The source code is available on Google Code : http://code.google.com/p/xpisigner/

Signature Verification Error: the signature on this .jar archive is invalid because the digital signature (*.RSA) file is not a valid signature of the signature instruction file (*.SF).

The signatures appear to be correct and it appears to be the chaining via intermediate certificates that is causing the issue.

This is being investigated now and should have an update tomorrow.

Version 1.6

• Fixed FileNotFound exception for xpi output file that doesn’t exist (yet). XPISigner now creates the file entry so the jar operation can use it.
• Updated the unix script
• Readme now correctly refers to the unix script as xpisigner.sh

“unwrapping private key – java.security.InvalidKeyException: Illegal key size”

This may have two causes:

• The unlimited strength policy files are not installed in your
  %JAVA_HOME%/jre/lib/security folder.
• The PFX that was generated is not well formed. See below for instructions on how to export a correctly formatted PFX from IE.

Exporting a PFX from Internet Explorer

Go to Tools | Internet Options | Content | Certificates

Select your cert/key and click Export…

Choose to export the private key.

On the next screen choose to “Include all certificates in the chain” and “Strong private key protection”

Give it a password and save to a different filename.

After a couple of days of pain, I’ve decided to write up a doc on how I was able to successfully sign an xpi using a test cert. For no better reason than I know I will forget by next week and honestly I wouldn’t want to wish the pain I endured doing this on others.

Great, this guy has done all the hard figuring out and is going to give us the couple of steps needed to do the job…

Step 1 – Build NSS First off you will need to fetch and compile the NSS tools you will need to do this. Sorry, there is no way around this.

Hey! I wanted to sign an extension, not compile the security subsystem of Mozilla. I’m off elsewhere … http://oy-oy.eu/huh/firefox-extension-code-signed-with-spc-pvk/ At least this time it only involves several binary downloads, but you have to set PATHs etc so that’s going to put people off. Has no-one sat down and created a simple tool that doesn’t require you do download zips from here and exes from there? … guess not. I didn’t really want to have to do it but in then end there wasn’t really a choice. I pulled the source for the latest firefox release (2.0.0.3), grabbed a signed extension (google toolbar) and sat myself down to figure out what it was that kept people from making this easy. Firefox XPI Internal Structure is a look at how the verification process works and XPISigner is the fruit of my labours.

The use of unsigned extensions encourages the end user to ignore the Unsigned warning in the corner.

(I’m not picking on Adblock specifically, it was the featured extension when I last visited the mozilla addons site.)

So if you’ve developed a firefox extension and you decide you want to sign your extension so that your users can easily authenticate it. What next?

You’ll need a code-signing (or object signing) certificate from a Certificate Authority. For example a Netscape compatible codesigning certificate from Globalsign can be purchased for €175 for one year.

If you follow the registration process from your browser then your private key and certificate will be stored in your browsers certificate store.

To use them with XPISigner you’ll have to export them to a file.

Both Firefox and IE use the same secure format for storing keys outside the browser. The Personal Information Exchange (PFX) file is based on the PKCS#12 standard. It’s format ensures that the exported details are kept secure and provides evidence if the file was tampered with.

In Firefox to export your private key and signing certificate you need to:

Open the options dialog under Tools | Options. Click on the Advanced section and then on the Encryption tab.

Click on the “View Certificates” button and select your certificate.

Click on Backup, enter your master password and then enter a new password to protect the exported key and certificate.

Your p12 or pfx file can now be used with XPISigner.

Downloading & Installing XPISigner

XPISigner is a java application and requires a Java5 runtime installed.

Download the latest version from the XPISigner page.

It should be unpacked to a folder on your disk. e.g. c:\tools\xpisigner

Open a command prompt (Start | Run… | cmd.exe)

CD c:/tools/xpisigner
 C:/tools/xpisigner>dir /b
 bcmail-jdk15-136.jar
 bcprov-jdk15-136.jar
 readme.txt
 xpi.jar
 xpisigner.cmd

Check that java is available from the commandline:

C:/tools/xpisigner>java -version
 java version "1.5.0_06"
 Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_06-b05)
 Java HotSpot(TM) Client VM (build 1.5.0_06-b05, mixed mode)

For the purposes of this tutorial I downloaded the Adblock Plus extension and unpacked it in C:\tools\extn

My exported codesigning p12 is in c:\tools\xpisigner1.2\exported.p12 and it’s password is password.

So to sign the Adblock extension you switch to the extension directory and run:

C:/tools/extn>c:/tools/xpisigner/xpisigner.cmd c:/tools/xpisigner/exported.p12 password
c:/tools/extn c:/tools/adblock.xpi
XPISigner v1.3 (http://o-regan.org/xpisigner-secure-your-firefox-extensions)
Copyright 2007 - Kevin O'Regan      

Excluding: []
Generated XPI...
        Filename:    C:/tools/adblock.xpi
        Size:        228 kb
        Created at:  Mon Apr 23 23:09:46 BST 2007
        Signed by:   O=O'Regan dot org,E=xpisigner@o-regan.org,C=IE,CN=XPI Signer
        Num entries: 10
Done.

The output c:\tools\adblock.xpi can be dragged into Firefox to install it. This time you can see that it is signed.

