Author: bentmann Date: Sun Apr 26 22:16:23 2009 New Revision: 768812 URL: http://svn.apache.org/viewvc?rev=768812&view=rev Log: [MSANDBOX-46] Import maven-jarsigner-plugin Submitted by: Christian Schulte (via MJAVADOC-228)
Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/ (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/pom.xml (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.properties (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_de.properties (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_en.properties (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/examples/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/examples/sign-and-verify-project.apt (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/index.apt (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/usage.apt (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/fml/ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/fml/faq.fml (with props) maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/site.xml (with props) Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/ ------------------------------------------------------------------------------ --- svn:ignore (added) +++ svn:ignore Sun Apr 26 22:16:23 2009 @@ -0,0 +1,8 @@ +target +.classpath +.settings +.project +bin +*.iml +*.ipr +*.iws Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/pom.xml URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/pom.xml?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/pom.xml (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/pom.xml Sun Apr 26 22:16:23 2009 @@ -0,0 +1,92 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> + +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + + <parent> + <artifactId>maven-plugins</artifactId> + <groupId>org.apache.maven.plugins</groupId> + <version>13</version> + </parent> + + <artifactId>maven-jarsigner-plugin</artifactId> + <version>1.0-SNAPSHOT</version> + <packaging>maven-plugin</packaging> + + <name>Maven Jarsigner Plugin</name> + <description>Signs or verifies a project artifact and attachments using jarsigner.</description> + + <contributors> + <contributor> + <name>Christian Schulte</name> + </contributor> + </contributors> + + <scm> + <connection>scm:svn:http://svn.apache.org/repos/asf/maven/plugins/trunk/maven-jarsigner-plugin/</connection> + <developerConnection>scm:svn:https://svn.apache.org/repos/asf/maven/plugins/trunk/maven-jarsigner-plugin/</developerConnection> + <url>http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/</url> + </scm> + <issueManagement> + <system>JIRA</system> + <url>http://jira.codehaus.org/browse/MJARSIGNER</url> + </issueManagement> + + <properties> + <mavenVersion>2.0.10</mavenVersion> + </properties> + + <dependencies> + <dependency> + <groupId>org.apache.maven</groupId> + <artifactId>maven-plugin-api</artifactId> + <version>${mavenVersion}</version> + </dependency> + <dependency> + <groupId>org.apache.maven</groupId> + <artifactId>maven-project</artifactId> + <version>${mavenVersion}</version> + </dependency> + <dependency> + <groupId>org.apache.maven</groupId> + <artifactId>maven-model</artifactId> + <version>${mavenVersion}</version> + <scope>runtime</scope> + </dependency> + <dependency> + <groupId>org.apache.maven</groupId> + <artifactId>maven-artifact</artifactId> + <version>${mavenVersion}</version> + </dependency> + <dependency> + <groupId>commons-lang</groupId> + <artifactId>commons-lang</artifactId> + <version>2.4</version> + </dependency> + <dependency> + <groupId>org.codehaus.plexus</groupId> + <artifactId>plexus-utils</artifactId> + <version>1.5.6</version> + </dependency> + </dependencies> + +</project> Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/pom.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/pom.xml ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java Sun Apr 26 22:16:23 2009 @@ -0,0 +1,350 @@ +package org.apache.maven.plugins.jarsigner; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import java.io.File; +import java.io.InputStream; +import java.text.MessageFormat; +import java.util.Iterator; +import java.util.MissingResourceException; +import java.util.ResourceBundle; +import org.apache.commons.lang.SystemUtils; +import org.apache.maven.artifact.Artifact; +import org.apache.maven.plugin.AbstractMojo; +import org.apache.maven.plugin.MojoExecutionException; +import org.apache.maven.project.MavenProject; +import org.codehaus.plexus.util.cli.CommandLineException; +import org.codehaus.plexus.util.cli.CommandLineUtils; +import org.codehaus.plexus.util.cli.Commandline; +import org.codehaus.plexus.util.cli.StreamConsumer; + +/** + * Maven Jarsigner Plugin base class. + * + * @author <a href="c...@schulte.it">Christian Schulte</a> + * @version $Id$ + */ +public abstract class AbstractJarsignerMojo extends AbstractMojo +{ + + /** + * See <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/jarsigner.html#Options">options</a>. + * + * @parameter expression="${jarsigner.verbose}" default-value="false" + */ + private boolean verbose; + + /** + * Archive to sign. If set, neither the project artifact nor any attachments are processed. + * + * @parameter expression="${jarsigner.archive}" + * @optional + */ + private File archive; + + /** + * List of arguments to append to the jarsigner command line. + * + * @parameter expression="${jarsigner.arguments}" + * @optional + */ + private String[] arguments; + + /** + * Set to {...