eclipse-jarsigner-plugin:sign
Full name:
org.eclipse.cbi.maven.plugins:eclipse-jarsigner-plugin:1.5.3-SNAPSHOT:sign
Description:
Signs project main and attached artifacts using the Eclipse jarsigner webservice. Only artifacts with .jar
extension are signed, other artifacts are not signed but a warning message is logged.
Attributes:
- Requires a Maven project to be executed.
- The goal is thread-safe and supports parallel builds.
- Binds by default to the lifecycle phase:
package
.
Required Parameters
Name | Type | Since | Description |
---|---|---|---|
<signerUrl> |
String |
1.0.4 |
The signing service URL for signing Jar files. This service should return a signed jar file. Default: https://cbi.eclipse.org/jarsigner/sign User Property: cbi.jarsigner.signerUrl |
Optional Parameters
Name | Type | Since | Description |
---|---|---|---|
<archiveDirectory> |
File |
- |
No description. User Property: cbi.jarsigner.archiveDirectory |
<connectTimeoutMillis> |
int |
1.1.4 |
Deprecated. Use timeoutMillis instead. This one is for establishing the TCP connection only, you may be looking for a wall timeout instead. Defines the timeout in milliseconds for establishing a TCP connection with the signing server. A timeout value of zero is interpreted as an infinite timeout. Default: 5000 User Property: cbi.jarsigner.connectTimeoutMillis |
<continueOnFail> |
boolean |
1.0.5 (for the parameter, since 1.1.3 for the qualified user property). |
Whether the build should be stopped if the signing process fails. Default: false User Property: cbi.jarsigner.continueOnFail |
<deprecatedContinueOnFail> |
boolean |
1.0.5 (for the user property, since 1.1.3 for the parameter). |
Deprecated. The user property continueOnFail is deprecated. You should use the qualified property cbi.jarsigner.continueOnFail instead. The deprecatedContinueOnFail parameter has been introduced to support this deprecated user property for backward compatibility only.Whether the build should be stopped if the signing process fails. Default: false User Property: continueOnFail |
<deprecatedRetryLimit> |
int |
1.1.0 (for the property, since 1.1.3 for the parameter) |
Deprecated. The user property retryLimit is deprecated. You should use the qualified property cbi.jarsigner.retryLimit instead. The deprecatedRetryLimit parameter has been introduced to support this deprecated user property for backward compatibility only.Number of times to retry signing if the server fails to sign. Default: 3 User Property: retryLimit |
<deprecatedRetryTimer> |
int |
1.1.0 (for the user property, since 1.1.3 for the parameter). |
Deprecated. The user property retryTimer is deprecated. You should use the qualified property cbi.jarsigner.retryTimer instead. The deprecatedRetryTimer parameter has been introduced to support this deprecated user property for backward compatibility only.Number of seconds to wait before retrying to sign. Default: 10 User Property: retryTimer |
<digestAlgorithm> |
MessageDigestAlgorithm |
1.1.3 |
The digest algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
Default: DEFAULT User Property: cbi.jarsigner.digestAlgorithm |
<excludeInnerJars> |
boolean |
1.0.5 |
Whether to excludes signing inner jars (not recursive, only apply to first level Jars inside the build Jar file; deeper jars are ignored in all cases). Default: false |
<includes> |
String[] |
- |
No description. |
<processAttachedArtifacts> |
boolean |
- |
No description. Default: true User Property: cbi.jarsigner.processAttachedArtifacts |
<processMainArtifact> |
boolean |
- |
No description. Default: true User Property: cbi.jarsigner.processMainArtifact |
<resigningStrategy> |
JarResigner$Strategy |
1.1.3 |
The strategy to be used if the artifacts of the current project are already signed (e.g., when replaced with a baseline version). Valid values are:
Default: RESIGN User Property: cbi.jarsigner.resigningStrategy |
<retryLimit> |
int |
1.1.0 (for the parameter, since 1.1.3 for the qualified user user property) |
Number of times to retry signing if the server fails to sign. Default: 3 User Property: cbi.jarsigner.retryLimit |
<retryTimer> |
int |
1.1.0 (for the parameter, since 1.1.3 for the qualified user user property) |
Number of seconds to wait before retrying to sign. Default: 10 User Property: cbi.jarsigner.retryTimer |
<sigFile> |
String |
1.1.5 |
No description. User Property: cbi.jarsigner.sigFile |
<signatureAlgorithm> |
SignatureAlgorithm |
1.1.3 |
The signature algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
Default: DEFAULT User Property: cbi.jarsigner.signatureAlgorithm |
<skip> |
boolean |
1.0.4 |
Whether the execution of this plugin should be skipped. Default: false User Property: cbi.jarsigner.skip |
<supportedProjectTypes> |
List<String> |
- |
Deprecated. Not used anymore. Project types which this plugin supports. |
<timeoutMillis> |
int |
1.1.5 |
Defines the wall timeout in milliseconds for performing the remote request. A timeout value of zero is interpreted as an infinite timeout. Default: 0 User Property: cbi.jarsigner.timeoutMillis |
Parameter Details
<archiveDirectory>
No description.
