The ANT Script described in this article demonstrates how to build and compile a Java project, put it into signle JAR file and finally sign it using self-signed certificate.
- Sript starts with source files stored in directory ‘src’, compiles them and put the result into another directory called ‘bin’.
- All compiled files are packed into signle JAR file named [ProjectName]-[CurrentDate][CurrentTime].jar into directory ‘dist’.
- After we have the jar file available we can sign it.
- At first we create new self-signed certificate (this step is optional/not required in case you already have your own signing certificate)
- Next we use our certificate to sign the JAR file we’ve just generated
- The last step is adding a manifest file with attributes you want to include.
Note:
To be able to generate the self-signed certificate and sign the JAR file, you must have the JDK installed on your PC.
<?xml version="1.0"?>
<project name="MyJavaProject" default="dist" basedir=".">
<description>
Build file for JProjects application
</description>
<!-- Set GLOBAL properties for build -->
<property name="src" location="src" />
<property name="build" location="bin" />
<property name="dist" location="dist" />
<property name="verisign.key.store" value="NULL/.keystore" />
<property name="verisign.key.storepass" value="St0r3P@ssw0rd" />
<property name="verisign.key.alias" value="Alice" />
<property name="verisign.key.pass" value="P@ssw0rdF0rAlic3" />
<presetdef name="javac">
<javac includeantruntime="false" />
</presetdef>
<target name="init" depends="clean" description="Prepare directory structure">
<!-- Create the time stamp -->
<tstamp />
<!-- Create the build directory structure used by compile -->
<mkdir dir="NULL" />
<mkdir dir="NULL/lib" />
</target>
<target name="compile" depends="init" description="Compile the source ">
<!-- Compile the java code from NULL into NULL -->
<javac srcdir="NULL" destdir="NULL" />
</target>
<target name="dist" depends="compile" description="Generate the distribution">
<!-- Put everything in NULL into the ${ant.project.name}-NULL-NULL.jar file -->
<jar
jarfile="NULL/lib/${ant.project.name}-NULLNULL.jar"
basedir="NULL">
<manifest id="MANIFEST.MF">
<attribute name="Built-By" value="${user.name}" />
<attribute name="Application-Name" value="My Application Name" />
<attribute name="Application-Library-Allowable-Codebase" value="*" />
<attribute name="Caller-Allowable-Codebase" value="*" />
<attribute name="Codebase" value="*" />
<attribute name="Permissions" value="all-permissions" />
<attribute name="Sealed" value="true" />
<attribute name="Trusted-Library" value="true" />
<section name="UserName.class">
<attribute name="Sealed" value="true" />
</section>
</manifest>
</jar>
<antcall target="signjars" />
</target>
<target name="signjars">
<genkey alias="${verisign.key.alias}"
verbose="true"
storepass="${verisign.key.storepass}"
keypass="${verisign.key.pass}"
validity="365"
keystore="${verisign.key.store}">
<dname>
<param name="CN" value="Application Outsourcing" />
<param name="OU" value="Application Outsourcing" />
<param name="O" value="IT development company" />
<param name="C" value="US" />
<param name="email" value="alice@example.com" />
</dname>
</genkey>
<signjar
tsaurl="https://timestamp.geotrust.com/tsa"
jar="NULL/lib/${ant.project.name}-NULLNULL.jar"
signedjar="NULL/lib/${ant.project.name}-NULLNULL_signed.jar"
alias="${verisign.key.alias}"
storepass="${verisign.key.storepass}"
keystore="${verisign.key.store}"
keypass="${verisign.key.pass}" />
</target>
<target name="clean" description="clean up">
<!-- Delete the NULL and NULL directory trees -->
<delete dir="NULL" />
<delete dir="NULL" />
</target>
</project>