@code true} to disable the plugin. + * + * @parameter expression="${jarsigner.skip}" default-value="false" + */ + private boolean skip; + + /** + * Controls processing of project attachments. + * + * @parameter expression="${jarsigner.attachments}" default-value="true" + */ + private boolean attachments; + + /** + * The Maven project. + * + * @parameter expression="${project}" + * @required + * @readonly + */ + private MavenProject project; + + public final void execute() throws MojoExecutionException + { + if ( !this.skip ) + { + if ( this.archive != null ) + { + this.processArchive( this.archive ); + } + else + { + this.processArtifact( this.project.getArtifact() ); + + for ( Iterator it = this.project.getAttachedArtifacts().iterator(); it.hasNext(); ) + { + final Artifact artifact = (Artifact) it.next(); + + if ( this.attachments ) + { + this.processArtifact( artifact ); + } + else if ( this.isJavaLanguageCapable( artifact ) ) + { + this.getLog().info( this.getMessage( "ignoringAttachment", new Object[] + { + artifact.toString() + } ) ); + + } + } + } + } + else + { + this.getLog().info( this.getMessage( "disabled", null ) ); + } + } + + /** + * Gets the {...@code Commandline} to execute for a given Java archive taking a command line prepared for executing + * jarsigner. + * + * @param archive The Java archive to get a {...@code Commandline} to execute for. + * @param commandLine A {...@code Commandline} prepared for executing jarsigner without any arguments. + * + * @return A {...@code Commandline} for executing jarsigner with {...@code archive}. + * + * @throws NullPointerException if {...@code archive} or {...@code commandLine} is {...@code null}. + */ + protected abstract Commandline getCommandline( final File archive, final Commandline commandLine ); + + /** + * Gets a string representation of a {...@code Commandline}. + * <p>This method creates the string representation by calling {...@code commandLine.toString()} by default.</p> + * + * @param commandLine The {...@code Commandline} to get a string representation of. + * + * @return The string representation of {...@code commandLine}. + * + * @throws NullPointerException if {...@code commandLine} is {...@code null}. + */ + protected String getCommandlineInfo( final Commandline commandLine ) + { + if ( commandLine == null ) + { + throw new NullPointerException( "commandLine" ); + } + + return commandLine.toString(); + } + + /** + * Checks Java language capability of an artifact. + * + * @param artifact The artifact to check. + * + * @return {...@code true} if {...@code artifact} is Java language capable; {...@code false} if not. + */ + private boolean isJavaLanguageCapable( final Artifact artifact ) + { + return artifact != null && artifact.getFile() != null && artifact.getArtifactHandler() != null && + "java".equals( artifact.getArtifactHandler().getLanguage() ); + + } + + /** + * Processes a given artifact. + * + * @param artifact The artifact to process. + * + * @throws NullPointerException if {...@code artifact} is {...@code null}. + * @throws MojoExecutionException if processing {...@code artifact} fails. + */ + private void processArtifact( final Artifact artifact ) throws MojoExecutionException + { + if ( artifact == null ) + { + throw new NullPointerException( "artifact" ); + } + + if ( this.isJavaLanguageCapable( artifact ) ) + { + if ( this.verbose ) + { + this.getLog().info( this.getMessage( "processing", new Object[] + { + artifact.toString() + } ) ); + + } + else if ( this.getLog().isDebugEnabled() ) + { + this.getLog().debug( this.getMessage( "processing", new Object[] + { + artifact.toString() + } ) ); + + } + + this.processArchive( artifact.getFile() ); + } + else + { + if ( this.verbose ) + { + this.getLog().info( this.getMessage( "unsupported", new Object[] + { + artifact.toString() + } ) ); + + } + else if ( this.getLog().isDebugEnabled() ) + { + this.getLog().debug( this.getMessage( "unsupported", new Object[] + { + artifact.toString() + } ) ); + + } + + } + } + + /** + * Processes a given archive. + * + * @param archive The archive to process. + * + * @throws NullPointerException if {...@code archive} is {...@code null}. + * @throws MojoExecutionException if processing {...@code archive} fails. + */ + private void processArchive( final File archive ) throws MojoExecutionException + { + if ( archive == null ) + { + throw new NullPointerException( "archive" ); + } + + Commandline commandLine = new Commandline(); + commandLine.setExecutable( "jarsigner" + ( SystemUtils.IS_OS_WINDOWS ? ".exe" : "" ) ); + commandLine.setWorkingDirectory( this.project.getBasedir() ); + + if ( this.verbose ) + { + commandLine.createArg().setValue( "-verbose" ); + } + + if ( this.arguments != null ) + { + commandLine.addArguments( this.arguments ); + } + + commandLine = this.getCommandline( archive, commandLine ); + + try + { + if ( this.getLog().isDebugEnabled() ) + { + this.getLog().debug( this.getMessage( "command", new Object[] + { + this.getCommandlineInfo( commandLine ) + } ) ); + + } + + final int result = CommandLineUtils.executeCommandLine( commandLine, + new InputStream() + { + + public int read() + { + return -1; + } + + }, new StreamConsumer() + { + + public void consumeLine( final String line ) + { + if ( verbose ) + { + getLog().info( line ); + } + } + + }, new StreamConsumer() + { + + public void consumeLine( final String line ) + { + getLog().warn( line ); + } + + } ); + + if ( result != 0 ) + { + throw new MojoExecutionException( this.getMessage( "failure", new Object[] + { + this.getCommandlineInfo( commandLine ), new Integer( result ) + } ) ); + + } + } + catch ( CommandLineException e ) + { + throw new MojoExecutionException( this.getMessage( "commandLineException", new Object[] + { + this.getCommandlineInfo( commandLine ) + } ), e ); + + } + } + + /** + * Gets a message for a given key from the resource bundle backing the implementation. + * + * @param key The key of the message to return. + * @param args Arguments to format the message with or {...@code null}. + * + * @return The message with key {...@code key} from the resource bundle backing the implementation. + * + * @throws NullPointerException if {...@code key} is {...@code null}. + * @throws MissingResourceException if there is no message available matching {...@code key} or accessing the resource + * bundle fails. + */ + private String getMessage( final String key, final Object[] args ) + { + if ( key == null ) + { + throw new NullPointerException( "key" ); + } + + return new MessageFormat( ResourceBundle.getBundle( + "org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo" ).getString( key ) ).format( args ); + + } + +} Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java Sun Apr 26 22:16:23 2009 @@ -0,0 +1,141 @@ +package org.apache.maven.plugins.jarsigner; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import java.io.File; +import org.codehaus.plexus.util.StringUtils; +import org.codehaus.plexus.util.cli.Commandline; + +/** + * Signs a project artifact and attachments using jarsigner. + * + * @author <a href="c...@schulte.it">Christian Schulte</a> + * @version $Id$ + * @goal sign + * @phase package + * @requiresProject + */ +public class JarsignerSignMojo extends AbstractJarsignerMojo +{ + + /** + * See <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/jarsigner.html#Options">options</a>. + * + * @parameter expression="${jarsigner.keystore}" + */ + private String keystore; + + /** + * See <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/jarsigner.html#Options">options</a>. + * + * @parameter expression="${jarsigner.storepass}" + */ + private String storepass; + + /** + * See <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/jarsigner.html#Options">options</a>. + * + * @parameter expression="${jarsigner.keypass}" + */ + private String keypass; + + /** + * See <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/jarsigner.html#Options">options</a>. + * + * @parameter expression="${jarsigner.sigfile}" + */ + private String sigfile; + + /** + * See <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/jarsigner.html#Options">options</a>. + * + * @parameter expression="${jarsigner.storetype}" + */ + private String storetype; + + /** + * See <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/jarsigner.html#Options">options</a>. + * + * @parameter expression="${jarsigner.alias}" + * @required + */ + private String alias; + + protected Commandline getCommandline( final File archive, final Commandline commandLine ) + { + if ( archive == null ) + { + throw new NullPointerException( "archive" ); + } + if ( commandLine == null ) + { + throw new NullPointerException( "commandLine" ); + } + + if ( !StringUtils.isEmpty( this.keystore ) ) + { + commandLine.createArg().setValue( "-keystore" ); + commandLine.createArg().setValue( this.keystore ); + } + if ( !StringUtils.isEmpty( this.storepass ) ) + { + commandLine.createArg().setValue( "-storepass" ); + commandLine.createArg().setValue( this.storepass ); + } + if ( !StringUtils.isEmpty( this.keypass ) ) + { + commandLine.createArg().setValue( "-keypass" ); + commandLine.createArg().setValue( this.keypass ); + } + if ( !StringUtils.isEmpty( this.storetype ) ) + { + commandLine.createArg().setValue( "-storetype" ); + commandLine.createArg().setValue( this.storetype ); + } + if ( !StringUtils.isEmpty( this.sigfile ) ) + { + commandLine.createArg().setValue( "-sigfile" ); + commandLine.createArg().setValue( this.sigfile ); + } + + commandLine.createArg().setFile( archive ); + + if ( !StringUtils.isEmpty( this.alias ) ) + { + commandLine.createArg().setValue( this.alias ); + } + + return commandLine; + } + + protected String getCommandlineInfo( final Commandline commandLine ) + { + String commandLineInfo = commandLine != null ? commandLine.toString() : null; + + if ( commandLineInfo != null ) + { + commandLineInfo = StringUtils.replace( commandLineInfo, this.keypass, "'*****'" ); + commandLineInfo = StringUtils.replace( commandLineInfo, this.storepass, "'*****'" ); + } + + return commandLineInfo; + } + +} Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java Sun Apr 26 22:16:23 2009 @@ -0,0 +1,66 @@ +package org.apache.maven.plugins.jarsigner; + +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import java.io.File; +import org.codehaus.plexus.util.cli.Commandline; + +/** + * Checks the signatures of a project artifact and attachments using jarsigner. + * + * @author <a href="c...@schulte.it">Christian Schulte</a> + * @version $Id$ + * @goal verify + * @phase verify + * @requiresProject + */ +public class JarsignerVerifyMojo extends AbstractJarsignerMojo +{ + + /** + * See <a href="http://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/jarsigner.html#Options">options</a>. + * + * @parameter expression="${jarsigner.certs}" default-value="false" + */ + private boolean certs; + + protected Commandline getCommandline( final File archive, final Commandline commandLine ) + { + if ( archive == null ) + { + throw new NullPointerException( "archive" ); + } + if ( commandLine == null ) + { + throw new NullPointerException( "commandLine" ); + } + + commandLine.createArg( true ).setValue( "-verify" ); + + if ( this.certs ) + { + commandLine.createArg().setValue( "-certs" ); + } + + commandLine.createArg().setFile( archive ); + return commandLine; + } + +} Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.properties URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.properties?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.properties (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.properties Sun Apr 26 22:16:23 2009 @@ -0,0 +1,8 @@ +disabled=Disabled +ignoringAttachment=Forcibly ignoring project attachment {0} +unsupported=Unsupported artifact {0} ignored +processing=Processing {0} +command=''{0}'' +commandLineException=Failed executing ''{0}'' +failure=Failed executing ''{0}'' - exitcode {1,number} +archive=Processing archive ''{0}''. Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.properties ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.properties ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_de.properties URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_de.properties?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_de.properties (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_de.properties Sun Apr 26 22:16:23 2009 @@ -0,0 +1,8 @@ +disabled=Deaktiviert +ignoringAttachment=Verarbeitung von Projektanhang {0} unterdr\u00FCckt +unsupported=Nicht unterst\u00FCtztes Artefakt {0} ignoriert +processing=Verarbeitet {0} +command=''{0}'' +commandLineException=Ausf\u00FChrung von ''{0}'' gescheitert +failure=Ausf\u00FChrung von ''{0}'' fehlgeschlagen ({1,number}) +archive=Verarbeitet Archiv ''{0}''. Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_de.properties ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_de.properties ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_en.properties URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_en.properties?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_en.properties (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_en.properties Sun Apr 26 22:16:23 2009 @@ -0,0 +1,8 @@ +disabled=Disabled +ignoringAttachment=Forcibly ignoring project attachment {0} +unsupported=Unsupported artifact {0} ignored +processing=Processing {0} +command=''{0}'' +commandLineException=Failed executing ''{0}'' +failure=Failed executing ''{0}'' - exitcode {1,number} +archive=Processing archive ''{0}''. Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_en.properties ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/main/resources/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo_en.properties ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/examples/sign-and-verify-project.apt URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/examples/sign-and-verify-project.apt?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/examples/sign-and-verify-project.apt (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/examples/sign-and-verify-project.apt Sun Apr 26 22:16:23 2009 @@ -0,0 +1,68 @@ + ------ + Sign and verify a project + ------ + Christian Schulte + ------ + 08 April 2009 + ------ + +~~ Licensed to the Apache Software Foundation (ASF) under one +~~ or more contributor license agreements. See the NOTICE file +~~ distributed with this work for additional information +~~ regarding copyright ownership. The ASF licenses this file +~~ to you under the Apache License, Version 2.0 (the +~~ "License"); you may not use this file except in compliance +~~ with the License. You may obtain a copy of the License at +~~ +~~ http://www.apache.org/licenses/LICENSE-2.0 +~~ +~~ Unless required by applicable law or agreed to in writing, +~~ software distributed under the License is distributed on an +~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +~~ KIND, either express or implied. See the License for the +~~ specific language governing permissions and limitations +~~ under the License. + + +Sign and verify a project + + If you need to sign a project artifact and all attached artifacts and want + to verify the signatures afterwards, just configure the sign and verify goal + appropriately in your <<<pom.xml>>> for the signing to occur automatically + during the package phase and for the verification to occur during the verify + phase. + ++-----------------+ +<project> + ... + <build> + <plugins> + ... + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jarsigner-plugin</artifactId> + <executions> + <execution> + <id>sign</id> + <goals> + <goal>sign</goal> + </goals> + </execution> + <execution> + <id>verify</id> + <goals> + <goal>verify</goal> + </goals> + </execution> + </executions> + </plugin> + ... + </plugins> + </build> + ... +</project> ++-----------------+ + + Note: The sign goal requires at least the alias to use for signing. This alias + can be passed using the command line like -Djarsigner.alias="Alias Name" + or set as a property in the settings.xml file when not configured in the POM. Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/examples/sign-and-verify-project.apt ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/examples/sign-and-verify-project.apt ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/index.apt URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/index.apt?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/index.apt (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/index.apt Sun Apr 26 22:16:23 2009 @@ -0,0 +1,67 @@ + ------ + Introduction + ------ + Christian Schulte + ------ + 08 April 2009 + ------ + + ~~ Licensed to the Apache Software Foundation (ASF) under one + ~~ or more contributor license agreements. See the NOTICE file + ~~ distributed with this work for additional information + ~~ regarding copyright ownership. The ASF licenses this file + ~~ to you under the Apache License, Version 2.0 (the + ~~ "License"); you may not use this file except in compliance + ~~ with the License. You may obtain a copy of the License at + ~~ + ~~ http://www.apache.org/licenses/LICENSE-2.0 + ~~ + ~~ Unless required by applicable law or agreed to in writing, + ~~ software distributed under the License is distributed on an + ~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + ~~ KIND, either express or implied. See the License for the + ~~ specific language governing permissions and limitations + ~~ under the License. + + ~~ NOTE: For help with the syntax of this file, see: + ~~ http://maven.apache.org/doxia/references/apt-format.html + +Maven Jarsigner Plugin + + This plugin provides the capability to sign or verify a project artifact + and attachments using jarsigner. + +* Goals Overview + + * {{{sign-mojo.html}jarsigner:sign}} sign a project artifact and attached artifacts. + + * {{{verify-mojo.html}jarsigner:verify}} verify a project artifact and attached artifacts. + + [] + +* Usage + + General instructions on how to use the Jarsigner Plugin can be found on the {{{usage.html}usage page}}. Some more + specific use cases are described in the examples given below. Last but not least, users occasionally contribute + additional examples, tips or errata to the + {{{http://docs.codehaus.org/display/MAVENUSER/Jarsigner+Plugin}plugin's wiki page}}. + + In case you still have questions regarding the plugin's usage, please have a look at the {{{faq.html}FAQ}} and feel + free to contact the {{{mail-lists.html}user mailing list}}. The posts to the mailing list are archived and could + already contain the answer to your question as part of an older thread. Hence, it is also worth browsing/searching + the {{{mail-lists.html}mail archive}}. + + If you feel like the plugin is missing a feature or has a defect, you can fill a feature request or bug report in our + {{{issue-tracking.html}issue tracker}}. When creating a new issue, please provide a comprehensive description of your + concern. Especially for fixing bugs it is crucial that the developers can reproduce your problem. For this reason, + entire debug logs, POMs or most preferably little demo projects attached to the issue are very much appreciated. + Of course, patches are welcome, too. Contributors can check out the project from our + {{{source-repository.html}source repository}} and will find supplementary information in the + {{{http://maven.apache.org/guides/development/guide-helping.html}guide to helping with Maven}}. + +* Examples + + To provide you with better understanding of some usages of the Jarsigner + Plugin, you can take a look at the following example: + + * {{{examples/sign-and-verify-project.html}Sign and verify a project}} Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/index.apt ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/index.apt ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/usage.apt URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/usage.apt?