Looking for help to use Google Cloud HSM with jarsigner to sign jar files

359 Views Asked by Ajoy Bhatia At 20 November 2022 at 21:48

I need to sign jar files using Google Cloud HSM. The standard tool for signing jar files that comes with the JDK is jarsigner. I see that AWS Cloud HSM has documentation on using AWS Cloud HSM with jarsigner to sign jar files.

https://docs.aws.amazon.com/cloudhsm/latest/userguide/keystore-third-party-tools.html

However, I could not find any documentation directly addressing how to use Google Cloud HSM with jarsigner to sign jar files. If there is no native support for this in Google Cloud HSM, what would be required to make jarsigner work with Google Cloud HSM to do the jar signing? Any pointers are welcome.

Original Q&A

There are 1 best solutions below

Emmanuel Bourg On 12 October 2023 at 12:02

Jsign provides a JCA provider that can be used with jarsigner to sign with a Google Cloud HSM key (disclaimer: I'm the author of this project).

The syntax looks like this:

jarsigner -J-cp -Jjsign-5.1-SNAPSHOT.jar -J--add-modules -Jjava.sql \
           -providerClass net.jsign.jca.JsignJcaProvider \
           -providerArg projects/first-rain-123/locations/global/keyRings/mykeyring \
           -keystore NONE \
           -storetype GOOGLECLOUD \
           -storepass <api-access-token> \
           -certchain certificate-chain.pem \
           application.jar <keyname>

Looking for help to use Google Cloud HSM with jarsigner to sign jar files

There are 1 best solutions below

Related Questions in JARSIGNER

Related Questions in JAR-SIGNING

Trending Questions

Popular # Hahtags

Popular Questions