "changeit" );
jarSignerRequest.setSignedjar( new File( "target/ssimple.jar" ) );
Now you can use the component to sign your jar:
JarSignerResult jarSignerResult = jarSigner.execute( jarSignerRequest );
// control the execution result
jarSignerResult.getExitCode()
// get exception
jarSignerResult.getExecutionException()
You must construct a JarSignerVerifyRequest. See javadoc for more available options.
JarSignerVerifyRequest request = new JarSignerVerifyRequest();
request.setCerts( true );
request.setVerbose( true );
request.setArchive( new File( "target/ssimple.jar" ) );Now you can use the component to verify your signe jar:
JarSignerResult jarSignerResult = jarSigner.execute( request );
// control the execution result
jarSignerResult.getExitCode()
// get exception
jarSignerResult.getExecutionException()