Hello,
First, we need to create a configuration file that will determine the location of the Token or Smartcard driver. Create a token.cfg name file in your workbook.
The following is the content that should be placed in this file. The name and description fields may contain text of your choice, but the library field should point to the location of the device driver. p>
name = Provider
description = Token Pro Blue
library = /usr/lib/libeTPkcs11.so
For use in Windows the library field should contain the dll path for the token driver as the example below:
>
name = Provider
description = Token Pro Blue
library = C: \ Windows \ System32 \ eTPKCS11.dll
The Token or Smartcard may contain one or more certificates, each associated with a nickname. Before we begin the subscription, we need to find out the nickname of the certificate that will be used for the subscription. To do this, let's run the following command line. The PASSWORD field should be replaced with your Pin.
keytool -keystore NONE -storetype PKCS11 -providerClass sun.security.pkcs11.SunPKCS11 -providerArg token.cfg -storepass PASSWORD -list
After you execute this command, the list of nicknames is displayed. below is an example of the expected result.
(eTCAPI) HUMBERTO DE MELO PACHECO's ICP-Brasil ID
We can now proceed to the signing of the artifact using the command line below. The parameters to be changed are as follows.
- PASSWORD, the Token Pin or SmartCard.
- DSANAME, the name of the file that contains the signatures of the classes. This attribute is optional.
- JARFILESIGNED, the filename generated after the signature.
- JARFILE, the name of the file to be signed.
- ALIAS, the alias of the certificate to be used, obtained in the previous step.
jarsigner -keystore NONE -storetype PKCS11 -providerClass sun.security.pkcs11.SunPKCS11 -providerArg token.cfg -storepass PASSWORD -sigfile DSANAME -signedjar JARFILESIGNED -verbose JARFILE "ALIAS"
References:
Signing an artifact with Token or SmartCard - Demoiselle Framework