Closed Bug 363222 Opened 19 years ago Closed 4 years ago

Tinderbox build-nss-util.pl script uses 3rd party tools and files.

Categories

(JSS Graveyard :: Tests, defect, P3)

Product:
JSS Graveyard
Version:
4.2.4
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: slavomir.katuscak+mozilla, Unassigned)

Details

The script build-nss-util.pl invokes a 3rd party tool "jarsigner" to sign 2 files named xpclass_dbg.jar and xpclass.jar, whose source is unknown. The source of jarsigner is unknown. Why we are doing this ?
This bug was opened while reviewing Tinderbox sources with Nelson, by Nelson's suggestion to remove jarsigner and replace it with signtool. I performed some analysis of tools: jarsigner - java tool, using keystore, and signing existing jarfile signtool - nss tool, using key3.db/cert8.db, signing directory and creating new jarfile Is there some simple way how to replace jarsigner with signtool ? In Tinderbox we use keystore containing 2 entries: Keystore type: jks Keystore provider: SUN Your keystore contains 2 entries jce code signing ca, Aug 29, 2002, trustedCertEntry, Certificate fingerprint (MD5): 66:25:5A:78:3E:1A:CA:06:C1:43:A6:15:AE:BE:A5:92 jsssign, Aug 29, 2002, keyEntry, Certificate fingerprint (MD5): F3:97:B8:1B:B7:D5:C6:CF:E4:F5:6D:0C:AA:F5:99:AA Is there some simple way how to convert this keystore to key3.db/cert8.db ? Does it make a sense to unpack existing jarfile and create new signed one ? Will this one work correctly ?
QA Contact: test → jss-qa
Priority: -- → P3
Assignee: slavomir.katuscak → nobody
JSS development has moved from the Mozilla community to the Dogtag PKI community. Please re-file this bug at https://github.com/dogtagpki/jss if it is still relevant. Thank you!
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.