Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.java.security > #267
| From | Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> |
|---|---|
| Newsgroups | comp.lang.java.security |
| Subject | Re: manifest puzzle |
| Date | 2013-02-27 13:08 +0100 |
| Organization | A noiseless patient Spider |
| Message-ID | <kgksuc$q94$1@dont-email.me> (permalink) |
| References | <3v5kd8tidmn713h9k5eehc6c20naa1b93b@4ax.com> |
On 25/12/2012 22:19, Roedy Green allegedly wrote: > in manifest.mf it says: > > Name: com/mindprod/masmbalancer/MASMState$9.class > Last-Modified: Tue, 25 Dec 2012 11:05:05 PST > Content-Location: E:\com\mindprod\masmbalancer\MASMState$9.class > SHA-256-Digest: R8eb0fQWMUh/3ft0aAD/nmal16cKxDrkZQv9GM2+Tx4= > > in manifest.sf it says: > Name: com/mindprod/masmbalancer/MASMState$9.class > SHA-256-Digest: 1hqcSo3/d27+Hy9syS9/FL1m4RmYKX3fOVTeOVSn0EE= > > Why would the digests differ? > > Is the sf digest salted in some way with my private signing key? Cf. <http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/jarsigner.html>: "In the manifest file, the SHA digest value for each source file is the digest (hash) of the binary data in the source file. In the .SF file, on the other hand, the digest value for a given source file is the hash of the three lines in the manifest file for the source file." Does that address the question? -- DF.
Back to comp.lang.java.security | Previous | Next — Previous in thread | Next in thread | Find similar
manifest puzzle Roedy Green <see_website@mindprod.com.invalid> - 2012-12-25 13:19 -0800
Re: manifest puzzle Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2013-02-27 13:08 +0100
Re: manifest puzzle Roedy Green <see_website@mindprod.com.invalid> - 2013-03-01 00:22 -0800
csiph-web