- Type:
java.io.File
- Required:
No
- User Property:
cbi.jarsigner.archiveDirectory
<connectTimeoutMillis>
Deprecated.
Use timeoutMillis instead. This one is for establishing the TCP connection only, you may be looking for a wall timeout instead.
Use timeoutMillis instead. This one is for establishing the TCP connection only, you may be looking for a wall timeout instead.
Defines the timeout in milliseconds for establishing a TCP connection with the signing server. A timeout value of zero is interpreted as an infinite timeout.
- Type:
int
- Since:
1.1.4
- Required:
No
- User Property:
cbi.jarsigner.connectTimeoutMillis
- Default:
5000
<continueOnFail>
Whether the build should be stopped if the signing process fails.
- Type:
boolean
- Since:
1.0.5 (for the parameter, since 1.1.3 for the qualified user property).
- Required:
No
- User Property:
cbi.jarsigner.continueOnFail
- Default:
false
<deprecatedContinueOnFail>
Deprecated.
The user property
The user property
continueOnFail
is deprecated. You should use the qualified property cbi.jarsigner.continueOnFail
instead. The deprecatedContinueOnFail
parameter has been introduced to support this deprecated user property for backward compatibility only.Whether the build should be stopped if the signing process fails.
- Type:
boolean
- Since:
1.0.5 (for the user property, since 1.1.3 for the parameter).
- Required:
No
- User Property:
continueOnFail
- Default:
false
<deprecatedRetryLimit>
Deprecated.
The user property
The user property
retryLimit
is deprecated. You should use the qualified property cbi.jarsigner.retryLimit
instead. The deprecatedRetryLimit
parameter has been introduced to support this deprecated user property for backward compatibility only.Number of times to retry signing if the server fails to sign.
- Type:
int
- Since:
1.1.0 (for the property, since 1.1.3 for the parameter)
- Required:
No
- User Property:
retryLimit
- Default:
3
<deprecatedRetryTimer>
Deprecated.
The user property
The user property
retryTimer
is deprecated. You should use the qualified property cbi.jarsigner.retryTimer
instead. The deprecatedRetryTimer
parameter has been introduced to support this deprecated user property for backward compatibility only.Number of seconds to wait before retrying to sign.
- Type:
int
- Since:
1.1.0 (for the user property, since 1.1.3 for the parameter).
- Required:
No
- User Property:
retryTimer
- Default:
10
<digestAlgorithm>
The digest algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
- DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
- MD2
- MD5
- SHA_1
- SHA1 Use this value if you need to be compatible with some old frameworks (e.g., Eclipse Equinox 3.7 / Indigo). Use SHA_1 otherwise.
- SHA_224
- SHA_256
- SHA_384
- SHA_512
- Type:
org.eclipse.cbi.common.security.MessageDigestAlgorithm
- Since:
1.1.3
- Required:
No
- User Property:
cbi.jarsigner.digestAlgorithm
- Default:
DEFAULT
<excludeInnerJars>
Whether to excludes signing inner jars (not recursive, only apply to first level Jars inside the build Jar file; deeper jars are ignored in all cases).
- Type:
boolean
- Since:
1.0.5
- Required:
No
- Default:
false
<includes>
No description.
- Type:
java.lang.String[]
- Required:
No
<processAttachedArtifacts>
No description.
- Type:
boolean
- Required:
No
- User Property:
cbi.jarsigner.processAttachedArtifacts
- Default:
true
<processMainArtifact>
No description.
- Type:
boolean
- Required:
No
- User Property:
cbi.jarsigner.processMainArtifact
- Default:
true
<resigningStrategy>
The strategy to be used if the artifacts of the current project are already signed (e.g., when replaced with a baseline version). Valid values are:
- DO_NOT_RESIGN, do nothing with the jar file
- THROW_EXCEPTION, throws an exception and stop the build if
continueOnFail
property is not set - RESIGN, resigns the jar with the same parameter as if it was not already signed (in particular the configured
digestAlgorithm
) - RESIGN_WITH_SAME_DIGEST_ALGORITHM, resigns the jar with the same digest algorithm as the one used when it has been previously signed. Thus, the
digestAlgorithm
is ignored for the already signed jars. - OVERWRITE, removes every signatures from the jar and resigned it with the same parameter as if it was not already signed (in particular the configured
digestAlgorithm
) - OVERWRITE_WITH_SAME_DIGEST_ALGORITHM, removes every signatures from the jar and resign it with the same digest algorithm as the one used when it has been previously signed. Thus, the
digestAlgorithm
is ignored for the already signed jars.
- Type:
org.eclipse.cbi.maven.plugins.jarsigner.JarResigner$Strategy
- Since:
1.1.3
- Required:
No
- User Property:
cbi.jarsigner.resigningStrategy
- Default:
RESIGN
<retryLimit>
Number of times to retry signing if the server fails to sign.
- Type:
int
- Since:
1.1.0 (for the parameter, since 1.1.3 for the qualified user user property)
- Required:
No
- User Property:
cbi.jarsigner.retryLimit
- Default:
3
<retryTimer>
Number of seconds to wait before retrying to sign.
- Type:
int
- Since:
1.1.0 (for the parameter, since 1.1.3 for the qualified user user property)
- Required:
No
- User Property:
cbi.jarsigner.retryTimer
- Default:
10
<sigFile>
No description.
- Type:
java.lang.String
- Since:
1.1.5
- Required:
No
- User Property:
cbi.jarsigner.sigFile
<signatureAlgorithm>
The signature algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
- DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
- NONEwithRSA
- MD2withRSA
- MD5withRSA
- SHA1withRSA
- SHA224withRSA
- SHA256withRSA
- SHA384withRSA
- SHA512withRSA
- SHA1withDSA
- SHA224withDSA
- SHA256withDSA
- NONEwithECDSA
- SHA1withECDSA
- SHA224withECDSA
- SHA256withECDSA
- SHA384withECDSA
- SHA512withECDSA
- Type:
org.eclipse.cbi.common.security.SignatureAlgorithm
- Since:
1.1.3
- Required:
No
- User Property:
cbi.jarsigner.signatureAlgorithm
- Default:
DEFAULT
<signerUrl>
The signing service URL for signing Jar files. This service should return a signed jar file.
- Type:
java.lang.String
- Since:
1.0.4
- Required:
Yes
- User Property:
cbi.jarsigner.signerUrl
- Default:
https://cbi.eclipse.org/jarsigner/sign
<skip>
Whether the execution of this plugin should be skipped.
- Type:
boolean
- Since:
1.0.4
- Required:
No
- User Property:
cbi.jarsigner.skip
- Default:
false
<supportedProjectTypes>
Deprecated.
Not used anymore.
Not used anymore.
Project types which this plugin supports.
- Type:
java.util.List<java.lang.String>
- Required:
No
<timeoutMillis>
Defines the wall timeout in milliseconds for performing the remote request. A timeout value of zero is interpreted as an infinite timeout.
- Type:
int
- Since:
1.1.5
- Required:
No
- User Property:
cbi.jarsigner.timeoutMillis
- Default:
0