JMH does not handle signed JARs correctly

Dmitry Vyazelenko vyazelenko at yahoo.com
Wed Aug 6 16:08:18 UTC 2014


Hi,

Attempt to execute benchmarks in a project that uses signed JARs fails with
"java.lang.SecurityException: Invalid signature file digest for Manifest main attributes".

This is a known problem with maven-shade-plugin (see http://zhentao-li.blogspot.ch/2012/06/maven-shade-plugin-invalid-signature.html and http://stackoverflow.com/questions/999489/invalid-signature-file-when-attempting-to-run-a-jar).
And the fix is to add the following to the plugin configuration:
       <configuration> 
          <filters> 
            <filter> 
              <artifact>*:*</artifact> 
              <excludes> 
                <exclude>META-INF/*.SF</exclude> 
                <exclude>META-INF/*.DSA</exclude> 
                <exclude>META-INF/*.RSA</exclude> 
              </excludes> 
            </filter> 
          </filters> 
        </configuration>

How to reproduce:
1) Create new JMH project
2) Add the following dependency:
        <dependency> 
            <groupId>org.bouncycastle</groupId> 
            <artifactId>bcprov-jdk16</artifactId> 
            <version>1.46</version> 
        </dependency> 
3) Execute mvn clean package
4) Try to run jar: java -jar target/benchmarks.jar => exception

Unrelated note, maven archetype for JMH uses old version 0.9.3 instead of current 0.9.5.

Best regards,
Dmitry Vyazelenko 


More information about the jmh-dev mailing list