antihero989
Reputation: 494
Bouncy Castle unsigned entries Error running Jar-with-dependencies using Maven
I am currently experiencing a problem trying to run an executable jar that used bouncy castle for decryption. Using maven, I create a jar-with-dependencies that upon running throws
java.util.jar.JarException: file: FileDecrypter-1.0-jar-with-dependencies.jar
has unsigned entries - org/apache/commons/io/ByteOrderMark.class
Of course I researched this issue and found "Invalid signature file" when attempting to run a .jar but I'm not creating an uber-jar neither am I using a manifest file to create my jar.
My pom.xml:
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>FileDecrypter</groupId>
<artifactId>FileDecrypter</artifactId>
<version>1.0</version>
<dependencies>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.4</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-vfs2</artifactId>
<version>2.0</version>
</dependency>
<dependency>
<groupId>commons-net</groupId>
<artifactId>commons-net</artifactId>
<version>3.3</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
<version>2.2</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>2.2</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>1.48</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpg-jdk15on</artifactId>
<version>1.48</version>
</dependency>
</dependencies>
<build>
<sourceDirectory>src</sourceDirectory>
<resources>
<resource>
<directory>src</directory>
<excludes>
<exclude>**/*.java</exclude>
</excludes>
</resource>
</resources>
<plugins>
<!-- download source code in Eclipse, best practice -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-eclipse-plugin</artifactId>
<version>2.9</version>
<configuration>
<downloadSources>true</downloadSources>
<downloadJavadocs>false</downloadJavadocs>
</configuration>
</plugin>
<!-- Make this jar executable -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>2.6</version>
<configuration>
<excludes>
<exclude>**/log4j.properties</exclude>
</excludes>
<archive>
<manifest>
<addClasspath>true</addClasspath>
<mainClass>com.mps.main.DecryptInput</mainClass>
<classpathPrefix>dependency-jars/</classpathPrefix>
</manifest>
</archive>
</configuration>
</plugin>
<!-- Copy project dependency -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.5.1</version>
<executions>
<execution>
<id>copy-dependencies</id>
<phase>package</phase>
<goals>
<goal>copy-dependencies</goal>
</goals>
<configuration>
<!-- exclude junit, we need runtime dependency only -->
<includeScope>runtime</includeScope>
<outputDirectory>${project.build.directory}/dependency-
jars/</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
<!-- set jdk compiler -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<configuration>
<verbose>true</verbose>
<fork>true</fork>
<executable>${JAVA_1_7_HOME}</executable>
<compilerVersion>1.7</compilerVersion>
</configuration>
</plugin>
<!-- Maven Assembly Plugin -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<version>2.4.1</version>
<configuration>
<!-- get all project dependencies -->
<descriptorRefs>
<descriptorRef>jar-with-dependencies</descriptorRef>
</descriptorRefs>
<!-- MainClass in mainfest make a executable jar -->
<archive>
<manifest>
<mainClass>com.mps.main.DecryptInput</mainClass>
</manifest>
</archive>
</configuration>
<executions>
<execution>
<id>make-assembly</id>
<!-- bind to the packaging phase -->
<phase>package</phase>
<goals>
<goal>single</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
Upvotes: 4
Views: 6025
Answers (1)
antihero989
Reputation: 494
I finally got it to work, although I was approaching the problem in the wrong way. Using the following code in my pom.xml, I was able to create a jar containing a manifest file that pointed to my dependencies:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.5.1</version>
<executions>
<execution>
<id>copy-dependencies</id>
<phase>package</phase>
<goals>
<goal>copy-dependencies</goal>
</goals>
<configuration>
<!-- exclude junit, we need runtime dependency only -->
<includeScope>runtime</includeScope>
<outputDirectory>${project.build.directory}/dependency-
jars/</outputDirectory>
</configuration>
</execution>
</executions>
</plugin>
Using my pom.xml and running "mvn package" in command-line while my present working directory is my current project workspace, a folder named "target" is created that contains my jar file "FileDecrypter.jar" and a folder with all of my jars named "dependency-jars". The manifest file inside of my execute jar points to the dependency-jar folder, which allows my bouncy-castle jars to remain signed.
Upvotes: 3
Related Questions
- Package in unique jar with bouncyCastle.SecurityException
- Maven dependency bcprov issue
- Bouncy Castle not found in classpath, but works when run in maven
- Bouncy castle security provider doesn't load under Java 11/12
- Using BouncyCastle results in 'myJar.jar has unsigned entries'
- bouncycastle error "JCE cannot authenticate the provider BC" with "jar-with-dependencies"
- BouncyCastle NoSuchProviderException even though it's a Maven dependency
- Bouncy Castle, NoSuchMethodError (org.bouncycastle.asn1.ASN1Integer)
- maven with bouncycastle jar error
- BouncyCastle jars giving SHA1 Digest Error for JDK 1.7