Archive

Archive for the ‘security’ Category

Possible issue with XPISigner and Firefox 4

March 29th, 2011 kevin 7 comments

Some xpi archives signed with xpisigner are failing to be verified in Firefox 4.

Signature Verification Error: the signature on this .jar archive is invalid because the digital signature (*.RSA) file is not a valid signature of the signature instruction file (*.SF).

The signatures appear to be correct and it appears to be the chaining via intermediate certificates that is causing the issue.

This is being investigated now and should have an update tomorrow.

Categories: codesigning, firefox, security, signtool, xpi Tags: ,

XPISigner source now available on Google code

October 12th, 2009 kevin No comments

Project on Google Code.

Categories: crypto, security, signtool, xpi Tags:

XPISigner v1.6 released

October 1st, 2007 kevin 1 comment

Available from the download page.

Version 1.6

  • Fixed FileNotFound exception for xpi output file that doesn’t exist (yet). XPISigner now creates the file entry so the jar operation can use it.
  • Updated the unix script
  • Readme now correctly refers to the unix script as xpisigner.sh
Categories: firefox, java, security, signtool, xpi Tags: