Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How do I sign my ProGuard'ed Scala stand-alone JARs?

Tags:

java

jar

scala

proguard

sbt

I've built a (command-line) application in Scala that I want to distribute as a standalone JAR. I'm building it with sbt:

import sbt._

class Project(info: ProjectInfo) extends DefaultProject(info) with ProguardProject {
  override def parallelExecution = true      
  override def mainClass: Option[String] = // whatever

  override def libraryDependencies = Set(
    // whatever
  ) ++ super.libraryDependencies

  override def proguardOptions = List(
      "-keepclasseswithmembers public class * { public static void main(java.lang.String[]); }",
      "-dontoptimize",
      "-dontobfuscate",
      proguardKeepLimitedSerializability,
      proguardKeepAllScala,
      "-keep interface scala.ScalaObject"
  )
}

I can run my code with sbt run fine, and I can package it and run ProGuard over it (I'm not interested in obfuscating - the project is going to be open source anyway), I'm just using it to produce a standalone JAR). So, I eventually get a .min.jar file built in target/scala_2.8.0/

This is where it gets complicated. If I run this JAR, I get:

Exception in thread "main" java.lang.SecurityException: Invalid signature file digest for Manifest main attributes

Okay, I haven't signed it.

So, I generate myself a signing key as follows:

keytool -keystore ~/.keystore -genkey -alias tom

And then, following the Java documentation, I try to sign the JAR:

jarsigner -signedjar [whatever].jar -keystore ~/.keystore target/scala_2.8.0/[whatever]-1.0.min.jar tom

It prompts me:

Enter Passphrase for keystore: 

Warning: 
The signer certificate will expire within six months.

Okay, that's fine. Now, surely, it'll run!

$ java -jar [whatever].jar
Exception in thread "main" java.lang.SecurityException: Invalid signature file digest for Manifest main attributes

I have no idea where to begin. I'm relatively new to the Java platform.

like image 729
Tom Morris Avatar asked Jul 20 '10 18:07

Tom Morris

1 Answers

I don't think you need ProGuard and signing to produce a standalone jar. You can just pack all the classes you need and a META-INF directory with proper classpath and main class set in a zip file, rename it to jar and it should run. See this tutorial.

Sorry, I didn't answer your question, I just don't understand why you want to sign your jar.

like image 198
Denis Tulskiy Avatar answered Sep 25 '22 07:09

Denis Tulskiy
Sign in to Comment

Related questions

Hibernate Criteria: Perform JOIN in Subquery/DetachedCriteria
Validating XML using XSD with regex pattern
JNI Stream binary data from C++ to Java
Is there a GUI for designing PDF reports generated by Java?
Write binary stream to browser using PHP
Listening for TCP and UDP requests on the same port
How to use my trackpad for horizontal mousewheel scrolling in a Java AWT ScrollPane
Java reference storage question
Mac OSX Java: Receive mouse events when not activated
Launch intent viewer to display image from url
How to load a library that depends on another library, all from a jar file
How to make a swing app aware of screen size change?
Accessing inter-schema tables and relations in hibernate
Why do these regular expressions execute slowly in Java?
JSF2: Open Session in View with EJBs?
java.lang.UnsatisfiedLinkError under tomcat
BlockingQueue and putAll
Checking capsLock status
How to count number of objects stored in a *.ser file
java httpurlconnection cutting off html

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!