Now, apparently, beginning a couple years ago, mozilla requires the .[rd]sa files to be first. As far as I'm concerned, that's a bug in mozilla. The versions of mozilla that require that are incompatible with nearly ALL the jar files made before that.
The current Mozilla expects *XPI* files to have this form to be signed.
Signed jar files work normally. Maybe because it's the java plug-in that checks them.
The patch you wrote will do what you apparently want it to do, namely put the .[dr]sa file first in the META-INF directory. You're welcome to use that patch all you want. But I think the right thing for mozilla is to fix the jar parsing code, so that the file order doesn't matter.
Unfortunately, the legacy is really strong by now and it will be difficult to go back for xpi files.
A specific flag in signtool that would create files with an xpi extension and the special ordering Mozilla expects could be useful.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
