$i18n.getString(

eclipse-jarsigner-plugin:sign

Full name:

org.eclipse.cbi.maven.plugins:eclipse-jarsigner-plugin:1.5.3-SNAPSHOT:sign

Description:

Signs project main and attached artifacts using the Eclipse jarsigner webservice. Only artifacts with .jar extension are signed, other artifacts are not signed but a warning message is logged.

Attributes:

  • Requires a Maven project to be executed.
  • The goal is thread-safe and supports parallel builds.
  • Binds by default to the lifecycle phase: package.

Required Parameters

Name Type Since Description
<signerUrl> String 1.0.4 The signing service URL for signing Jar files. This service should return a signed jar file.
Default: https://cbi.eclipse.org/jarsigner/sign
User Property: cbi.jarsigner.signerUrl

Optional Parameters

Name Type Since Description
<archiveDirectory> File - No description.
User Property: cbi.jarsigner.archiveDirectory
<connectTimeoutMillis> int 1.1.4
Deprecated.
Use timeoutMillis instead. This one is for establishing the TCP connection only, you may be looking for a wall timeout instead.

Defines the timeout in milliseconds for establishing a TCP connection with the signing server. A timeout value of zero is interpreted as an infinite timeout.
Default: 5000
User Property: cbi.jarsigner.connectTimeoutMillis
<continueOnFail> boolean 1.0.5 (for the parameter, since 1.1.3 for the qualified user property). Whether the build should be stopped if the signing process fails.
Default: false
User Property: cbi.jarsigner.continueOnFail
<deprecatedContinueOnFail> boolean 1.0.5 (for the user property, since 1.1.3 for the parameter).
Deprecated.
The user property continueOnFail is deprecated. You should use the qualified property cbi.jarsigner.continueOnFail instead. The deprecatedContinueOnFail parameter has been introduced to support this deprecated user property for backward compatibility only.

Whether the build should be stopped if the signing process fails.
Default: false
User Property: continueOnFail
<deprecatedRetryLimit> int 1.1.0 (for the property, since 1.1.3 for the parameter)
Deprecated.
The user property retryLimit is deprecated. You should use the qualified property cbi.jarsigner.retryLimit instead. The deprecatedRetryLimit parameter has been introduced to support this deprecated user property for backward compatibility only.

Number of times to retry signing if the server fails to sign.
Default: 3
User Property: retryLimit
<deprecatedRetryTimer> int 1.1.0 (for the user property, since 1.1.3 for the parameter).
Deprecated.
The user property retryTimer is deprecated. You should use the qualified property cbi.jarsigner.retryTimer instead. The deprecatedRetryTimer parameter has been introduced to support this deprecated user property for backward compatibility only.

Number of seconds to wait before retrying to sign.
Default: 10
User Property: retryTimer
<digestAlgorithm> MessageDigestAlgorithm 1.1.3 The digest algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • MD2
  • MD5
  • SHA_1
  • SHA1 Use this value if you need to be compatible with some old frameworks (e.g., Eclipse Equinox 3.7 / Indigo). Use SHA_1 otherwise.
  • SHA_224
  • SHA_256
  • SHA_384
  • SHA_512

Default: DEFAULT
User Property: cbi.jarsigner.digestAlgorithm
<excludeInnerJars> boolean 1.0.5 Whether to excludes signing inner jars (not recursive, only apply to first level Jars inside the build Jar file; deeper jars are ignored in all cases).
Default: false
<includes> String[] - No description.
<processAttachedArtifacts> boolean - No description.
Default: true
User Property: cbi.jarsigner.processAttachedArtifacts
<processMainArtifact> boolean - No description.
Default: true
User Property: cbi.jarsigner.processMainArtifact
<resigningStrategy> JarResigner$Strategy 1.1.3 The strategy to be used if the artifacts of the current project are already signed (e.g., when replaced with a baseline version). Valid values are:
  • DO_NOT_RESIGN, do nothing with the jar file
  • THROW_EXCEPTION, throws an exception and stop the build if continueOnFail property is not set
  • RESIGN, resigns the jar with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • RESIGN_WITH_SAME_DIGEST_ALGORITHM, resigns the jar with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • OVERWRITE, removes every signatures from the jar and resigned it with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • OVERWRITE_WITH_SAME_DIGEST_ALGORITHM, removes every signatures from the jar and resign it with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.