I’ve uploaded the signed adblock extension but you’ll need to install my ‘fake’ CA certificate before the extension will verify.

It is a replacement for signtool.exe

Requirements:

• Java 5 or higher
• PKCS#12 (PFX) file containing your signing key and certificate
• Your unpacked xpi directory structure

To sign the xpi file you need to point XPISigner at the directory containing your unpacked xpi.

XPISigner processes each file in the directory calculating the MD5 and SHA-1 hash values required for the manifest.mf and zigbert.sf files.

Once the hashes are calculated a PKCS#7 detached signature blob is created using the signing key provided. The PKCS#7 signature is saved as zigbert.rsa.

Finally the xpi is created. The XPI is a regular zip file with one caveat; for a signed xpi the “META-INF/zigbert.rsa” file must be stored first in the archive.

You can now test your signed xpi in Firefox.

XPISigner can be downloaded from http://o-regan.org/xpisigner-secure-your-firefox-extensions

We’ll use the Google Toolbar for Firefox as an example. It’s already signed and we can see it works when we download it.

Save off the xpi file from http://dl.google.com/firefox/google-toolbar.xpi

Using Java's jar command view the contents of the archive

C:demo>jar tvf google-toolbar-win.xpi
   3247 Tue Feb 20 12:33:50 GMT 2007 META-INF/zigbert.rsa
 573920 Sat Feb 17 15:01:32 GMT 2007 chrome/google-toolbar.jar
   2599 Sat Feb 17 15:01:32 GMT 2007 chrome.manifest
   7824 Sat Feb 17 15:01:32 GMT 2007 components/bootstrap.js
   4578 Sat Feb 17 15:01:32 GMT 2007 components/googletoolbar.xpt
   1126 Sat Feb 17 15:01:32 GMT 2007 components/metrics.xpt
 351232 Sat Feb 17 15:01:32 GMT 2007 components/googletoolbar.dll
 138752 Sat Feb 17 15:01:32 GMT 2007 components/metrics.dll
   4340 Sat Feb 17 15:01:32 GMT 2007 defaults/preferences/options.js
   2005 Sat Feb 17 15:01:32 GMT 2007 defaults/custombuttons/toolbar.google.com_CTK0Y7F4MTG6NKYH03WT.xml
   6697 Sat Feb 17 15:01:32 GMT 2007 defaults/custombuttons/toolbar.google.com_J66T77NJDBMW4FEUU7FA.xml
   7667 Sat Feb 17 15:01:32 GMT 2007 defaults/custombuttons/toolbar.google.com_O8Y91YHB24Z6SR0SGYSK.xml
  22486 Sat Feb 17 15:01:32 GMT 2007 defaults/contenthandling/doc.ico
   2446 Sat Feb 17 15:01:32 GMT 2007 install.rdf
 544031 Sat Feb 17 15:01:32 GMT 2007 lib/toolbar.js
   7789 Sat Feb 17 15:01:32 GMT 2007 LICENSE.txt
   2303 Tue Feb 20 12:33:50 GMT 2007 META-INF/manifest.mf
   2411 Tue Feb 20 12:33:50 GMT 2007 META-INF/zigbert.sf

The jar command lists the files in the order they were found in the archive. This is important as it plays a role in how Firefox determines that the archive is signed. Tools like WinZIP will re-order the listing by path.

There are 3 files of intrest to this investigation:

1. META-INF/zigbert.rsa is a PKCS#7 detached
   signature.
2. META-INF/manifest.mf is a jar file manifest
3. META-INF/zigber.sf is a manifest of manifest.mf

The reason that zigbert.rsa must be at the start of the archive is so that Firefox can determine if the archive is signed and display the signer's Organization in the confirmation dialog.

Firefox downloads just enough of the archive to extract the first entry from it. If that entry is zigbert.rsa and it is a well-formed PKCS#7 signature then the signer's Distinguished Name is taken from the signer info and the organization is displayed.

e.g., the full Distinguished Name for the google signing certificate is

CN = Google Inc
OU = Digital ID Class 3 - Netscape Object Signing
O = Google Inc
L = Mountain View
S = California
C = US

The signer must be either in the Firefox certificate store or be signed by a CA in the certificate store

This way the user is told that the xpi is signed and who signed it, before the complete archive is downloaded. If the user cancels at this point then no more of the file is downloaded.

When the user accepts the xpi for installation it is downloaded. Once the download is completed Firefox finishes the verification steps.

Each file in the archive is extracted and the MD5 and SHA-1 hashes are calculated. The values are checked against the ones stored in manifest.mf. If there is a mismatch then verification fails. If there are more (or less) files files in the archive than listed in the manifest then verification fails.

If the manifest has been checked successfully then the signature manifest (zigbert.sf) is checked. The manifest.mf is split into sections based on blank lines. Each section has it's MD5 and SHA-1 hash calculated and compared to the corresponding values in zigbert.sf. If any of the entries do not match then verification fails.

The contents of zigbert.sf is used to verify the PKCS#7 signature in zigbert.rsa.

If that signature verifies and the certificate used to sign zigbert.rsa verifies against the Firefox certificate store then the xpi is staged for installation.