Hi,
I am trying to get the JetBrains marketplace-zip-signer to work with Jsign.
It seemed like it could be possible, but I am running into an issue that marketplace-zip-signer does not provide a way to pass the keystore provider arg to Jsign. When running the following command:
# provider.properties just contains: security.provider.1=net.jsign.jca.JsignJcaProvider
java -cp marketplace-zip-signer-cli.jar:jsign.jar \
-Djava.security.properties=provider.properties \
org.jetbrains.zip.signer.ZipSigningTool sign \
-ks-provider-name Jsign \
-ks example.p12 \
-ks-type pkcs12 \
-ks-pass changeit \
-ks-key-alias test \
-cert example.crt \
-in jsign-marketplace.zip \
-out jsign-marketplace-signed.zipI get the error:
Exception in thread "main" java.lang.IllegalArgumentException: keystore parameter must be set
at net.jsign.KeyStoreType$4.validate(KeyStoreType.java:152)
at net.jsign.KeyStoreBuilder.validate(KeyStoreBuilder.java:264)
at net.jsign.KeyStoreBuilder.build(KeyStoreBuilder.java:284)
at net.jsign.jca.JsignJcaProvider$JsignJcaKeyStore.getKeyStore(JsignJcaProvider.java:110)
at net.jsign.jca.JsignJcaProvider$JsignJcaKeyStore.engineAliases(JsignJcaProvider.java:143)
at net.jsign.jca.AbstractKeyStoreSpi.engineContainsAlias(AbstractKeyStoreSpi.java:71)
at net.jsign.jca.AbstractKeyStoreSpi.engineIsKeyEntry(AbstractKeyStoreSpi.java:87)
at java.base/java.security.KeyStore.isKeyEntry(KeyStore.java:1346)
at org.jetbrains.zip.signer.signer.KeystoreUtilsKt.getSignerInfo(KeystoreUtils.kt:21)
at org.jetbrains.zip.signer.signer.SignerInfoLoader.loadSignerInfoFromKeystore(SignerInfoLoader.kt:20)
at org.jetbrains.zip.signer.signer.SignerInfoLoader.loadSignerInfoFromKeystore$default(SignerInfoLoader.kt:10)
at org.jetbrains.zip.signer.ZipSigningTool.sign(ZipSigningTool.kt:46)
at org.jetbrains.zip.signer.ZipSigningTool.main(ZipSigningTool.kt:29)So it seems that either marketplace-zip-signer or jsign would need to be slightly changed to allow integration.
One idea would be for Jsign to try to read the provider arg from a system property as a fallback. Then you could pass the keystore provider arg as a system property, which could make integration more easy with other tools.
Or maybe there is a better solution?
Thanks for any suggestions
Hi,
I am trying to get the JetBrains marketplace-zip-signer to work with Jsign.
It seemed like it could be possible, but I am running into an issue that marketplace-zip-signer does not provide a way to pass the keystore provider arg to Jsign. When running the following command:
I get the error:
So it seems that either marketplace-zip-signer or jsign would need to be slightly changed to allow integration.
One idea would be for Jsign to try to read the provider arg from a system property as a fallback. Then you could pass the keystore provider arg as a system property, which could make integration more easy with other tools.
Or maybe there is a better solution?
Thanks for any suggestions