I am using bouncy castle provider for AES encryption. I need to create a fat jar from bc and my jar but as soon as i do it i get Algorithm not found exception. Is it possible to get rid of the sign and create regular jar out of it?
My build process is..
- i unzip all jars in to my build directory.
- then remove META-INF directory
- compile my application
- jar it using ant
iget the error when i try to use the
SecretKeyFactory.getInstance(algorithm);
algorithm is PBEWITHSHA256AND128BITAES-CBC-BC from bouncy castle.
To remove the signature from a jar file, remove the META-INF directory from it. A jar file is a zip file so on Linux you can do this:
zip -d file.jar 'META-INF/*.SF' 'META-INF/*.RSA'
When you sign a jar file, new files get added to the META-INF directory, e.g. "MKSIGN.SF" and "MKSIGN.DSA". Just remove them from the jar file (with any zip utility), and you have it unsigned.
You have to remove signature files from signed jar. Change its extension to zip, remove signature files, and change back to jar. Since now that jar is no longer unsigned.
I followed the code from the maven jar signer plugin and remove all signing files and also the checksums from the MANIFEST.MF:
find -type f \( \( -name "*.RSA" -o -name "*.SF" \) -o \( -name "*.EC" -o -name "*.DSA" \) \) -print0 | xargs -0 --no-run-if-empty rm -rf
sed -i '/^Name: .*.class/Q' MANIFEST.MF
You may be running into a specific issue with Bouncy Castle jars. Bouncy Castle implements the Cryptographic Service Provider interface and as such may be using a self-verification technique presented in the technotes of Java's documentation.
In the case of Bouncy Castle, the "fat jar" technique may not be possible. You could use an alternative class loading approach that would load the intact bouncy castle jars from within your own jar (using the jar://path/to/jar!/path/within/jar syntax with a URLClassLoader) but I have not tried this and my not be right for your needs.
I put together a perl script which I use in production to remove JAR signatures. Just pass the folder with jars as an argument. This works in linux. It may work with cygwin though I haven't tested it in windows.
https://docs.google.com/document/d/1B1uEUIiuxh7WdPldD9rUun3COAefjczfdJTMWEecE1g/edit?usp=sharing
来源:https://stackoverflow.com/questions/1291978/un-signing-a-signed-jar