3

Our system has Java and C parts. On the C side, we are signing certain data using command-line scripts calling OpenSSL commands. Now we want to sign some JARs too. We already have established PKI (what is important for this case - private keys are accessible) "on the C side" and we try to avoid duplicating/extending that to the Java side.

What would be an easy way to get the JAR signed for someone who does not want to have JRE (but has OpenSSL)? I.e. I want to create the correct MANIFEST.MF, KEY.SF and KEY.?SA for my JAR. Their format is not complicated and this seems to be doable with some scripting. Has anyone done this before?

Konstantin Shemyak
  • 2,369
  • 5
  • 21
  • 41

1 Answers1

3

Answering own question.

Format of MANIFEST.MF and KEY.SF is documented by Oracle. Surprisingly, exact content of the signature KEY.?SA (where "KEY" is the keystore alias of the signing key) is not detailed in the "Signature File" section.

This KEY.RSA (for RSA signatures) can be created by OpenSSL command-line tools in exactly the way jarsigner creates it. Example for RSA signature and SHA256 digest:

$ openssl smime -sign -noattr -in META-INF/TEST1.SF -outform der -out META-INF/TEST1.RSA -inkey privateKey.pem -signer cert.pem -md sha256

Similarly the signature can be produced with OpenSSL C API. Snap of C code (no error checking):

  /* PKCS7_PARTIAL flag is needed to be able to change the digest from the default value */
  PKCS7 *signed_data = PKCS7_sign(NULL, NULL, NULL, data,
    PKCS7_NOATTR | PKCS7_DETACHED | PKCS7_PARTIAL
  );

  digest = EVP_get_digestbyname("sha256");

  PKCS7_sign_add_signer(signed_data, signcert, pkey, digest, flags);

  PKCS7_final(signed_data, NULL, 0);

Signature created in this way is identical to what jarsigner would have produced.

Konstantin Shemyak
  • 2,369
  • 5
  • 21
  • 41
  • By any chance, do you know how to compute "SHA-256-Digest-Manifest-Main-Attributes" in the *.SF file ? That is, what data in what order ? :-) I need to sign a jar file w/o jarsigner because we'll use an HSM key. – Jan Goyvaerts Feb 10 '17 at 15:05
  • @Jan Goyvaerts see the source code for "python-javatools" on Github. Alternatively, ask a question here :-) – Konstantin Shemyak Feb 10 '17 at 15:09
  • Thanks ! I'll debug the code and see what data it uses. At first sight it's the complete line, but that doesn't work from bash. But at least I know where to start now. :-) – Jan Goyvaerts Feb 10 '17 at 15:38
  • Right... Can not build the project and my Pythonese is a bit rusty... There *must* a specification somewhere about the order and content of the checksum ! :-) – Jan Goyvaerts Feb 13 '17 at 09:46
  • 1
    SOLVED ! Debugging the Jarsigner class in the incredible Keystore Explorer project brought the mechanism to light. – Jan Goyvaerts Feb 15 '17 at 13:20