The problem with jarsigner is it requires running a separate executable and
is not what I need programmatically. In case anyone cares, here's code that
does it. It's sample code to show JCE provider writers how to make sure
their users haven't been playing with the provider signed jars - similar to
what Sun did with JSSE in 1.4:
http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/HowToImplAJCEProvider.html#MutualAuth
----- Original Message -----
From: <ktimmons@xxxxxxxxxxxx>
To: <users@xxxxxxxxxx>
Sent: Wednesday, June 29, 2005 9:54 AM
Subject: [cinjug] RE: [cinjug-users] Verifying signed jar files
> jarsigner -verify -verbose -certs filename.jar
>
>
>
> -----------------------------------------------------------------------
> ---------
> From: C. Cavanaugh [mailto:jamesmc@xxxxxxx]
> Sent: Tuesday, June 28, 2005 7:03 PM
> To: users@xxxxxxxxxx
> Subject: [cinjug-users] Verifying signed jar files
>
>
> Has anyone verified a signed jar programmatically? I need to do this
> for a secure application I'm working on.
>
>
>
> ---------
> You may unsubscribe from this mailing list
> by sending a blank email addressed to:
> users-unsubscribe@xxxxxxxxxx
>
> --
> Find additional help by sending a blank email
> addressed to:
> users-help@xxxxxxxxxx
>
>
>
|