Laurent brought this up recently in the comments on the XPISigner download page. He ran into an issue signing his Firefox Linux plug-in with XPISigner. Some files were no longer executable when the XPI was deployed.
This is a ‘feature’ of java’s cross-platform underpinnings, since not all platforms use file-system metadata to flag files as executable.
You [...]
Available from the download page.
Version 1.6
Fixed FileNotFound exception for xpi output file that doesn’t exist (yet). XPISigner now creates the file entry so the jar operation can use it.
Updated the unix script
Readme now correctly refers to the unix script as xpisigner.sh
Now available from the download page.
Updated the readme.txt in the zip to the latest version.
Some VM’s displayed FileNotFound exceptions when the META-INF folder didn’t exist. Added explicit checks and create folders as required.
Removed some debugging statements e.g., “bc” from the output.
When running from a folder other than the baseDir the value of baseDir needed to [...]
Now available from the download page.
Updated the readme.txt in the zip to the latest version.
Some VM’s displayed FileNotFound exceptions when the META-INF folder didn’t exist. Added explicit checks and create folders as required.
Removed some debugging statements e.g., “bc” from the output.
When running from a folder other than the baseDir the value of baseDir needed to [...]
When running XPISigner with a PFX generated from SPC & PVK files you may run into the following error…
“unwrapping private key - java.security.InvalidKeyException: Illegal key size”
This may have two causes:
The unlimited strength policy files are not installed in your %JAVA_HOME%/jre/lib/security folder.
The PFX that was generated is not well formed. See below for instructions on how to export [...]
A random sampling of the extensions available on addons.mozilla.org shows that the majority of extensions available for download are unsigned. The only signed extension found in the search was the Google Toolbar.
The use of unsigned extensions encourages the end user to ignore the Unsigned warning in the corner.
(I’m not picking on Adblock specifically, it was [...]
XPISigner creates signed extensions or plug-ins for Firefox and Thunderbird.
It is a replacement for signtool.exe
Requirements:
Java 5 or higher
PKCS#12 (PFX) file containing your signing key and certificate
Your unpacked xpi directory structure
To sign the xpi file you need to point XPISigner at the directory containing your unpacked xpi.
XPISigner processes each file in the directory calculating the MD5 [...]
Let’s take a signed XPI apart and see what’re required to build a tool like XPISigner
We’ll use the Google Toolbar for Firefox as an example. It’s already signed and we can see it works when we download it.
Save off the xpi file from http://dl.google.com/firefox/google-toolbar.xpi
a blog about a little codesigning tool and its author.
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Apr | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 | |||
