This task will be packaged in the commons-openpgp.jar. It will use the BouncyCastle JARs at runtime. It has been tested with bcpg-jdk12-134.jar and bcprov-jdk12-134.jar. The generated signatures can be verified with GPG.
The signer task can sign one or more files at once.
| Attribute | Description | Required |
|---|---|---|
| secring | Secret key ring file. | Yes |
| pubring | Public key ring file. | Yes |
| password | Password of the secret key ring. | Yes |
| keyid | Id of the key used to sign. | Yes |
| asciiarmor | Whether to use ASCII armor. Boolean, defaults to true. | No |
| artefact | The file that you want to sign. | No, if a fileset nested element is present. |
The task must also take either one or more nested fileset elements, or an artefact attribute.
The task can take one or more fileset nested elements. See the Ant manual for an explanation. If you want to sign just one file, the artefact attribute can be used instead.
The task may take a mapper nested element. This nested element tells the task how the signature files should be named. If you do not supply this element, the signature files will be located in the same directory as the files that you sign. An ending of .asc will be appended to the file name for ASCII armored output (the default). If you set asciiarmor to false, the ending will be .sig
<project name="test1" xmlns:openpgp="antlib:org.apache.commons.openpgp.ant">
<property environment="env"/>
<taskdef resource="org/apache/commons/openpgp/ant/antlib.xml" uri="antlib:org.apache.commons.openpgp.ant"/>
<openpgp:signer secring="${env.USERPROFILE}\Application Data\gnupg\secring.gpg"
pubring="${env.USERPROFILE}\Application Data\gnupg\pubring.gpg"
password="secret" keyid="12345678"
artefact="target\commons-openpgp-1.0-SNAPSHOT.jar"
asciiarmor="true"/>
</project>