> Sun's java/jarsigner isn't available on the hppa architecture.
Oh, I see now.
Looking around I found these implementation files:
http://docjar.org/html/api/gnu/javax/crypto/jce/keyring/GnuKeyring.java.html
http://docjar.org/html/api/gnu/java/security/Registry.java.html
The former appears to be the one throwing the error; it is checking the
first 4 bytes of the keystore against GKR_MAGIC[] defined in the latter
to be:
byte[] GKR_MAGIC = new byte[] { 0x47, 0x4b, 0x52, 0x01 };
I'm guessing 'GKR' stands for Gnu Key Ring, but I could be wrong.
In any event I think it is incompatible with other jarsigners.
The options aren't particularly good, but you have some:
1) Create your own keystore that is compatible with this jarsigner,
and use that instead of the included one.
Note that this jarsigning going on here in x11vnc has nothing to
do with security or authentication, in fact the opposite: it is
only to provide a signed jar that a user can accept and have it
run as an application rather than an applet to enable local file
saving or getting a socket connection through a web proxy.
2) Build (or borrow) the signed jar files built on a different
architecture that has sun's jarsigner. Or send them to another
machine to be signed. There is no intrinsic reason these
jars need to be built or signed on the platform they will be
deployed on (they are really just platform-independent 'data'
files that will be served and run on jvm's elsewhere, not hppa.)
I understand debian build rules may get in the way of this.
3) Don't ship the signed jars in the hppa package. It is not the
end of the world. Better to provide the regular and SSL-enabled
applets which I imagine are used much more often than the signed
ones.
That's all I can think of.
Karl
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
