Package org.apache.maven.shared.jarsigner

Class JarSignerUtil

java.lang.Object

org.apache.maven.shared.jarsigner.JarSignerUtil

public class JarSignerUtil
extends java.lang.Object

Useful methods.

Since:

1.0

Constructor Summary

Constructors

Modifier	Constructor	Description
private	JarSignerUtil()

Method Summary

Modifier and Type	Method	Description
protected static java.util.jar.Manifest	buildUnsignedManifest(java.util.jar.Manifest manifest)	Build a new manifest from the given one, removing any signing information inside it.
private static boolean	endsWithIgnoreCase(java.lang.String str, java.lang.String searchStr)
static boolean	isArchiveSigned(java.io.File jarFile)	Scans an archive for existing signatures.
protected static boolean	isManifestFile(java.lang.String entryName)
protected static boolean	isSignatureFile(java.lang.String entryName)	Checks whether the specified JAR file entry denotes a signature-related file, i.e.
static boolean	isZipFile(java.io.File file)	Checks whether the specified file is a JAR file.
static void	unsignArchive(java.io.File jarFile)	Removes any existing signatures from the specified JAR file.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

JarSignerUtil

private JarSignerUtil()

Method Detail

isZipFile

public static boolean isZipFile(java.io.File file)

Checks whether the specified file is a JAR file. For our purposes, a ZIP file is a ZIP stream with at least one entry.

Parameters:

file - The file to check, must not be null.

Returns:

true if the file looks like a ZIP file, false otherwise.

unsignArchive

public static void unsignArchive(java.io.File jarFile)
                          throws java.io.IOException

Removes any existing signatures from the specified JAR file. We will stream from the input JAR directly to the output JAR to retain as much metadata from the original JAR as possible.

Parameters:

jarFile - The JAR file to unsign, must not be null.

Throws:

java.io.IOException - when error occurs during processing the file

buildUnsignedManifest

protected static java.util.jar.Manifest buildUnsignedManifest(java.util.jar.Manifest manifest)

Build a new manifest from the given one, removing any signing information inside it. This is done by removing any attributes containing some digest information. If an entry has then no more attributes, then it will not be written in the result manifest.

Parameters:

manifest - manifest to clean

Returns:

the build manifest with no digest attributes

Since:

1.3

isArchiveSigned

public static boolean isArchiveSigned(java.io.File jarFile)
                               throws java.io.IOException

Scans an archive for existing signatures.

Parameters:

jarFile - The archive to scan, must not be null.

Returns:

true, if the archive contains at least one signature file; false, if the archive does not contain any signature files.

Throws:

java.io.IOException - if scanning jarFile fails.

isSignatureFile

protected static boolean isSignatureFile(java.lang.String entryName)

Checks whether the specified JAR file entry denotes a signature-related file, i.e. matches META-INF/*.SF, META-INF/*.DSA, META-INF/*.RSA or META-INF/*.EC.

Parameters:

entryName - The name of the JAR file entry to check, must not be null.

Returns:

true if the entry is related to a signature, false otherwise.

isManifestFile

protected static boolean isManifestFile(java.lang.String entryName)

endsWithIgnoreCase

private static boolean endsWithIgnoreCase(java.lang.String str,
                                          java.lang.String searchStr)