diff --git a/CONTRIBUTORS b/CONTRIBUTORS index f131c3d67..83eb91a32 100644 --- a/CONTRIBUTORS +++ b/CONTRIBUTORS @@ -359,6 +359,7 @@ Victor Toni Vincent Legoll Volker Leidl Waldek Herka +Wang Weijun Will Wang William Bernardet William Ferguson diff --git a/WHATSNEW b/WHATSNEW index e3c50e309..4bbecb999 100644 --- a/WHATSNEW +++ b/WHATSNEW @@ -167,6 +167,10 @@ Other changes: be used to make the task sleep between retry attempts. Bugzilla Report 52076. + * has new attributes that control the signature and digest + algorithms. + Bugzilla Report 52344. + Changes from Ant 1.8.1 TO Ant 1.8.2 =================================== diff --git a/contributors.xml b/contributors.xml index 8e22b25cb..5237b93cc 100644 --- a/contributors.xml +++ b/contributors.xml @@ -1444,6 +1444,10 @@ Volker Leidl + + Wang + Weijun + Will Wang diff --git a/manual/Tasks/signjar.html b/manual/Tasks/signjar.html index 65b5bea17..87cb460ce 100644 --- a/manual/Tasks/signjar.html +++ b/manual/Tasks/signjar.html @@ -158,6 +158,16 @@ block since Ant 1.8.0. No; default false + + sigalg + name of signature algorithm + No + + + digestalg + name of digest algorithm + No +

Parameters as nested elements

@@ -230,6 +240,24 @@ all be copied to this directory, not to subdirectories.

Sign all the JAR files in dist/**/*.jar in-situ. Lazy signing is used, so the files will only be signed if they are not already signed. +

+ 
+<signjar
+    alias="testonly" keystore="testkeystore"
+    storepass="apacheant"
+    sigalg="MD5withRSA"
+    digestalg="SHA1">
+  <path>
+    <fileset dir="dist" includes="**/*.jar" />
+  </path>
+</signjar>
+
+

+Sign all the JAR files in dist/**/*.jar using the digest algorithm SHA1 and the +signature algorithm MD5withRSA. This is especially useful when you want to use +the JDK 7 jarsigner (which uses SHA256 and SHA256withRSA as default) to create +signed jars that will be deployed on platforms not supporting SHA256 and +SHA256withRSA.

About timestamp signing

diff --git a/src/main/org/apache/tools/ant/taskdefs/SignJar.java b/src/main/org/apache/tools/ant/taskdefs/SignJar.java index 8ebf65b4e..f7794c55e 100644 --- a/src/main/org/apache/tools/ant/taskdefs/SignJar.java +++ b/src/main/org/apache/tools/ant/taskdefs/SignJar.java @@ -109,6 +109,16 @@ public class SignJar extends AbstractJarSignerTask { */ private boolean force = false; + /** + * signature algorithm + */ + private String sigAlg; + + /** + * digest algorithm + */ + private String digestAlg; + /** * error string for unit test verification: {@value} */ @@ -275,6 +285,38 @@ public class SignJar extends AbstractJarSignerTask { return force; } + /** + * Signature Algorithm; optional + * + * @param sigAlg the signature algorithm + */ + public void setSigAlg(String sigAlg) { + this.sigAlg = sigAlg; + } + + /** + * Signature Algorithm; optional + */ + public String getSigAlg() { + return sigAlg; + } + + /** + * Digest Algorithm; optional + * + * @param digestAlg the digest algorithm + */ + public void setDigestAlg(String digestAlg) { + this.digestAlg = digestAlg; + } + + /** + * Digest Algorithm; optional + */ + public String getDigestAlg() { + return digestAlg; + } + /** * sign the jar(s) * @@ -420,6 +462,16 @@ public class SignJar extends AbstractJarSignerTask { addValue(cmd, "-sectionsonly"); } + if (sigAlg != null) { + addValue(cmd, "-sigalg"); + addValue(cmd, sigAlg); + } + + if (digestAlg != null) { + addValue(cmd, "-digestalg"); + addValue(cmd, digestAlg); + } + //add -tsa operations if declared addTimestampAuthorityCommands(cmd);