Release version 7.0

Author: ebourg

README.md

@@ -53,7 +53,7 @@ See https://ebourg.github.io/jsign for more information.
 
 ## Changes
 
-#### Version 7.0 (in development)
+#### Version 7.0 (2025-01-16)
 
 * New signing services:
   * Azure Trusted Signing
@@ -88,6 +88,7 @@ See https://ebourg.github.io/jsign for more information.
 * Signing more than one file with the `YUBIKEY` storetype no longer triggers a `CKR_USER_NOT_LOGGED_IN` error
 * MS Cabinet files with a pre-allocated reserve are now supported
 * The `--certfile` parameter can now be used to replace the certificate chain from the keystore
+* PVK and PEM key files are now properly loaded even if the extension is not recognized (contributed by Alejandro González)
 * API changes:
   * The keystore builder and the JCA provider are now in a separate `jsign-crypto` module
   * The PEFile class has been refactored to keep only the methods related to signing

RELEASE.md

@@ -5,6 +5,8 @@ Release process
 
        mvn versions:set -DnewVersion=x.y -DgenerateBackupPoms=false
 
+   The version in the documentation and in the Gradle examples will be automatically updated by `mvn deploy`.
+
 1. Update the release date in `README.md`
 
 1. Upload the Maven artifacts to Nexus:
@@ -25,6 +27,10 @@ Release process
 
 1. Publish the release on Chocolatey (see `jsign/src/choco/README.md`)
 
+1. Login to https://manage.fury.io/login and publish the Debian package
+
+1. Publish the Gradle plugin (see `jsign-gradle-plugin/README.md`)
+
 1. Update the Maven version to the next snapshot:
 
        mvn versions:set -DnewVersion=x.y+1-SNAPSHOT -DgenerateBackupPoms=false -DupdateBuildOutputTimestamp=false

docs/index.html

@@ -89,11 +89,11 @@ <h3 id="features">Features</h3>
 <h3 id="files">Downloads</h3>
 
 <ul>
-  <li><a href="https://github.com/ebourg/jsign/releases/download/6.0/jsign_6.0_all.deb">DEB package</a> (Debian/Ubuntu)</li>
-  <li><a href="https://github.com/ebourg/jsign/releases/download/6.0/jsign-6.0-1.noarch.rpm">RPM package</a> (RedHat/Fedora)</li>
+  <li><a href="https://github.com/ebourg/jsign/releases/download/7.0/jsign_7.0_all.deb">DEB package</a> (Debian/Ubuntu)</li>
+  <li><a href="https://github.com/ebourg/jsign/releases/download/7.0/jsign-7.0-1.noarch.rpm">RPM package</a> (RedHat/Fedora)</li>
   <li><a href="https://community.chocolatey.org/packages/jsign/">Chocolatey package</a> (Windows)</li>
   <li><a href="https://formulae.brew.sh/formula/jsign">Homebrew package</a> (macOS/Linux)</li>
-  <li><a href="https://github.com/ebourg/jsign/releases/download/6.0/jsign-6.0.jar">All-in-one JAR</a> (Other systems, Ant task, JCA provider)</li>
+  <li><a href="https://github.com/ebourg/jsign/releases/download/7.0/jsign-7.0.jar">All-in-one JAR</a> (Other systems, Ant task, JCA provider)</li>
 </ul>
 
 
@@ -102,7 +102,7 @@ <h3 id="ant">Ant Task</h3>
 <p>Here is an example showing how the signing works with Ant, using a Java keystore:</p>
 
 <pre class="prettyprint lang-xml">
- &lt;taskdef name="jsign" classname="net.jsign.JsignTask" classpath="jsign-6.0.jar"/>
+ &lt;taskdef name="jsign" classname="net.jsign.JsignTask" classpath="jsign-7.0.jar"/>
 
  &lt;jsign file="application.exe"
         name="My Application"
@@ -355,7 +355,7 @@ <h3 id="maven">Maven plugin</h3>
         &lt;plugin>
           &lt;groupId>net.jsign&lt;/groupId>
           &lt;artifactId>jsign-maven-plugin&lt;/artifactId>
-          &lt;version>6.0&lt;/version>
+          &lt;version>7.0&lt;/version>
           &lt;executions>
             &lt;execution>
               &lt;goals>
@@ -442,7 +442,7 @@ <h3 id="gradle">Gradle plugin</h3>
 
 <pre class="prettyprint lang-groovy">
     plugins {
-        id 'net.jsign' version '6.0'
+        id 'net.jsign' version '7.0'
     }
 
     task sign {
@@ -462,7 +462,7 @@ <h3 id="gradle">Gradle plugin</h3>
 
 <pre class="prettyprint lang-kotlin">
     plugins {
-        id("net.jsign") version "6.0"
+        id("net.jsign") version "7.0"
     }
 
     task("sign") {
@@ -494,11 +494,11 @@ <h3 id="github-actions">GitHub Actions</h3>
           distribution: 'temurin'
 
