archive.sign
Archive extension for digital signing
Examples
The following creates a signed JAR on the filesystem:
private ArchiveConstruction createSignedJar() { return archive() .configured(asJar()) .configured(withSignature() .digestedBy(SHA512) .store(keyStore) .alias(alias) .password(password) .signatureAlgorithm(SHA256_WITH_RSA) .signatureFileName("SIG") .createdBy("necessity")) .with(AmSigned.class) .with(AmAlsoSigned.class); }
With static imports:
import static io.earcam.instrumental.archive.Archive.archive; import static io.earcam.instrumental.archive.AsJar.asJar; import static io.earcam.instrumental.archive.sign.StandardDigestAlgorithms.SHA512; import static io.earcam.instrumental.archive.sign.StandardSignatureAlgorithms.SHA256_WITH_RSA; import static io.earcam.instrumental.archive.sign.WithDigest.withDigest; import static io.earcam.instrumental.archive.sign.WithSignature.withSignature; import static io.earcam.utilitarian.security.Certificates.certificate; import static io.earcam.utilitarian.security.KeyStores.keyStore;
Related fields (note; the key and security stuff is from a test-helper module):
private static final KeyPair keys = Keys.rsa(); private static final String alias = "alias"; private static final char[] password = "password".toCharArray(); private static final String subject = "subject"; private static final X509Certificate certificate = certificate(keys, subject).toX509(); private static final KeyStore keyStore = keyStore(alias, password, keys, certificate);
And additional maven dependencies:
<dependency> <groupId>io.earcam.instrumental</groupId> <artifactId>io.earcam.instrumental.archive</artifactId> <version>${project.version}</version> </dependency> <dependency> <groupId>io.earcam.utilitarian</groupId> <artifactId>io.earcam.utilitarian.security</artifactId> </dependency>
View full source of associated test.