Last active
March 1, 2016 15:26
-
-
Save robinsmidsrod/5354172e1b6aa428d26b to your computer and use it in GitHub Desktop.
Batch file for cmd.exe for signing an existing Java archive (.jar file)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| set startdir=%cd% | |
| set tmpdir="C:\Temp\signjar.tmp" | |
| set notepadpp="C:\Program Files (x86)\Notepad++\notepad++.exe" | |
| set veracrypt="C:\Program Files\VeraCrypt\VeraCrypt.exe" | |
| set vc_volume="\\nas\company\kunder\Fagbokforlaget V&B AS\code-signing\FVB.hc" | |
| set vc_drive="K" | |
| set timestamp_url="https://timestamp.geotrust.com/tsa" | |
| set keystore="K:\FVB.pfx" | |
| set keystore_alias="FVB" | |
| set arg=%~1 | |
| IF "%arg%"=="" ( | |
| echo Please specify a .jar file | |
| exit /B 1 | |
| ) | |
| IF EXIST %tmpdir% ( | |
| rmdir /S /Q %tmpdir% | |
| ) | |
| IF EXIST %tmpdir% ( | |
| echo Unable to remove %tmpdir% | |
| exit /B 1 | |
| ) | |
| mkdir %tmpdir% | |
| IF NOT EXIST %keystore% ( | |
| echo Please ensure %keystore% is readable. Running VeraCrypt now... | |
| %veracrypt% /q /l %vc_drive% /v %vc_volume% | |
| exit /B 1 | |
| ) | |
| pushd %tmpdir% | |
| IF EXIST "%arg%" ( | |
| set jarfile=%arg% | |
| ) ELSE ( | |
| IF EXIST "%startdir%\%arg%" ( | |
| set jarfile=%startdir%\%arg% | |
| ) ELSE ( | |
| echo Please specify a valid .jar file | |
| popd | |
| exit /B 1 | |
| ) | |
| ) | |
| echo Unpacking "%jarfile%" into %tmpdir%... | |
| jar xf "%jarfile%" | |
| popd | |
| set manifest="%jarfile%.manifest" | |
| IF EXIST %manifest% ( | |
| echo Using JAR manifest %manifest% | |
| ) ELSE ( | |
| COPY /-Y %tmpdir%\META-INF\MANIFEST.MF %manifest% | |
| echo Edit %manifest% and add at least the following settings: | |
| echo ############################################################################ | |
| echo # | |
| echo Main-Class: MyEntryPointClass | |
| echo Permissions: sandbox # for regular applets | |
| echo Permissions: all-permissions # or for full access applets | |
| echo Codebase: * # which FQDNs the applet can run on | |
| echo Caller-Allowable-Codebase: * # if you need to call it from JavaScript | |
| echo # | |
| echo # http://docs.oracle.com/javase/8/docs/technotes/guides/deploy/manifest.html | |
| echo ############################################################################ | |
| %notepadpp% %manifest% | |
| exit /B 1 | |
| ) | |
| echo Packing %tmpdir% into "%jarfile%.packed" | |
| jar cfm "%jarfile%.packed" %manifest% -C %tmpdir% . | |
| IF NOT EXIST "%jarfile%.packed" ( | |
| echo Packing .jar file failed | |
| exit /B 1 | |
| ) | |
| echo Signing "%jarfile%.packed" into "%jarfile%.signed" | |
| jarsigner -tsa %timestamp_url% -keystore %keystore% -signedjar "%jarfile%.signed" "%jarfile%.packed" %keystore_alias% | |
| del /Q /F "%jarfile%.packed" | |
| IF EXIST "%jarfile%.signed" ( | |
| move /Y "%jarfile%.signed" "%jarfile%" | |
| ) ELSE ( | |
| echo JAR signing failed | |
| exit /B 1 | |
| ) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment