Support signing by jsign without google cloud

eclipse-cbi#594
bschwert · Jan 20, 2025 · 3f498eb · 3f498eb
1 parent 6f12925
commit 3f498eb
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 8 deletions.
diff --git a/...ice/signing/windows/src/main/java/org/eclipse/cbi/webservice/signing/windows/JSigner.java b/...ice/signing/windows/src/main/java/org/eclipse/cbi/webservice/signing/windows/JSigner.java
@@ -57,13 +57,22 @@ public static Builder builder() {
 	@Override
 	public Path sign(Path file) {
 		try {
-			KeyStore keystore =
-					new KeyStoreBuilder()
-							.storetype(configuration().getStoreType())
-							.keystore(configuration().getKeystore())
-							.storepass(googleAccessToken())
-							.certfile(configuration().getCertificateChain().toFile())
-							.build();
+			KeyStoreBuilder keyStoreBuilder = new KeyStoreBuilder()
+					.storetype(configuration().getStoreType())
+					.keystore(configuration().getKeystore());
+			if (kmsCredentials!=null) {
+				keyStoreBuilder.storepass(googleAccessToken());
+			} else if (configuration().getStorePass() != null) {
+				keyStoreBuilder.storepass(configuration().getStorePass());
+			}
+			try {
+				if (configuration().getCertificateChain() != null) {
+					keyStoreBuilder.certfile(configuration().getCertificateChain().toFile());
+				}
+			} catch(IllegalArgumentException e){
+				// Ignore missing certficate chain;could be stored in keystore
+			}
+			KeyStore keystore =keyStoreBuilder.build();
 
 			AuthenticodeSigner signer =
 					new AuthenticodeSigner(keystore, configuration().getKeyAlias(), null)
@@ -105,7 +114,7 @@ private String googleAccessToken() {
 				throw new RuntimeException(ex);
 			}
 		} else {
-			throw new RuntimeException("Tried to retrieve a Google Cloud Access Token while no credentials have been provided");
+			return "NONE";
 		}
 	}
 

diff --git a/...g/windows/src/main/java/org/eclipse/cbi/webservice/signing/windows/JSignerProperties.java b/...g/windows/src/main/java/org/eclipse/cbi/webservice/signing/windows/JSignerProperties.java
@@ -30,6 +30,7 @@ public class JSignerProperties {
 	private static final String JSIGN_DESCRIPTION = "windows.jsign.description";
 
 	private static final String JSIGN_STORETYPE = "windows.jsign.storetype";
+	private static final String JSIGN_STOREPASS = "windows.jsign.storepass";
 	private static final String JSIGN_KEYSTORE = "windows.jsign.keystore";
 	private static final String JSIGN_KEY_ALIAS = "windows.jsign.keyalias";
 	private static final String JSIGN_CERTCHAIN = "windows.jsign.certchain";
@@ -67,6 +68,10 @@ public String getStoreType() {
 		return propertiesReader.getString(JSIGN_STORETYPE);
 	}
 
+	public String getStorePass() {
+		return propertiesReader.getString(JSIGN_STOREPASS);
+	}
+
 	public String getKeystore() {
 		return propertiesReader.getString(JSIGN_KEYSTORE);
 	}