ptolemy.copernicus.applet

Class JarSigner

java.lang.Object

ptolemy.copernicus.applet.JarSigner

public class JarSigner
extends java.lang.Object

Sign a Jar file.

From https://svn.cs.cf.ac.uk/projects/whip/trunk/whip-core/src/main/java/org/whipplugin/data/bundle/JarSigner15.java. See also http://www.onjava.com/pub/a/onjava/2001/04/12/signing_jar.html?page=1.

Since:

Ptolemy II 8.0

Version:

$Id$

Author:

Andrew Harrison, Contributor: Christopher Brooks.

Constructor Summary

Constructors

Constructor and Description
JarSigner(java.lang.String alias, java.security.PrivateKey privateKey, java.security.cert.X509Certificate[] certChain) Construct a jar signer.

Method Summary

Modifier and Type	Method and Description
void	_signJarFile(java.util.jar.JarFile jarFile, java.io.OutputStream outputStream) The actual JAR signing method.
protected static void	_writeJarEntry(java.util.jar.JarEntry jarEntry, java.util.jar.JarFile jarFile, java.util.jar.JarOutputStream jarOutputStream) A helper function that can take entries from one jar file and write it to another jar stream.
static void	main(java.lang.String[] args) JarSigner test driver.
static void	sign(java.lang.String jarFileName, java.lang.String signedJarFileName, java.lang.String keystoreFileName, java.lang.String alias, char[] storePassword, char[] keyPassword) Sign a jar file.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JarSigner

public JarSigner(java.lang.String alias,
                 java.security.PrivateKey privateKey,
                 java.security.cert.X509Certificate[] certChain)

Construct a jar signer.

Parameters:

alias - The alias for the signing key.

privateKey - The private key to sign with.

certChain - The certificate chain.

Method Detail

main

public static void main(java.lang.String[] args)

JarSigner test driver.

This method uses the $PTII/ptKeystore certificate. To create that file:

  cd $PTII
  make ptKeystore
  make jnlp_list
  

Usage:

  java -classpath $PTII ptolemy.copernicus.applet.JarSigner JNLPApplication.jar JNLPSignedApplication.jar
  

To verify the signed jar, run:

  jarsigner -verify -verbose -certs JNLPSignedApplication.jar
  

Parameters:

args - An array of two arguments, the first element is the name of the jar file to be read in, the second is the name of the signed jar file to be created.

sign

public static void sign(java.lang.String jarFileName,
                        java.lang.String signedJarFileName,
                        java.lang.String keystoreFileName,
                        java.lang.String alias,
                        char[] storePassword,
                        char[] keyPassword)
                 throws java.lang.Exception

Sign a jar file.

Parameters:

jarFileName - The name of the jar file to be signed.

signedJarFileName - The name of the signed jar file to be created.

keystoreFileName - The name of the keystore file. To create a keystore file, run

  cd $PTII
  make ptKeystore
  make jnlp_list
  

alias - The alias of the certificate. This is the string used when the key is created.

storePassword - The password of the key store.

keyPassword - The password of the key store.

Throws:

java.lang.Exception - If there is a problem open or closing files, or a problem signing the jar file.

_signJarFile

public void _signJarFile(java.util.jar.JarFile jarFile,
                         java.io.OutputStream outputStream)
                  throws java.security.NoSuchAlgorithmException,
                         java.security.InvalidKeyException,
                         java.security.SignatureException,
                         java.io.IOException,
                         java.lang.IllegalAccessException,
                         java.lang.reflect.InvocationTargetException,
                         java.lang.NoSuchMethodException,
                         java.security.cert.CertificateException,
                         java.lang.InstantiationException,
                         java.lang.ClassNotFoundException

The actual JAR signing method. This is the method which will be called by those wrapping the JARSigner class.

Parameters:

jarFile - The jar file to be read in and signed.

outputStream - The stream to which the signed jar file should be written.

Throws:

java.security.NoSuchAlgorithmException - If the SHA1 algorithm cannot be found or there is a problem generating the block.

java.security.InvalidKeyException - If the certificate key is not valid.

java.security.SignatureException - If there is a problem with the signature.

java.io.IOException - If there is a problem reading or writing a file.

java.lang.IllegalAccessException - If there is a problem getting the metaname from the the signature file.

java.lang.reflect.InvocationTargetException - If there is a problem creating the signature file or getting the metaname from the signature.

java.lang.NoSuchMethodException - If thrown while creating the signature file.

java.security.cert.CertificateException - If there is a problem generating the block.

java.lang.InstantiationException - If thrown while creating the signature file.

java.lang.ClassNotFoundException - If thrown while generating the signature block.

_writeJarEntry

protected static void _writeJarEntry(java.util.jar.JarEntry jarEntry,
                                     java.util.jar.JarFile jarFile,
                                     java.util.jar.JarOutputStream jarOutputStream)
                              throws java.io.IOException

A helper function that can take entries from one jar file and write it to another jar stream.

Parameters:

jarEntry - The entry in the jar file to be added to the jar output stream.

jarFile - The jar file that contains the jarEntry.

jarOutputStream - The output stream that the jarEntry from the jarFile to which to write.

Throws:

java.io.IOException - If there is a problem reading or writing the jarEntry.