archive.sign
Archive extension for digital signing
Examples
The following creates a signed JAR on the filesystem:
private ArchiveConstruction createSignedJar()
{
return archive()
.configured(asJar())
.configured(withSignature()
.digestedBy(SHA512)
.store(keyStore)
.alias(alias)
.password(password)
.signatureAlgorithm(SHA256_WITH_RSA)
.signatureFileName("SIG")
.createdBy("necessity"))
.with(AmSigned.class)
.with(AmAlsoSigned.class);
}
With static imports:
import static io.earcam.instrumental.archive.Archive.archive;
import static io.earcam.instrumental.archive.AsJar.asJar;
import static io.earcam.instrumental.archive.sign.StandardDigestAlgorithms.SHA512;
import static io.earcam.instrumental.archive.sign.StandardSignatureAlgorithms.SHA256_WITH_RSA;
import static io.earcam.instrumental.archive.sign.WithDigest.withDigest;
import static io.earcam.instrumental.archive.sign.WithSignature.withSignature;
import static io.earcam.utilitarian.security.Certificates.certificate;
import static io.earcam.utilitarian.security.KeyStores.keyStore;
Related fields (note; the key and security stuff is from a test-helper module):
private static final KeyPair keys = Keys.rsa();
private static final String alias = "alias";
private static final char[] password = "password".toCharArray();
private static final String subject = "subject";
private static final X509Certificate certificate = certificate(keys, subject).toX509();
private static final KeyStore keyStore = keyStore(alias, password, keys, certificate);
And additional maven dependencies:
<dependency>
<groupId>io.earcam.instrumental</groupId>
<artifactId>io.earcam.instrumental.archive</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>io.earcam.utilitarian</groupId>
<artifactId>io.earcam.utilitarian.security</artifactId>
</dependency>
View full source of associated test.
