Re: [signjar] prevent double signing

On Fri, 05 Nov 2004, T. E. Schmitz <[EMAIL PROTECTED]> wrote: > Thanks for the links. I couldn't find any information though as to > that and why jarsigner truncates the alias: jarsigner takes the > alias name, truncates it to 8 characters and uses this as a basename > for the SF file. I just stu

Re: [signjar] prevent double signing

Hallo Stefan, Stefan Bodewig wrote: On Thu, 04 Nov 2004, T. E. Schmitz <[EMAIL PROTECTED]> wrote: information can and should be gathered from and in particular Thanks fo

Re: [signjar] prevent double signing

On Thu, 04 Nov 2004, T. E. Schmitz <[EMAIL PROTECTED]> wrote: > Now we're talking ... ;-) 8-) All I said so far was only based on reading the source itself. "Real" information can and should be gathered from and in particular

Re: [signjar] prevent double signing

Sorry to bombard you with yet another posting ;-) T E Schmitz wrote: And why the hell toUpperCase()? The jars signed by Sun contain a mixed case SF file (Sun_micr.sf). The ones I signed with the signjar task produce a mixed case SF file, too. In fact, in both cases the SF extension is *lowercase* w

Re: [signjar] prevent double signing

Hello again, Stefan Bodewig wrote: On Thu, 4 Nov 2004, Ivan Ivanov <[EMAIL PROTECTED]> wrote: A signed jar contains the signature in a file named ALIAS.SF (ALIAS is a placeholder here) inside of the META-INF directory. All the code in signjar does is checking for this file. It doesn not check whet

Re: [signjar] prevent double signing

Hello Stefan/Ivan, Stefan Bodewig wrote: On Thu, 4 Nov 2004, Ivan Ivanov <[EMAIL PROTECTED]> wrote: Actually, there *is* a method called isSigned(File) that checks whether a jar is signed, so what you want *is* possible. A signed jar contains the signature in a file named ALIAS.SF (ALIAS is a pla

Re: [signjar] prevent double signing

--- Stefan Bodewig <[EMAIL PROTECTED]> wrote: > > A signed jar contains the signature in a file named > ALIAS.SF (ALIAS is > a placeholder here) inside of the META-INF > directory. Well, Stefan, having in mind your remark, the original requestor has the following "dirty" solution simply unjar

Re: [signjar] prevent double signing

On Thu, 4 Nov 2004, Ivan Ivanov <[EMAIL PROTECTED]> wrote: > Actually, there *is* a method called isSigned(File) that checks > whether a jar is signed, so what you want *is* possible. A signed jar contains the signature in a file named ALIAS.SF (ALIAS is a placeholder here) inside of the META-INF

Re: [signjar] prevent double signing

Helo Tarlika, --- T E Schmitz <[EMAIL PROTECTED]> wrote: > > > That's strange. This is not the output I'm getting > (I'm using Sun's SDK > 1.4.2_01 on Win2K). > > For an unsigned jar, jarsigner returns: > "jarsigner: java.lang.IllegalStateException: zip > file closed" > > For a signed jar, jar

Re: [signjar] prevent double signing

T E Schmitz wrote: That's strange. This is not the output I'm getting (I'm using Sun's SDK 1.4.2_01 on Win2K). For an unsigned jar, jarsigner returns: "jarsigner: java.lang.IllegalStateException: zip file closed" Known bug in Java 2 SDK 1.4.2, see http://java.sun.com/j2se/1.4.2/relnotes.html#jars

Re: [signjar] prevent double signing

Hello Ivan, Ivan Ivanov wrote: --- T E Schmitz <[EMAIL PROTECTED]> wrote: I'm still looking to find out if you can determine whether a jar file is already signed or not. In fact there is a way, but I do not know how it will work with Ant: jarsigner command line tool has -verify option. When run o

Re: [signjar] prevent double signing

--- T E Schmitz <[EMAIL PROTECTED]> wrote: > I'm still looking to find out if you can determine > whether a jar file is > already signed or not. In fact there is a way, but I do not know how it will work with Ant: jarsigner command line tool has -verify option. When run on signed jar: jarsigner

Re: [signjar] prevent double signing

--- T E Schmitz <[EMAIL PROTECTED]> wrote: > Hello Ivan, > Thank you for your help. > > > Touch and the script below worked a treat! > Maybe we should also mention for people searching > the archive that the > following libraries need to be in Ant's classpath: > > Jakarta BSF 2.3.0 > Rhino 1.5

Re: [signjar] prevent double signing

Hello Ivan, Thank you for your help. Ivan Ivanov wrote: I should correct myself a little. There is no neede to parse last after you retrieve it as long, because task has millis attribute. You can use it like this Touch and the script below worked a treat! Maybe we should also mention for people s

Re: [signjar] prevent double signing

I should correct myself a little. There is no neede to parse last after you retrieve it as long, because task has millis attribute. You can use it like this --- Ivan Ivanov <[EMAIL PROTECTED]> wrote: > Hi, > to get the file modified date you can use something > like this: > > > > >

Re: [signjar] prevent double signing

Hi, to get the file modified date you can use something like this: buildfile is last modified at ${buildfile.last} The above build script defines getlm script def which retrives the modification date via javascript ans sets a new prope

[signjar] prevent double signing

Hello, I am using the signjar task to sign a set of jar files for a WebStart application. Some of the jars have already been signed by Sun (e.g. mail.jar) and as a jar mustn't have more than one signature I need to exclude those files from being signed. I misunderstood and tried the "lazy" attr