You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by tc...@apache.org on 2014/01/10 22:12:25 UTC
svn commit: r1557259 - in /maven/plugins/trunk/maven-jarsigner-plugin: ./
src/main/java/org/apache/maven/plugins/jarsigner/
Author: tchemit
Date: Fri Jan 10 21:12:24 2014
New Revision: 1557259
URL: http://svn.apache.org/r1557259
Log:
MJARSIGNER-34 - The 'verify' goal of the plugin is passing '-keystore' but not '-storetype'.
Modified:
maven/plugins/trunk/maven-jarsigner-plugin/pom.xml
maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java
maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java
maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java
Modified: maven/plugins/trunk/maven-jarsigner-plugin/pom.xml
URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/pom.xml?rev=1557259&r1=1557258&r2=1557259&view=diff
==============================================================================
--- maven/plugins/trunk/maven-jarsigner-plugin/pom.xml (original)
+++ maven/plugins/trunk/maven-jarsigner-plugin/pom.xml Fri Jan 10 21:12:24 2014
@@ -107,7 +107,7 @@ under the License.
<dependency>
<groupId>org.apache.maven.shared</groupId>
<artifactId>maven-jarsigner</artifactId>
- <version>1.3.1</version>
+ <version>1.3.2-SNAPSHOT</version>
</dependency>
</dependencies>
@@ -167,6 +167,37 @@ under the License.
<artifactId>maven-plugin-plugin</artifactId>
<version>${mavenPluginPluginVersion}</version>
</plugin>
+ <!-- TODO: remove when upgrading to maven-plugins 25 -->
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-project-info-reports-plugin</artifactId>
+ <version>2.7</version>
+ <configuration>
+ <dependencyLocationsEnabled>false</dependencyLocationsEnabled><!-- waiting for MPIR-267 -->
+ </configuration>
+ <reportSets>
+ <reportSet>
+ <reports>
+ <report>index</report>
+ <report>summary</report>
+ <report>dependency-info</report>
+ <report>modules</report>
+ <report>license</report>
+ <report>project-team</report>
+ <report>scm</report>
+ <report>issue-tracking</report>
+ <report>mailing-list</report>
+ <report>dependency-management</report>
+ <report>dependencies</report>
+ <report>dependency-convergence</report>
+ <report>cim</report>
+ <report>plugin-management</report>
+ <report>plugins</report>
+ <report>distribution-management</report>
+ </reports>
+ </reportSet>
+ </reportSets>
+ </plugin>
</plugins>
</reporting>
Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java
URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java?rev=1557259&r1=1557258&r2=1557259&view=diff
==============================================================================
--- maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java (original)
+++ maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java Fri Jan 10 21:12:24 2014
@@ -36,6 +36,8 @@ import org.apache.maven.shared.utils.cli
import org.apache.maven.shared.utils.io.FileUtils;
import org.apache.maven.toolchain.Toolchain;
import org.apache.maven.toolchain.ToolchainManager;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
+import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;
import java.io.File;
import java.io.IOException;
@@ -69,6 +71,24 @@ public abstract class AbstractJarsignerM
private String keystore;
/**
+ * See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
+ */
+ @Parameter( property = "jarsigner.storetype" )
+ private String storetype;
+
+ /**
+ * See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
+ */
+ @Parameter( property = "jarsigner.storepass" )
+ private String storepass;
+
+ /**
+ * See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
+ */
+ @Parameter( property = "jarsigner.alias" )
+ private String alias;
+
+ /**
* The maximum memory available to the JAR signer, e.g. <code>256M</code>. See <a
* href="http://java.sun.com/javase/6/docs/technotes/tools/windows/java.html#Xms">-Xmx</a> for more details.
*/
@@ -208,6 +228,12 @@ public abstract class AbstractJarsignerM
@Component
private ToolchainManager toolchainManager;
+ /**
+ * @since 1.3.2
+ */
+ @Component( hint = "mng-4384" )
+ private SecDispatcher securityDispatcher;
+
public final void execute()
throws MojoExecutionException
{
@@ -334,7 +360,19 @@ public abstract class AbstractJarsignerM
throw new NullPointerException( "commandLine" );
}
- return commandLine.toString();
+ String commandLineInfo = commandLine.toString();
+ commandLineInfo = StringUtils.replace( commandLineInfo, this.storepass, "'*****'" );
+ return commandLineInfo;
+ }
+
+ public String getStoretype()
+ {
+ return storetype;
+ }
+
+ public String getStorepass()
+ {
+ return storepass;
}
/**
@@ -427,13 +465,18 @@ public abstract class AbstractJarsignerM
JarSignerRequest request = createRequest( archive );
request.setVerbose( verbose );
+ request.setAlias( alias );
request.setArchive( archive );
request.setKeystore( keystore );
+ request.setStoretype( storetype );
request.setWorkingDirectory( workingDirectory );
request.setMaxMemory( maxMemory );
request.setArguments( arguments );
request.setProtectedAuthenticationPath( protectedAuthenticationPath );
+ // Special handling for passwords through the Maven Security Dispatcher
+ request.setStorepass( decrypt( storepass ) );
+
try
{
JavaToolResult result = jarSigner.execute( request );
@@ -455,6 +498,20 @@ public abstract class AbstractJarsignerM
}
}
+ protected String decrypt(String encoded)
+ throws MojoExecutionException
+ {
+ try
+ {
+ return securityDispatcher.decrypt( encoded );
+ }
+ catch ( SecDispatcherException e )
+ {
+ getLog().error( "error using security dispatcher: " + e.getMessage(), e );
+ throw new MojoExecutionException( "error using security dispatcher: " + e.getMessage(), e );
+ }
+ }
+
/**
* Gets a message for a given key from the resource bundle backing the implementation.
