You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Jason Thrasher (JIRA)" <ji...@codehaus.org> on 2010/12/20 23:35:58 UTC

[jira] Created: (MJARSIGNER-11) signing failure with keystore alias containing single-quote character

signing failure with keystore alias containing single-quote character
---------------------------------------------------------------------

                 Key: MJARSIGNER-11
                 URL: http://jira.codehaus.org/browse/MJARSIGNER-11
             Project: Maven 2.x Jar Signer Plugin
          Issue Type: Bug
    Affects Versions: 1.2
         Environment: Mac OSX 10.5.8
java version "1.6.0_22"

            Reporter: Jason Thrasher


If a keystore is used with an alias that contains a single quote character, the maven-jarsigner-plugin fails to build a proper command line.  This is because the alias field in the jarsigner argument contains a quote character that is not escaped.  Alias names with a single quote are considered valid, therefore the maven-jarsigner-plugin isn't handling this input correctly.

Plugin error message when alias with a single quote is encountered:

[...SNIP]
[WARNING] /bin/sh: -c: line 0: unexpected EOF while looking for matching `''
[WARNING] /bin/sh: -c: line 1: syntax error: unexpected end of file
[...SNIP...]
[INFO] ------------------------------------------------------------------------
[ERROR] BUILD ERROR
[INFO] ------------------------------------------------------------------------
[INFO] Failed executing '/bin/sh -c cd /Users/jason/Documents/dev/bitmenu/trunk/app/dlapplet && /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/bin/jarsigner -verbose -tsa http://tsa.starfieldtech.com -keystore /Users/jason/Documents/bitmenu/certs/bitmenu-codesigning-comodo.p12 -storepass ''*****'' -storetype PKCS12 /Users/jason/Documents/dev/bitmenu/trunk/app/dlapplet/target/bitmenu-dlapplet-1.4.0-SNAPSHOT.jar 'bitmenu, inc.'s the usertrust network id'' - exitcode 2


Note: PKCS12 files created with Comodo's code signing system may have aliases with a single quote like this.

=== possible workaround ===

Export the cert and the key, then re-import them to a new pkcs12 file with a different alias.

# to reset the alias name in a pkcs12 file
openssl pkcs12 -in myComodo.p12 -out myComodo-keys.pem -nodes -nocerts
openssl pkcs12 -in myComodo.p12 -out myComodo-certs.pem -nodes -nokeys
openssl pkcs12 -export -in myComodo-certs.pem -inkey myComodo-keys.pem -out myComodo-new.p12 -name "myalias"


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira