-
Notifications
You must be signed in to change notification settings - Fork 3
/
niagara.signing.properties
46 lines (36 loc) · 1.22 KB
/
niagara.signing.properties
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#
# Copyright (c) 2024, Novant LLC
# Licensed under the MIT License
#
niagara.signing.profileType=com.tridium.gradle.plugins.signing.profile.JarSignerSigningProfile
# If the jarsigner on your PATH does not support PKCS11 signing, set
# the full path to a working jarsigner here.
jarsigner.cmd=jarsigner
# -keystore NONE
jarsigner.args+=-keystore
jarsigner.args+=NONE
# -storetype PKCS11
jarsigner.args+=-storetype
jarsigner.args+=PKCS11
# -storepass NONE
jarsigner.args+=-storepass
jarsigner.args+=NONE
# -sigalg SHA256withRSA
jarsigner.args+=-sigalg
jarsigner.args+=SHA256withRSA
# -providerClass sun.security.pkcs11.SunPKCS11
jarsigner.args+=-providerClass
jarsigner.args+=sun.security.pkcs11.SunPKCS11
# -providerArg <path to pkcs11properties.cfg>
jarsigner.args+=-providerArg
jarsigner.args+="${jarsigner.provider}"
# -signedjar <path to signed file output> <unsigned file path> <key alias>
jarsigner.args+=-signedjar
jarsigner.args+=${destfile}
jarsigner.args+=${srcfile}
# NOTE: ensure the alias in build.gradle.kts matches what's registered
# in your HSM and wrap in double quotes in contains spaces
jarsigner.args+=${alias}
# -tsa http://timestamp.digicert.com
jarsigner.args+=-tsa
jarsigner.args+=http://timestamp.digicert.com