Default: RESIGN
User Property: cbi.jarsigner.resigningStrategy
<retryLimit> int 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property) Number of times to retry signing if the server fails to sign.
Default: 3
User Property: cbi.jarsigner.retryLimit
<retryTimer> int 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property) Number of seconds to wait before retrying to sign.
Default: 10
User Property: cbi.jarsigner.retryTimer
<sigFile> String 1.1.5 No description.
User Property: cbi.jarsigner.sigFile
<signatureAlgorithm> SignatureAlgorithm 1.1.3 The signature algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • NONEwithRSA
  • MD2withRSA
  • MD5withRSA
  • SHA1withRSA
  • SHA224withRSA
  • SHA256withRSA
  • SHA384withRSA
  • SHA512withRSA
  • SHA1withDSA
  • SHA224withDSA
  • SHA256withDSA
  • NONEwithECDSA
  • SHA1withECDSA
  • SHA224withECDSA
  • SHA256withECDSA
  • SHA384withECDSA
  • SHA512withECDSA

Default: DEFAULT
User Property: cbi.jarsigner.signatureAlgorithm
<skip> boolean 1.0.4 Whether the execution of this plugin should be skipped.
Default: false
User Property: cbi.jarsigner.skip
<supportedProjectTypes> List<String> -
Deprecated.
Not used anymore.

Project types which this plugin supports.
<timeoutMillis> int 1.1.5 Defines the wall timeout in milliseconds for performing the remote request. A timeout value of zero is interpreted as an infinite timeout.
Default: 0
User Property: cbi.jarsigner.timeoutMillis

Parameter Details

<archiveDirectory>

No description.
  • Type: java.io.File
  • Required: No
  • User Property: cbi.jarsigner.archiveDirectory

<connectTimeoutMillis>

Deprecated.
Use timeoutMillis instead. This one is for establishing the TCP connection only, you may be looking for a wall timeout instead.

Defines the timeout in milliseconds for establishing a TCP connection with the signing server. A timeout value of zero is interpreted as an infinite timeout.
  • Type: int
  • Since: 1.1.4
  • Required: No
  • User Property: cbi.jarsigner.connectTimeoutMillis
  • Default: 5000

<continueOnFail>

Whether the build should be stopped if the signing process fails.
  • Type: boolean
  • Since: 1.0.5 (for the parameter, since 1.1.3 for the qualified user property).
  • Required: No
  • User Property: cbi.jarsigner.continueOnFail
  • Default: false

<deprecatedContinueOnFail>

Deprecated.
The user property continueOnFail is deprecated. You should use the qualified property cbi.jarsigner.continueOnFail instead. The deprecatedContinueOnFail parameter has been introduced to support this deprecated user property for backward compatibility only.

Whether the build should be stopped if the signing process fails.
  • Type: boolean
  • Since: 1.0.5 (for the user property, since 1.1.3 for the parameter).
  • Required: No
  • User Property: continueOnFail
  • Default: false

<deprecatedRetryLimit>

Deprecated.
The user property retryLimit is deprecated. You should use the qualified property cbi.jarsigner.retryLimit instead. The deprecatedRetryLimit parameter has been introduced to support this deprecated user property for backward compatibility only.

Number of times to retry signing if the server fails to sign.
  • Type: int
  • Since: 1.1.0 (for the property, since 1.1.3 for the parameter)
  • Required: No
  • User Property: retryLimit
  • Default: 3

<deprecatedRetryTimer>

Deprecated.
The user property retryTimer is deprecated. You should use the qualified property cbi.jarsigner.retryTimer instead. The deprecatedRetryTimer parameter has been introduced to support this deprecated user property for backward compatibility only.

Number of seconds to wait before retrying to sign.
  • Type: int
  • Since: 1.1.0 (for the user property, since 1.1.3 for the parameter).
  • Required: No
  • User Property: retryTimer
  • Default: 10

<digestAlgorithm>

The digest algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • MD2
  • MD5
  • SHA_1
  • SHA1 Use this value if you need to be compatible with some old frameworks (e.g., Eclipse Equinox 3.7 / Indigo). Use SHA_1 otherwise.
  • SHA_224
  • SHA_256
  • SHA_384
  • SHA_512
  • Type: org.eclipse.cbi.common.security.MessageDigestAlgorithm
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.digestAlgorithm
  • Default: DEFAULT

<excludeInnerJars>

Whether to excludes signing inner jars (not recursive, only apply to first level Jars inside the build Jar file; deeper jars are ignored in all cases).
  • Type: boolean
  • Since: 1.0.5
  • Required: No
  • Default: false

<includes>

No description.
  • Type: java.lang.String[]
  • Required: No

<processAttachedArtifacts>

No description.
  • Type: boolean
  • Required: No
  • User Property: cbi.jarsigner.processAttachedArtifacts
  • Default: true

<processMainArtifact>

No description.
  • Type: boolean
  • Required: No
  • User Property: cbi.jarsigner.processMainArtifact
  • Default: true

<resigningStrategy>

The strategy to be used if the artifacts of the current project are already signed (e.g., when replaced with a baseline version). Valid values are:
  • DO_NOT_RESIGN, do nothing with the jar file
  • THROW_EXCEPTION, throws an exception and stop the build if continueOnFail property is not set
  • RESIGN, resigns the jar with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • RESIGN_WITH_SAME_DIGEST_ALGORITHM, resigns the jar with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • OVERWRITE, removes every signatures from the jar and resigned it with the same parameter as if it was not already signed (in particular the configured digestAlgorithm)
  • OVERWRITE_WITH_SAME_DIGEST_ALGORITHM, removes every signatures from the jar and resign it with the same digest algorithm as the one used when it has been previously signed. Thus, the digestAlgorithm is ignored for the already signed jars.
  • Type: org.eclipse.cbi.maven.plugins.jarsigner.JarResigner$Strategy
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.resigningStrategy
  • Default: RESIGN

<retryLimit>

Number of times to retry signing if the server fails to sign.
  • Type: int
  • Since: 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property)
  • Required: No
  • User Property: cbi.jarsigner.retryLimit
  • Default: 3

<retryTimer>

Number of seconds to wait before retrying to sign.
  • Type: int
  • Since: 1.1.0 (for the parameter, since 1.1.3 for the qualified user user property)
  • Required: No
  • User Property: cbi.jarsigner.retryTimer
  • Default: 10

<sigFile>

No description.
  • Type: java.lang.String
  • Since: 1.1.5
  • Required: No
  • User Property: cbi.jarsigner.sigFile

<signatureAlgorithm>

The signature algorithm to use for signing the jar file. Supported values depends on the remote signing web services. Values recognized by this plugin are:
  • DEFAULT, tells to the remote signing webservice to use its default digest algorithm to sign the jar
  • NONEwithRSA
  • MD2withRSA
  • MD5withRSA
  • SHA1withRSA
  • SHA224withRSA
  • SHA256withRSA
  • SHA384withRSA
  • SHA512withRSA
  • SHA1withDSA
  • SHA224withDSA
  • SHA256withDSA
  • NONEwithECDSA
  • SHA1withECDSA
  • SHA224withECDSA
  • SHA256withECDSA
  • SHA384withECDSA
  • SHA512withECDSA
  • Type: org.eclipse.cbi.common.security.SignatureAlgorithm
  • Since: 1.1.3
  • Required: No
  • User Property: cbi.jarsigner.signatureAlgorithm
  • Default: DEFAULT

<signerUrl>

The signing service URL for signing Jar files. This service should return a signed jar file.
  • Type: java.lang.String
  • Since: 1.0.4
  • Required: Yes
  • User Property: cbi.jarsigner.signerUrl
  • Default: https://cbi.eclipse.org/jarsigner/sign

<skip>

Whether the execution of this plugin should be skipped.
  • Type: boolean
  • Since: 1.0.4
  • Required: No
  • User Property: cbi.jarsigner.skip
  • Default: false

<supportedProjectTypes>

Deprecated.
Not used anymore.

Project types which this plugin supports.
  • Type: java.util.List<java.lang.String>
  • Required: No

<timeoutMillis>

Defines the wall timeout in milliseconds for performing the remote request. A timeout value of zero is interpreted as an infinite timeout.
  • Type: int
  • Since: 1.1.5
  • Required: No
  • User Property: cbi.jarsigner.timeoutMillis
  • Default: 0