Wolfgang Rosenauer wrote:
>>> So I wonder how it could pass the crypto verification?
>> What are the contents of testy.jar exactly? Does it include the META-INF
>> subdirectory with manifest.mf and zigbert.{sf,rsa}? Otherwise, the above
>> message is simply what you get when checking an unsigned jar:
>
> 5301 02-07-07 15:17 content/META-INF/zigbert.sf
> 3469 02-07-07 15:17 content/META-INF/zigbert.rsa
> 5193 02-07-07 15:17 content/META-INF/manifest.mf
>
> I did one more test and created the jar by signtool's -Z option instead
> of signing the tree and "zip" it afterwards and that worked. But
> according to the documentation it should also be possible to zip a
> signed tree instead of using signtool's feature.
ok, META-INF stuff has to be in the top level directory structure which
wasn't the case if signtool was called with content/ as path and I want
content/ to be actually within the jar.
No problem, but only a pilot error then!
Wolfgang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