*
Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java
URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java?rev=1557259&r1=1557258&r2=1557259&view=diff
==============================================================================
--- maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java (original)
+++ maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerSignMojo.java Fri Jan 10 21:12:24 2014
@@ -20,7 +20,6 @@ package org.apache.maven.plugins.jarsign
*/
import org.apache.maven.plugin.MojoExecutionException;
-import org.apache.maven.plugins.annotations.Component;
import org.apache.maven.plugins.annotations.LifecyclePhase;
import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
@@ -29,8 +28,6 @@ import org.apache.maven.shared.jarsigner
import org.apache.maven.shared.jarsigner.JarSignerUtil;
import org.apache.maven.shared.utils.StringUtils;
import org.apache.maven.shared.utils.cli.Commandline;
-import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher;
-import org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException;
import java.io.File;
import java.io.IOException;
@@ -50,12 +47,6 @@ public class JarsignerSignMojo
/**
* See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
*/
- @Parameter( property = "jarsigner.storepass" )
- private String storepass;
-
- /**
- * See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
- */
@Parameter( property = "jarsigner.keypass" )
private String keypass;
@@ -68,12 +59,6 @@ public class JarsignerSignMojo
/**
* See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
*/
- @Parameter( property = "jarsigner.storetype" )
- private String storetype;
-
- /**
- * See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
- */
@Parameter( property = "jarsigner.providerName" )
private String providerName;
@@ -90,12 +75,6 @@ public class JarsignerSignMojo
private String providerArg;
/**
- * See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
- */
- @Parameter( property = "jarsigner.alias", required = true )
- private String alias;
-
- /**
* Indicates whether existing signatures should be removed from the processed JAR files prior to signing them. If
* enabled, the resulting JAR will appear as being signed only once.
*
@@ -120,12 +99,6 @@ public class JarsignerSignMojo
@Parameter( property = "jarsigner.tsacert" )
private String tsacert;
- /**
- * @since 1.3
- */
- @Component( hint = "mng-4384")
- private SecDispatcher securityDispatcher;
-
@Override
protected String getCommandlineInfo( final Commandline commandLine )
{
@@ -134,7 +107,6 @@ public class JarsignerSignMojo
if ( commandLineInfo != null )
{
commandLineInfo = StringUtils.replace( commandLineInfo, this.keypass, "'*****'" );
- commandLineInfo = StringUtils.replace( commandLineInfo, this.storepass, "'*****'" );
}
return commandLineInfo;
@@ -164,26 +136,15 @@ public class JarsignerSignMojo
throws MojoExecutionException
{
JarSignerSignRequest request = new JarSignerSignRequest();
- request.setAlias( alias );
request.setProviderArg( providerArg );
request.setProviderClass( providerClass );
request.setProviderName( providerName );
request.setSigfile( sigfile );
- request.setStoretype( storetype );
request.setTsaLocation( tsa );
request.setTsaAlias( tsacert );
// Special handling for passwords through the Maven Security Dispatcher
- try
- {
- request.setKeypass( securityDispatcher.decrypt( keypass ) );
- request.setStorepass( securityDispatcher.decrypt( storepass ) );
- }
- catch ( SecDispatcherException e )
- {
- getLog().error( "error using security dispatcher: " + e.getMessage(), e );
- throw new MojoExecutionException( "error using security dispatcher: " + e.getMessage(), e );
- }
+ request.setKeypass( decrypt( keypass ) );
return request;
}
Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java
URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java?rev=1557259&r1=1557258&r2=1557259&view=diff
==============================================================================
--- maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java (original)
+++ maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java Fri Jan 10 21:12:24 2014
@@ -48,12 +48,6 @@ public class JarsignerVerifyMojo
@Parameter( property = "jarsigner.certs", defaultValue = "false" )
private boolean certs;
- /**
- * See <a href="http://java.sun.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options">options</a>.
- */
- @Parameter( property = "jarsigner.alias" )
- private String alias;
-
/** When <code>true</code> this will make the execute() operation fail,
* throwing an exception, when verifying a non signed jar.
*
@@ -71,7 +65,6 @@ public class JarsignerVerifyMojo
protected JarSignerRequest createRequest( File archive )
{
JarSignerVerifyRequest request = new JarSignerVerifyRequest();
- request.setAlias( alias );
request.setCerts( certs );
return request;
}