ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivan Ivanov <>
Subject Re: [signjar] prevent double signing
Date Thu, 04 Nov 2004 12:45:09 GMT

--- T E Schmitz <> wrote:

> I'm still looking to find out if you can determine
> whether a jar file is 
> already signed or not.

In fact there is a way, but I do not know how it will
work with Ant: jarsigner command line tool has -verify
option. When run on signed jar:
jarsigner -verify signed.jar
it echoes 
jar verified
and when run on unsigned jar
jarsigner -verify unsigned.jar
it echoes
jar is unsigned. (signatures missing or not parsable).

Next idea that comes to me is that your third party
jars are not likely to changed every day. So why don't
you list them explicitly and exclude them when you
call <signjar> task?

HTH Ivan

> I had a look at the commandline tool jarsigner. But
> that comes back with 
> "jarsigner: java.lang.IllegalStateException: zip
> file closed" when there 
> is no signature.

Do you Yahoo!? 
Check out the new Yahoo! Front Page. 

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message