IllegalAccessError with maven plugin and SafeNetEToken

[InsideTheo]

Hi everyone,

Using the maven plugin in a Java 17 Project to sign an executable with a SafeNet token yields the following error:

[ERROR] Failed to execute goal net.jsign:jsign-maven-plugin:6.0:sign (default) on project direct-connect-client: Execution default of goal net.jsign:jsign-maven-plugin:6.0:sign failed: An API incompatibility was encountered while executing net.jsign:jsign-maven-plugin:6.0:sign: java.lang.IllegalAccessError: class net.jsign.SafeNetEToken (in unnamed module @0x550635c6) cannot access class sun.security.pkcs11.wrapper.PKCS11 (in module jdk.crypto.cryptoki) because module jdk.crypto.cryptoki does not export sun.security.pkcs11.wrapper to unnamed module @0x550635c6

Using the command line tool works just fine:
jsign --storetype ETOKEN --storepass ... -t http://timestamp.sectigo.com ...exe

I suspect it has to do with the Java version, as the sun packages imported in SafeNetEToken become unavailable in java versions 9+.

[InsideTheo]

I was able to solve it by adding this to my maven options, as suggested by a different GitHub Issue (I think only the first two are needed, but could be wrong):
--add-exports jdk.crypto.cryptoki/sun.security.pkcs11=ALL-UNNAMED
--add-exports jdk.crypto.cryptoki/sun.security.pkcs11.wrapper=ALL-UNNAMED
--add-opens java.base/java.security=ALL-UNNAMED
--add-exports java.base/sun.security.action=ALL-UNNAMED
--add-exports java.base/sun.security.rsa=ALL-UNNAMED
--add-opens java.base/sun.security.util=ALL-UNNAMED

[ebourg]

Reopening, I have to document this.