       - name: Download Jsign
-        run: wget https://github.com/ebourg/jsign/releases/download/6.0/jsign-6.0.jar
+        run: wget https://github.com/ebourg/jsign/releases/download/7.0/jsign-7.0.jar
 
       - name: Sign
         run: >
-          java -jar jsign-6.0.jar --storetype TRUSTEDSIGNING
+          java -jar jsign-7.0.jar --storetype TRUSTEDSIGNING
                                   --keystore weu.codesigning.azure.net
                                   --storepass ${{ secrets.AZURE_ACCESS_TOKEN }}
                                   --alias &lt;account&gt;/&lt;profile&gt;
@@ -513,7 +513,7 @@ <h3 id="cli">Command Line Tool</h3>
 
 <p>On other systems the command line is invoked by running the jar with:</p>
 
-<pre> java -jar jsign-6.0.jar [OPTIONS] [FILE]...</pre>
+<pre> java -jar jsign-7.0.jar [OPTIONS] [FILE]...</pre>
 
 <p>The parameters expected are the same as those used by the Ant task:</p>
 
@@ -1018,7 +1018,7 @@ <h3 id="api">API</h3>
     &lt;dependency>
       &lt;groupId>net.jsign&lt;/groupId>
       &lt;artifactId>jsign-core&lt;/artifactId>
-      &lt;version>6.0&lt;/version>
+      &lt;version>7.0&lt;/version>
     &lt;/dependency>
 </pre>
 
@@ -1053,7 +1053,7 @@ <h4 id="jar-signing">JAR signing</h4>
 <p>With Java 11 or later the syntax looks like this:</p>
 
 <pre>
- jarsigner -J-cp -Jjsign-6.0.jar -J--add-modules -Jjava.sql \
+ jarsigner -J-cp -Jjsign-7.0.jar -J--add-modules -Jjava.sql \
            -providerClass net.jsign.jca.JsignJcaProvider \
            -providerArg &lt;keystore&gt; \
            -keystore NONE \
@@ -1068,7 +1068,7 @@ <h4 id="jar-signing">JAR signing</h4>
 parameter is removed:</p>
 
 <pre>
- jarsigner -J-cp -Jjsign-6.0.jar:$JAVA_HOME/lib/tools.jar \
+ jarsigner -J-cp -Jjsign-7.0.jar:$JAVA_HOME/lib/tools.jar \
            ...
 </pre>
 

jsign-ant/pom.xml

@@ -6,11 +6,11 @@
   <parent>
     <groupId>net.jsign</groupId>
     <artifactId>jsign-parent</artifactId>
-    <version>7.0-SNAPSHOT</version>
+    <version>7.0</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <name>Jsign - Authenticode signing in Java (Ant Task)</name>
-  <version>7.0-SNAPSHOT</version>
+  <version>7.0</version>
   <packaging>jar</packaging>
 
   <dependencies>

jsign-cli/pom.xml

@@ -6,11 +6,11 @@
   <parent>
     <groupId>net.jsign</groupId>
     <artifactId>jsign-parent</artifactId>
-    <version>7.0-SNAPSHOT</version>
+    <version>7.0</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <name>Jsign - Authenticode signing in Java (Command Line Tool)</name>
-  <version>7.0-SNAPSHOT</version>
+  <version>7.0</version>
   <packaging>jar</packaging>
 
   <dependencies>

jsign-core/pom.xml

@@ -6,11 +6,11 @@
   <parent>
     <groupId>net.jsign</groupId>
     <artifactId>jsign-parent</artifactId>
-    <version>7.0-SNAPSHOT</version>
+    <version>7.0</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <name>Jsign - Authenticode signing in Java (Core)</name>
-  <version>7.0-SNAPSHOT</version>
+  <version>7.0</version>
   <packaging>jar</packaging>
 
   <dependencies>

jsign-crypto/pom.xml

@@ -6,11 +6,11 @@
   <parent>
     <groupId>net.jsign</groupId>
     <artifactId>jsign-parent</artifactId>
-    <version>7.0-SNAPSHOT</version>
+    <version>7.0</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <name>Jsign - Authenticode signing in Java (Crypto)</name>
-  <version>7.0-SNAPSHOT</version>
+  <version>7.0</version>
   <packaging>jar</packaging>
 
   <dependencies>

jsign-gradle-plugin/build.gradle

@@ -4,7 +4,7 @@ plugins {
 }
 
 group = 'net.jsign'
-version = '6.0'
+version = '7.0'
 
 repositories {
     mavenCentral()

jsign-gradle-plugin/example.gradle

@@ -4,7 +4,7 @@ buildscript {
     }
 
     dependencies {
-        classpath 'net.jsign:jsign-gradle-plugin:1.4-SNAPSHOT'
+        classpath 'net.jsign:jsign-gradle-plugin:7.0'
     }
 }
 

jsign-gradle-plugin/example.gradle.kts

@@ -4,7 +4,7 @@ buildscript {
     }
 
     dependencies {
-        classpath("net.jsign:jsign-gradle-plugin:6.0")
+        classpath("net.jsign:jsign-gradle-plugin:7.0")
     }
 }
 

jsign-gradle-plugin/pom.xml

@@ -6,11 +6,11 @@
   <parent>
     <groupId>net.jsign</groupId>
     <artifactId>jsign-parent</artifactId>
-    <version>7.0-SNAPSHOT</version>
+    <version>7.0</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <name>Jsign - Authenticode signing in Java (Gradle Plugin)</name>
-  <version>7.0-SNAPSHOT</version>
+  <version>7.0</version>
   <packaging>jar</packaging>
 
   <repositories>

jsign-maven-plugin/pom.xml

@@ -6,11 +6,11 @@
   <parent>
     <groupId>net.jsign</groupId>
     <artifactId>jsign-parent</artifactId>
-    <version>7.0-SNAPSHOT</version>
+    <version>7.0</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <name>Jsign - Authenticode signing in Java (Maven Plugin)</name>
-  <version>7.0-SNAPSHOT</version>
+  <version>7.0</version>
   <packaging>maven-plugin</packaging>
 
   <properties>

jsign/pom.xml

@@ -6,11 +6,11 @@
   <parent>
     <groupId>net.jsign</groupId>
     <artifactId>jsign-parent</artifactId>
-    <version>7.0-SNAPSHOT</version>
+    <version>7.0</version>
     <relativePath>../pom.xml</relativePath>
   </parent>
   <name>Jsign - Authenticode signing in Java (Distribution)</name>
-  <version>7.0-SNAPSHOT</version>
+  <version>7.0</version>
   <packaging>jar</packaging>
 
   <dependencies>
@@ -459,6 +459,7 @@
                     <replaceregexp file="../docs/index.html" flags="g"    match="version &quot;[\d.]+&quot;" replace="version &quot;${project.version}&quot;"/>
 
                     <!-- Gradle examples -->
+                    <replaceregexp file="../jsign-gradle-plugin/example.gradle"     match="net.jsign:jsign-gradle-plugin:[\d.]+(?:-SNAPSHOT)?" replace="net.jsign:jsign-gradle-plugin:${project.version}"/>
                     <replaceregexp file="../jsign-gradle-plugin/example.gradle.kts" match="net.jsign:jsign-gradle-plugin:[\d.]+(?:-SNAPSHOT)?" replace="net.jsign:jsign-gradle-plugin:${project.version}"/>
 
                   </target>

jsign/src/choco/jsign.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>jsign</id>
-    <version>6.0</version>
+    <version>7.0</version>
     <owners>ebourg</owners>
     <title>Jsign</title>
     <authors>Emmanuel Bourg</authors>
@@ -28,7 +28,7 @@
   </metadata>
   <files>
     <file src="tools\**" target="tools" />
-    <file src="..\..\target\jsign-6.0.jar" target="tools\jsign.jar" />
+    <file src="..\..\target\jsign-7.0.jar" target="tools\jsign.jar" />
     <file src="..\..\..\LICENSE.txt" target="tools\" />
   </files>
 </package>

jsign/src/choco/tools/VERIFICATION.md

@@ -6,10 +6,10 @@ in verifying that this package's contents are trustworthy.
 Package can be verified like this:
 
 * Go to https://github.com/ebourg/jsign/releases
-* Download the `jsign-<version>.jar` file for the latest release (for example https://github.com/ebourg/jsign/releases/download/6.0/jsign-6.0.jar)
+* Download the `jsign-<version>.jar` file for the latest release (for example https://github.com/ebourg/jsign/releases/download/7.0/jsign-7.0.jar)
 * Get the checksum using one of the following methods:
   - Using powershell function 'Get-FileHash'
   - Use chocolatey utility 'checksum.exe'
 * Compare the checksum with the one of the jsign.jar file embedded in this package.
-  The expected sha-256 value for the version 6.0 is:
-  `05ca18d4ab7b8c2183289b5378d32860f0ea0f3bdab1f1b8cae5894fb225fa8a`
+  The expected sha-256 value for the version 7.0 is:
+  `325df319621e7fa74384c8852efdb5828871bf6405648a4c621ee5fc37c59b6c`

pom.xml

@@ -4,7 +4,7 @@
   <groupId>net.jsign</groupId>
   <artifactId>jsign-parent</artifactId>
   <name>Jsign - Authenticode signing in Java (Parent)</name>
-  <version>7.0-SNAPSHOT</version>
+  <version>7.0</version>
   <packaging>pom</packaging>
 
   <inceptionYear>2012</inceptionYear>
@@ -383,7 +383,7 @@
     <bouncycastle.version>2.73.7</bouncycastle.version>
 
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <project.build.outputTimestamp>2024-01-17T12:00:00Z</project.build.outputTimestamp>
+    <project.build.outputTimestamp>2025-01-16T08:34:01Z</project.build.outputTimestamp>
   </properties>
 
 </project>