This task will be packaged in the commons-openpgp.jar. It will use the bouncy castle jars at runtime. It has been tested with bcpg-jdk12-134.jar and bcprov-jdk12-134.jar. The generated signatures can be verified with gpg.
signer can sign one or several files at once.
| Attribute | Description | Required |
| secring | Secret key ring file. | Yes |
| pubring | Public key ring file. | Yes |
| password | Password of the secret key ring. | Yes |
| keyid | Id of the key used to sign. | Yes |
| asciiarmor | Boolean, defaults to true. | No |
| artefact | The file that you want to sign. | No, if fileset nested element present. |
The task must also take either one or several nested fileset element, or an artefact attribute.
The task can take one or several fileset nested elements. See the ant manual for an explanation. If you want to sign just one file, the artefact attribute can be used instead.
The task may take a mapper nested element. This nested element tells the task how the signature files should be called. If you do not supply this element, the signature files will be located in the same directory as the files that you sign. An ending of .asc will be appended to the file name for ascii armored output (the default). If you set asciiarmor to false, the ending will be .sig
<project name="test1" xmlns:openpgp="antlib:org.apache.commons.openpgp.ant">
<taskdef resource="org/apache/commons/openpgp/ant/antlib.xml" uri="antlib:org.apache.commons.openpgp.ant"/>
<openpgp:signer secring="${env.USERPROFILE}\Application Data\gnupg\secring.gpg"
pubring="${env.USERPROFILE}\Application Data\gnupg\pubring.gpg"
password="secret" keyid="12345678"
artefact="target\commons-openpgp-1.0-SNAPSHOT.jar"
asciiarmor="true"/>
</project>