Re: signed jar in java library
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Charles Fry <debian@frogcircus.org> writes:
> Basically, the source of the Bouncy Castle Crypto libraries is freely
> available, however the library jar file is signed by Bouncy Castle,
> which is necessary for its use as a Java security provider.
Bad.
> As far as I can tell, in creating a Java library package, I want to
> include all of the original source, but then distribute the signed jar
> rather than rebuilding it from the source.
I personally don't like it... but well, let's trust the Legion of the
Bouncy Castle
> I have tried the various options I could think of, but wherever I try to
> include the signed jar in the package, whether inside or outside of the
> debian subdirectory, with or without a new jar directory, I get the
> following error when I run dpkg-buildpackage:
You can follow the advice of doogie, or you can also rebuild a
semi-original tarball.
Also, looking at #234048, your short description will be rejected by
ftp-master. You also have to make good descriptions of all the binary
packages that your source package will produce.
I'm not a guru in cryptography so I'd like to know the differences
between Bouncy Castle Cryptography and Cryptix?
Bouncy Castle Crypto APIs -- http://www.bouncycastle.org/
Cryptix -- http://www.ntua.gr/cryptix/
Thanks for your time and help in Debian,
Cheers
- --
.''`.
: :' :rnaud
`. `'
`-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAcco/4vzFZu62tMIRAtT+AJ9nEQ6qwjR9TqD4oof17vZxKmXvbQCfQc1Q
jQjRS5DVBRHkJcriq6mgEPE=
=27ks
-----END PGP SIGNATURE-----
Reply to: