如何签署我的 ProGuard ed Scala 独立 JAR?

发布于 2024-09-11 00:30:00 字数 1647 浏览 10 评论 0原文

我已经在 Scala 中构建了一个(命令行)应用程序,我想将其作为独立的 JAR 进行分发。我正在使用 sbt 构建它:

import sbt._

class Project(info: ProjectInfo) extends DefaultProject(info) with ProguardProject {
  override def parallelExecution = true      
  override def mainClass: Option[String] = // whatever

  override def libraryDependencies = Set(
    // whatever
  ) ++ super.libraryDependencies

  override def proguardOptions = List(
      "-keepclasseswithmembers public class * { public static void main(java.lang.String[]); }",
      "-dontoptimize",
      "-dontobfuscate",
      proguardKeepLimitedSerializability,
      proguardKeepAllScala,
      "-keep interface scala.ScalaObject"
  )
}

我可以使用 sbt run 运行我的代码,并且我可以将其打包并在其上运行 ProGuard(我对混淆不感兴趣 - 该项目将是无论如何都是开源的),我只是用它来生成一个独立的 JAR)。所以,我最终得到了一个内置于 target/scala_2.8.0/ 的 .min.jar 文件,

这就是事情变得复杂的地方。如果我运行这个 JAR,我会得到:

线程“main”中出现异常 java.lang.SecurityException:Manifest 主要属性的签名文件摘要无效

好吧,我还没有签名。

因此,我自己生成一个签名密钥,如下所示:

keytool -keystore ~/.keystore -genkey -alias tom

然后,按照 Java 文档,我尝试对 JAR 进行签名:

jarsigner -signedjar [whatever].jar -keystore ~/.keystore target/scala_2.8.0/[whatever]-1.0.min.jar tom

它提示我:

Enter Passphrase for keystore: 

Warning: 
The signer certificate will expire within six months.

好的,没问题。现在,它肯定会运行!

$ java -jar [whatever].jar
Exception in thread "main" java.lang.SecurityException: Invalid signature file digest for Manifest main attributes

我不知道从哪里开始。我对 Java 平台还比较陌生。

I've built a (command-line) application in Scala that I want to distribute as a standalone JAR. I'm building it with sbt:

import sbt._

class Project(info: ProjectInfo) extends DefaultProject(info) with ProguardProject {
  override def parallelExecution = true      
  override def mainClass: Option[String] = // whatever

  override def libraryDependencies = Set(
    // whatever
  ) ++ super.libraryDependencies

  override def proguardOptions = List(
      "-keepclasseswithmembers public class * { public static void main(java.lang.String[]); }",
      "-dontoptimize",
      "-dontobfuscate",
      proguardKeepLimitedSerializability,
      proguardKeepAllScala,
      "-keep interface scala.ScalaObject"
  )
}

I can run my code with sbt run fine, and I can package it and run ProGuard over it (I'm not interested in obfuscating - the project is going to be open source anyway), I'm just using it to produce a standalone JAR). So, I eventually get a .min.jar file built in target/scala_2.8.0/

This is where it gets complicated. If I run this JAR, I get:

Exception in thread "main" java.lang.SecurityException: Invalid signature file digest for Manifest main attributes

Okay, I haven't signed it.

So, I generate myself a signing key as follows:

keytool -keystore ~/.keystore -genkey -alias tom

And then, following the Java documentation, I try to sign the JAR:

jarsigner -signedjar [whatever].jar -keystore ~/.keystore target/scala_2.8.0/[whatever]-1.0.min.jar tom

It prompts me:

Enter Passphrase for keystore: 

Warning: 
The signer certificate will expire within six months.

Okay, that's fine. Now, surely, it'll run!

$ java -jar [whatever].jar
Exception in thread "main" java.lang.SecurityException: Invalid signature file digest for Manifest main attributes

I have no idea where to begin. I'm relatively new to the Java platform.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

離殇 2024-09-18 00:30:00

我认为您不需要 ProGuard 和签名来生成独立的 jar。您只需将所需的所有类和 META-INF 目录以及正确的类路径和主类集打包在 zip 文件中,将其重命名为 jar 即可运行。请参阅本教程

抱歉,我没有回答你的问题,我只是不明白你为什么要在你的罐子上签名。

I don't think you need ProGuard and signing to produce a standalone jar. You can just pack all the classes you need and a META-INF directory with proper classpath and main class set in a zip file, rename it to jar and it should run. See this tutorial.

Sorry, I didn't answer your question, I just don't understand why you want to sign your jar.

尴尬癌患者 2024-09-18 00:30:00

我遇到了同样的问题,问题似乎是 sun 的 jar 签名是由 proguard 添加到 META-INF 目录中的。我刚刚将它们添加到过滤后的文件中:

override def makeInJarFilter (file :String) =
  super.makeInJarFilter(file) + ",!**/SUN_MICR.RSA,!**/SUN_MICR.SF"

现在它工作正常。

I ran into the same problem and it appears the problem was that sun's jar signatures were added by proguard in the META-INF directory. I just added them to the filtered files:

override def makeInJarFilter (file :String) =
  super.makeInJarFilter(file) + ",!**/SUN_MICR.RSA,!**/SUN_MICR.SF"

and it works perfectly now.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文