XPISigner - Java cross-platorm xpi signing tool
XPISigner creates signed extensions or plug-ins for Firefox and Thunderbird.
It is a replacement for signtool.exe
Requirements:
- Java 5 or higher
- PKCS#12 (PFX) file containing your signing key and certificate
- Your unpacked xpi directory structure
To sign the xpi file you need to point XPISigner at the directory containing your unpacked xpi.
XPISigner processes each file in the directory calculating the MD5 and SHA-1 hash values required for the manifest.mf and zigbert.sf files.
Once the hashes are calculated a PKCS#7 detached signature blob is created using the signing key provided. The PKCS#7 signature is saved as zigbert.rsa.
Finally the xpi is created. The XPI is a regular zip file with one caveat; for a signed xpi the “META-INF/zigbert.rsa” file must be stored first in the archive.
You can now test your signed xpi in Firefox.
XPISigner can be downloaded from http://o-regan.org/xpisigner-secure-your-firefox-extensions
