On 10/22/2011 11:15 PM, Jonathan Ben Avraham wrote:
> Dear Linux-IL colleagues,
> Anyone know how to create a signature for a jarfile manifest using
> OpenSSL (or anything other than Java security tools) that Jarsigner
> will verify?
> Shavua tov,
>
>  - yba
>
>
Not only do I NOT know how to do that, I don't even know how to verify
the signature myself. The hashes claim to be MD5 (or whatever other
standard hashing algorithm), but an MD5 of the signed files do not yield
the same hash. I have no idea what is, in fact, signed there.

If you can calculate the has, I may be able to help you with the actual
signature, however.

Shachar

-- 
Shachar Shemesh
Lingnu Open Source Consulting Ltd.
http://www.lingnu.com

_______________________________________________
Linux-il mailing list
[email protected]
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Reply via email to