Uploaded image for project: 'Maven Jar Signer Plugin'
  1. Maven Jar Signer Plugin
  2. MJARSIGNER-26

Jar Signer does not support protected authentication path

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.2
    • 1.3
    • None
    • Patch

    Description

      The jarsigner tool has an option "-protected" (see http://docs.oracle.com/javase/6/docs/technotes/tools/windows/jarsigner.html#Options, documentation for option -storetype): a PCKS#11 token may have a protected authentication path (such as a dedicated PIN-pad or a biometric reader). In such case the -protected option must be specified and no password options can be specified.

      The current version does not support this option. Please find patches for maven-jarsigner-1.0 and maven-jarsigner-plugin (Version 1.3-SNAPSHOT) attached.

      Testcases are left out because a pin reader, a PCKS#11 smart card and human interaction would be necessary to test this scenario. However, the patched version works fine in my environment.

      Attachments

        1. maven-jarsigner-1.0.patch
          3 kB
          Michael Gruebsch
        2. maven-jarsigner-plugin-1.2.patch
          1 kB
          Michael Gruebsch

        Issue Links

          Activity

            People

              tchemit Tony Chemit
              mgruebsch Michael Gruebsch
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: