in reply to Module/Algorithm for Verifying Signature on Signed JAR files in Pure Perl

Have been looking for such a thing on CPAN on and off for several months now, and just wanted to check here before finally giving in and writing it myself.
Wow. I guess you don't write much perl. What I'd do is get myself a copy of jarsigner and invoke it with system. Either that or (since I know that what signed jar files are) Archive::Zip along with Digest::SHA1 (and Digest::MD5).

MJD says "you can't just make shit up and expect the computer to know what you mean, retardo!"
I run a Win32 PPM repository for perl 5.6.x and 5.8.x -- I take requests (README).
** The third rule of perl club is a statement of fact: pod is sexy.

  • Comment on Re: Module/Algorithm for Verifying Signature on Signed JAR files in Pure Perl

Replies are listed 'Best First'.
Re^2: Module/Algorithm for Verifying Signature on Signed JAR files in Pure Perl
by gmarler (Sexton) on Aug 10, 2004 at 01:41 UTC
    Now, now, let's be nice - Just hoping to exhibit the Perl virtue of laziness ;>

    I'm already invoking jarsigner via qx{ ... } in my Perl scripts, it just happens to be agonizingly slow when I have to validate the signature on hundreds of Sun patch archive JAR files at a time - what with cranking up the Java interpreter for every invocation. Was simply asking if someone had already gone to the trouble of converting the algorithm to Perl or not. A couple of days will tell...

    If not, then I won't be wasting my time when I attempt to do it using the modules that are available on CPAN as building blocks.

[reply]

In Section Seekers of Perl Wisdom