我正在尝试用 yubikey 和 gradle 签署我的 jars。
对于 gradle,我使用签名插件。不幸的是,我无法以通常的方式进行设置,因为您必须提供 secring.gpg,据我所知,它应该包含私钥。由于密钥驻留在 yubikey 上,因此这是行不通的。
可能有一些 Android 开发人员使用 yubikeys 并签署他们的 jar 包?
我将不胜感激任何帮助!
签署任务:
signing {
required { gradle.taskGraph.hasTask("uploadArchives") }
sign configurations.archives
}
Gradle.属性:
signing.keyId= 1234ABCD
signing.password=secret
signing.secretKeyRingFile=/home/user/.gnupg/secring.gpg
堆栈跟踪:
org.gradle.api.GradleException: Could not evaluate onlyIf predicate for task ':signArchives'.
at org.gradle.api.internal.tasks.execution.SkipOnlyIfTaskExecuter.execute(SkipOnlyIfTaskExecuter.java:44)
at org.gradle.api.internal.tasks.execution.ExecuteAtMostOnceTaskExecuter.execute(ExecuteAtMostOnceTaskExecuter.java:43)
at org.gradle.api.internal.tasks.execution.CatchExceptionTaskExecuter.execute(CatchExceptionTaskExecuter.java:34)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker$1.execute(DefaultTaskGraphExecuter.java:236)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker$1.execute(DefaultTaskGraphExecuter.java:228)
at org.gradle.internal.Transformers$4.transform(Transformers.java:169)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:106)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:61)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker.execute(DefaultTaskGraphExecuter.java:228)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker.execute(DefaultTaskGraphExecuter.java:215)
at org.gradle.execution.taskgraph.AbstractTaskPlanExecutor$TaskExecutorWorker.processTask(AbstractTaskPlanExecutor.java:77)
at org.gradle.execution.taskgraph.AbstractTaskPlanExecutor$TaskExecutorWorker.run(AbstractTaskPlanExecutor.java:58)
at org.gradle.execution.taskgraph.DefaultTaskPlanExecutor.process(DefaultTaskPlanExecutor.java:32)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter.execute(DefaultTaskGraphExecuter.java:113)
at org.gradle.execution.SelectedTaskExecutionAction.execute(SelectedTaskExecutionAction.java:37)
at org.gradle.execution.DefaultBuildExecuter.execute(DefaultBuildExecuter.java:37)
at org.gradle.execution.DefaultBuildExecuter.access$000(DefaultBuildExecuter.java:23)
at org.gradle.execution.DefaultBuildExecuter$1.proceed(DefaultBuildExecuter.java:43)
at org.gradle.execution.DryRunBuildExecutionAction.execute(DryRunBuildExecutionAction.java:32)
at org.gradle.execution.DefaultBuildExecuter.execute(DefaultBuildExecuter.java:37)
at org.gradle.execution.DefaultBuildExecuter.execute(DefaultBuildExecuter.java:30)
at org.gradle.initialization.DefaultGradleLauncher$RunTasksAction.execute(DefaultGradleLauncher.java:230)
at org.gradle.initialization.DefaultGradleLauncher$RunTasksAction.execute(DefaultGradleLauncher.java:227)
at org.gradle.internal.Transformers$4.transform(Transformers.java:169)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:106)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:56)
at org.gradle.initialization.DefaultGradleLauncher.doBuildStages(DefaultGradleLauncher.java:161)
at org.gradle.initialization.DefaultGradleLauncher.doBuild(DefaultGradleLauncher.java:112)
at org.gradle.initialization.DefaultGradleLauncher.run(DefaultGradleLauncher.java:95)
at org.gradle.launcher.exec.GradleBuildController.run(GradleBuildController.java:66)
at org.gradle.tooling.internal.provider.ExecuteBuildActionRunner.run(ExecuteBuildActionRunner.java:28)
at org.gradle.launcher.exec.ChainingBuildActionRunner.run(ChainingBuildActionRunner.java:35)
at org.gradle.launcher.exec.InProcessBuildActionExecuter.execute(InProcessBuildActionExecuter.java:41)
at org.gradle.launcher.exec.InProcessBuildActionExecuter.execute(InProcessBuildActionExecuter.java:26)
at org.gradle.tooling.internal.provider.ContinuousBuildActionExecuter.execute(ContinuousBuildActionExecuter.java:75)
at org.gradle.tooling.internal.provider.ContinuousBuildActionExecuter.execute(ContinuousBuildActionExecuter.java:49)
at org.gradle.tooling.internal.provider.ServicesSetupBuildActionExecuter.execute(ServicesSetupBuildActionExecuter.java:49)
at org.gradle.tooling.internal.provider.ServicesSetupBuildActionExecuter.execute(ServicesSetupBuildActionExecuter.java:31)
at org.gradle.launcher.daemon.server.exec.ExecuteBuild.doBuild(ExecuteBuild.java:67)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:36)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.WatchForDisconnection.execute(WatchForDisconnection.java:37)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.ResetDeprecationLogger.execute(ResetDeprecationLogger.java:26)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.RequestStopIfSingleUsedDaemon.execute(RequestStopIfSingleUsedDaemon.java:34)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput$2.call(ForwardClientInput.java:74)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput$2.call(ForwardClientInput.java:72)
