1GJARSIGNER(1)                         GNU                        GJARSIGNER(1)
2
3
4

NAME

6       gjarsigner - Java ARchive (JAR) file signing and verification tool
7

SYNOPSIS

9       jarsigner [OPTION]... FILE ALIAS
10
11       jarsigner -verify [OPTION]... FILE
12

DESCRIPTION

14       When the first form is used, the tool signs the designated JAR file.
15       The second form, on the other hand, is used to verify a previously
16       signed JAR file.
17
18       FILE is the .JAR file to process; i.e., to sign if the first syntax
19       form is used, or to verify if the second syntax form is used instead.
20
21       ALIAS must be a known Alias of a Key Entry in the designated Key Store.
22       The private key material associated with this Alias is then used for
23       signing the designated .JAR file.
24

OPTIONS

26       Common options
27
28       The following options may be used when the tool is used for either
29       signing, or verifying, a .JAR file.
30
31       -verbose
32           Use this option to force the tool to generate more verbose
33           messages, during its processing.
34
35       -internalsf
36           When present, the tool will include --which otherwise it does not--
37           the ".SF" file in the ".DSA" generated file.
38
39       -sectionsonly
40           When present, the tool will include in the ".SF" generated file
41           --which otherwise it does not-- a header containing a hash of the
42           whole manifest file.  When that header is included, the tool can
43           quickly check, during verification, if the hash (in the header)
44           matches or not the manifest file.
45
46       -provider PROVIDER_CLASS_NAME
47           A fully qualified class name of a Security Provider to add to the
48           current list of Security Providers already installed in the JVM in-
49           use. If a provider class is specified with this option, and was
50           successfully added to the runtime --i.e. it was not already
51           installed-- then the tool will attempt to remove this Security
52           Provider before exiting.
53
54       -help
55           Prints a help text similar to this one.
56
57       Signing options
58
59       The following options may be specified when using the tool for signing
60       purposes.
61
62       -keystore URL
63           Use this option to specify the location of the key store to use.
64           The default value is a file URL referencing the file named
65           .keystore located in the path returned by the call to
66           "java.lang.System#getProperty(String)" using "user.home" as
67           argument.
68
69           If a URL was specified, but was found to be malformed --e.g.
70           missing protocol element-- the tool will attempt to use the URL
71           value as a file-name (with absolute or relative path-name) of a key
72           store --as if the protocol was "file:".
73
74       -storetype STORE_TYPE
75           Use this option to specify the type of the key store to use. The
76           default value, if this option is omitted, is that of the property
77           "keystore.type" in the security properties file, which is obtained
78           by invoking the static method call "getDefaultType()" in
79           "java.security.KeyStore".
80
81       -storepass PASSWORD
82           Use this option to specify the password which will be used to
83           unlock the key store. If this option is missing, the User will be
84           prompted to provide a password.
85
86       -keypass PASSWORD
87           Use this option to specify the password which the tool will use to
88           unlock the Key Entry associated with the designated Alias.
89
90           If this option is omitted, the tool will first attempt to unlock
91           the Key Entry using the same password protecting the key store. If
92           this fails, you will then be prompted to provide a password.
93
94       -sigfile NAME
95           Use this option to designate a literal that will be used to
96           construct file names for both the ".SF" and ".DSA" signature files.
97           These files  will be generated, by the tool, and placed in the
98           META-INF directory of the signed JAR.  Permissible characters for
99           NAME must be in the range "a-zA-Z0-9_-".  All characters will be
100           converted to upper-case ones.
101
102           If this option is missing, the first eight characters of the ALIAS
103           argument will be used. When this is the case, any character in
104           ALIAS that is outside the permissible range of characters will be
105           replaced by an underscore.
106
107       -signedjar FILE
108           Use this option to specify the file name of the signed JAR. If this
109           option is omitted, then the signed JAR will be named the same as
110           FILE; i.e., the input JAR file will be replaced with the signed
111           copy.
112
113       Verification options
114
115       The following options may be specified when using the tool for
116       verification purposes.
117
118       -verify
119           Use this option to indicate that the tool is to be used for
120           verification purposes.
121
122       -certs
123           This option is used in conjunction with the -verbose option. When
124           present, along with the -verbose option, the tool will print more
125           detailed information about the certificates of the signer(s) being
126           processed.
127

BUGS

SEE ALSO
AUTHOR
1310.98                              2010-04-27                     GJARSIGNER(1)



        

    


            
        

        

            Impressum