I do not know of one, but this link has very well documented java code for doing just that. It should be relitivly easy to rewrite in perl with that as a guide. The iffy portions for a pure perl impl. Wouls be sha1 digest etc (on my blackberry now so I can't check very well if there is apure perl sha1 digest module).
| [reply] |
Thanks - if I don't get a positive response in a couple of days, then I'll work on it myself. Thanks for the excellent article link.
| [reply] |
Have been looking for such a thing on CPAN on and off for several months now, and just wanted to check here before finally giving in and writing it myself.
Wow. I guess you don't write much perl.
What I'd do is get myself a copy of jarsigner and invoke it with system.
Either that or (since I know that what signed jar files are)
Archive::Zip along with Digest::SHA1 (and Digest::MD5).
| MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!" | | I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README). | | ** The third rule of perl club is a statement of fact: pod is sexy. |
| [reply] |
Now, now, let's be nice - Just hoping to exhibit the Perl virtue of laziness ;>
I'm already invoking jarsigner via qx{ ... } in my Perl scripts, it just happens to be agonizingly slow when I have to validate the signature on hundreds of Sun patch archive JAR files at a time - what with cranking up the Java interpreter for every invocation. Was simply asking if someone had already gone to the trouble of converting the algorithm to Perl or not. A couple of days will tell...
If not, then I won't be wasting my time when I attempt to do it using the modules that are available on CPAN as building blocks.
| [reply] |