at org.gradle.util.Swapper.swap(Swapper.java:38)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput.execute(ForwardClientInput.java:72)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.LogAndCheckHealth.execute(LogAndCheckHealth.java:55)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.LogToClient.doBuild(LogToClient.java:60)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:36)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.EstablishBuildEnvironment.doBuild(EstablishBuildEnvironment.java:72)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:36)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.StartBuildOrRespondWithBusy$1.run(StartBuildOrRespondWithBusy.java:50)
at org.gradle.launcher.daemon.server.DaemonStateCoordinator$1.run(DaemonStateCoordinator.java:297)
at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:63)
at org.gradle.internal.concurrent.StoppableExecutorImpl$1.run(StoppableExecutorImpl.java:46)
Caused by: org.gradle.internal.UncheckedException: org.bouncycastle.openpgp.PGPException: Exception constructing key
at org.gradle.plugins.signing.signatory.pgp.PgpSignatory.createPrivateKey(PgpSignatory.java:118)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatory.<init>(PgpSignatory.java:55)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatoryFactory.createSignatory(PgpSignatoryFactory.java:72)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatoryFactory.createSignatory(PgpSignatoryFactory.java:68)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatoryFactory.readProperties(PgpSignatoryFactory.java:98)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatoryFactory.createSignatory(PgpSignatoryFactory.java:44)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatoryFactory.createSignatory(PgpSignatoryFactory.java:48)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatoryProvider.getDefaultSignatory(PgpSignatoryProvider.java:41)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatoryProvider.getDefaultSignatory(PgpSignatoryProvider.java:30)
at org.gradle.plugins.signing.SigningExtension.getSignatory(SigningExtension.java:180)
at org.gradle.plugins.signing.SigningExtension_Decorated.getSignatory(Unknown Source)
at org.gradle.plugins.signing.SigningExtension$2.call(SigningExtension.java:226)
at org.gradle.plugins.signing.SigningExtension$2.call(SigningExtension.java:224)
at org.gradle.util.GUtil.uncheckedCall(GUtil.java:402)
at org.gradle.api.internal.ConventionAwareHelper$2.getValue(ConventionAwareHelper.java:84)
at org.gradle.api.internal.ConventionAwareHelper$MappedPropertyImpl.getValue(ConventionAwareHelper.java:133)
at org.gradle.api.internal.ConventionAwareHelper.getConventionValue(ConventionAwareHelper.java:111)
at org.gradle.plugins.signing.Sign_Decorated.getSignatory(Unknown Source)
at org.gradle.plugins.signing.Sign$3.isSatisfiedBy(Sign.java:94)
at org.gradle.plugins.signing.Sign$3.isSatisfiedBy(Sign.java:91)
at org.gradle.api.specs.AndSpec.isSatisfiedBy(AndSpec.java:46)
at org.gradle.api.internal.tasks.execution.SkipOnlyIfTaskExecuter.execute(SkipOnlyIfTaskExecuter.java:42)
... 63 more
Caused by: org.bouncycastle.openpgp.PGPException: Exception constructing key
at org.bouncycastle.openpgp.PGPSecretKey.extractPrivateKey(Unknown Source)
at org.gradle.plugins.signing.signatory.pgp.PgpSignatory.createPrivateKey(PgpSignatory.java:116)
... 84 more
Caused by: java.io.EOFException
at org.bouncycastle.bcpg.BCPGInputStream.readFully(Unknown Source)
at org.bouncycastle.bcpg.BCPGInputStream.readFully(Unknown Source)
at org.bouncycastle.bcpg.MPInteger.<init>(Unknown Source)
at org.bouncycastle.bcpg.RSASecretBCPGKey.<init>(Unknown Source)
... 86 more
最好的
我使用 Gradle 和 YubiKey 签署 jar 没有任何问题。在我的
~/.gradle/gradle.propertiessigning.gnupg.executable=gpg
signing.gnupg.homeDir=/home/raman/.gnupg
signing.gnupg.optionsFile=/home/raman/.gnupg/gpg.conf
signing.gnupg.keyName=1F3CE06C51CE20F7C4405181943F287533382C9D
keyNamegpg --list-secret-keyskeyName...<snip>...
sec> rsa4096/943F287533382C9D 2022-04-23 [SC] [expires: 2024-04-22]
1F3CE06C51CE20F7C4405181943F287533382C9D <--- this value here
Card serial no. = 0006 19052983
...<snip>...