R
Roedy Green
The SHA-1 digest for each member of a signed jar appears in two
places:
MANIFEST.MF
and *.SF
The digests for each member differ. Why is that?
Are the digests in *.SF individually encrypted with the private key? I
would have thought just the list of digests' digest would need
encryption.
places:
MANIFEST.MF
and *.SF
The digests for each member differ. Why is that?
Are the digests in *.SF individually encrypted with the private key? I
would have thought just the list of digests' digest would need
encryption.