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/usage.apt (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/usage.apt Sun Apr 26 22:16:23 2009 @@ -0,0 +1,118 @@ + ------ + Usage + ------ + Christian Schulte + ------ + 08 April 2009 + ------ + + ~~ Licensed to the Apache Software Foundation (ASF) under one + ~~ or more contributor license agreements. See the NOTICE file + ~~ distributed with this work for additional information + ~~ regarding copyright ownership. The ASF licenses this file + ~~ to you under the Apache License, Version 2.0 (the + ~~ "License"); you may not use this file except in compliance + ~~ with the License. You may obtain a copy of the License at + ~~ + ~~ http://www.apache.org/licenses/LICENSE-2.0 + ~~ + ~~ Unless required by applicable law or agreed to in writing, + ~~ software distributed under the License is distributed on an + ~~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + ~~ KIND, either express or implied. See the License for the + ~~ specific language governing permissions and limitations + ~~ under the License. + + ~~ NOTE: For help with the syntax of this file, see: + ~~ http://maven.apache.org/doxia/references/apt-format.html + +Usage + + Some brief examples on how to use this plugin. + +* Signing a project artifact and attachments + + If you need to sign a project artifact and all attached artifacts, just + configure the sign goal appropriately in your <<<pom.xml>>> for the + signing to occur automatically during the package phase. + ++-----------------+ +<project> + ... + <build> + <plugins> + ... + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jarsigner-plugin</artifactId> + <executions> + <execution> + <id>sign</id> + <goals> + <goal>sign</goal> + </goals> + </execution> + </executions> + <configuration> + <keystore>/path/to/the/keystore</keystore> + <alias>Alias name</alias> + <storepass>Store password</storepass> + <keypass>Key password</keypass> + </configuration> + </plugin> + ... + </plugins> + </build> + ... +</project> ++-----------------+ + +* Verifying the signature of a project artifact and attachments + + If you need to verify the signatures of a project artifact and all attached + artifacts, just configure the verify goal appropriately in your <<<pom.xml>>> + for the verification to occur automatically during the verify phase. + ++-----------------+ +<project> + ... + <build> + <plugins> + ... + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jarsigner-plugin</artifactId> + <executions> + <execution> + <id>verify</id> + <goals> + <goal>verify</goal> + </goals> + </execution> + </executions> + <configuration> + <verbose>true</verbose> + <certs>true</certs> + </configuration> + </plugin> + ... + </plugins> + </build> + ... +</project> ++-----------------+ + +* How to disable attachment processing + ++-----------------+ +mvn ... -Djarsigner.attachments=false ++-----------------+ + + +* How to disable the Jarsigner Plugin + ++-----------------+ +mvn ... -Djarsigner.skip=true ++-----------------+ + + For full documentation, click {{{plugin-info.html}here}}. Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/usage.apt ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/apt/usage.apt ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/fml/faq.fml URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/fml/faq.fml?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/fml/faq.fml (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/fml/faq.fml Sun Apr 26 22:16:23 2009 @@ -0,0 +1,45 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> + +<faqs id="FAQ" title="Frequently Asked Questions"> + <part id="General"> + <faq id="about"> + <question>What is Jarsigner ?</question> + <answer> + <p> + You can read more about Jarsigner <a href="http://java.sun.com/javase/6/docs/technotes/tools/solaris/jarsigner.html">here</a>. + </p> + </answer> + </faq> + <faq id="maven-jar-plugin"> + <question>Is it possible to sign a single archive file ?</question> + <answer> + <p> + Signing or verifying a Java archive which is neither a project artifact + nor an attached artifact can be done by using the archive parameter + of the sign and verify goals. If this parameter is set, the goals will + process the specified archive and will not process any project + artifacts. + </p> + </answer> + </faq> + </part> +</faqs> Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/fml/faq.fml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/fml/faq.fml ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/site.xml URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/site.xml?rev=768812&view=auto ============================================================================== --- maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/site.xml (added) +++ maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/site.xml Sun Apr 26 22:16:23 2009 @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> + +<project> + <body> + <menu name="Overview"> + <item name="Introduction" href="index.html"/> + <item name="Goals" href="plugin-info.html"/> + <item name="Usage" href="usage.html"/> + <item name="FAQ" href="faq.html"/> + </menu> + </body> +</project> Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/site.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/sandbox/trunk/plugins/maven-jarsigner-plugin/src/site/site.xml ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision