ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From T E Schmitz <mail...@numerixtechnology.de>
Subject Re: [signjar] prevent double signing
Date Thu, 04 Nov 2004 17:23:19 GMT
Hello Stefan/Ivan,

Stefan Bodewig wrote:

> On Thu, 4 Nov 2004, Ivan Ivanov <rambiusparkisanius@yahoo.com> wrote:
> 
> 
>>Actually, there *is* a method called isSigned(File) that checks
>>whether a jar is signed, so what you want *is* possible.
> 
> 
> A signed jar contains the signature in a file named ALIAS.SF (ALIAS is
> a placeholder here) inside of the META-INF directory.  All the code in
> signjar does is checking for this file.
> 
> It doesn not check whether the file contains anything useful or the
> signature is valid.

Now we're talking ... ;-)

But before I ask how I could obtain this information, let's go one step 
back: I originally assumed that the "lazy" attribute would exactly that 
for me: just sign the jar if it is unsigned and skipped the signed ones. 
But I've tried it with filesets and named files, it doesn't matter what 
- the jar *always* gets signed.

Am I misunderstanding the lazy attribute or what might be wrong with the 
following? (mail.jar is signed by Sun):

<signjar keystore="${java.keystore}" storepass="${keystore.passwd}" 
alias="${key.alias}" verbose="true" lazy="true" 
jar="${dist.dir}/${mail.jar}"/>

-- 


Regards/Gruß,

Tarlika Elisabeth Schmitz

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@ant.apache.org
For additional commands, e-mail: user-help@ant.apache.org


Mime
View raw message