Skip to content
This repository has been archived by the owner on Dec 22, 2023. It is now read-only.

Commit

Permalink
Fixed self-signing
Browse files Browse the repository at this point in the history
  • Loading branch information
@keithbowes
keithbowes committed Jan 29, 2017
1 parent 85a5e05 commit 328e4cb
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 10 deletions.
1 change: 0 additions & 1 deletion development/.gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
META-INF
builds/*
chrome
config.sed
Expand Down
34 changes: 25 additions & 9 deletions development/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,18 @@ SHELL = /bin/sh
BROWSER ?= $(if $(and $(DISPLAY),$(XDG_SESSION_ID)),xdg-open, \
$(if $(and $(COMSPEC),$(OS)),start,firefox))

CP ?= install -m 644
CURL ?= curl
ECHO ?= echo
GPG ?= gpg
MKDIR ?= install -d -m 755
MV ?= mv
RM ?= rm -f
RMDIR ?= $(RM) -r
SED ?= sed
ZIP ?= zip -q -r -9

CERT_PASS ?= password

AMO_API_KEY ?= user:12345678:987
AMO_API_SECRET ?= 28934y23i4h32i4j23nk4j3244
JWT ?= $(shell jwtgen --api-key $(AMO_API_KEY) --api-secret $(AMO_API_SECRET))
Expand Down Expand Up @@ -54,12 +57,6 @@ sign: $(out_xpi)
$(CURL) -H "Authorization: JWT $(JWT)" -XPUT --form "upload=@$(out_xpi)" https://addons.mozilla.org/api/v3/addons/$(ID)/versions/$(VERSION)
$(CURL) -o $(signed_xpi) https://addons.mozilla.org/addon/$(ID)/$(notdir $(signed_xpi))

# If Mozilla didn't have such an inconvenient signing system:
selfsign: generate
$(MKDIR) META-INF
$(GPG) --armor --detach-sign --output META-INF/signature.asc install.js install.rdf license.txt chrome/useragentswitcher.jar
$(MAKE) xpi

dtd_files ::= $(addsuffix /useragentswitcher/useragentswitcher.dtd,$(wildcard source/locale_common/*))
update-translations: $(dtd_files)
$(dtd_files): $(addprefix source/locale_common/en-US/useragentswitcher/useragentswitcher.,dtd properties)
Expand All @@ -72,7 +69,7 @@ chrome/useragentswitcher.jar: config.sed $(chrome_files)
$(MKDIR) chrome
$(foreach dir,content locale skin,$(MKDIR) $(addprefix chrome/,$(dir);))
$(foreach file,$(subst $<,,$^),$(MKDIR) $(dir $(call adjust_path,$(file))); $(SED) -f $< -e "s/@build.date@/`date +'%B %d, %Y'`/g" $(file) > $(call adjust_path,$(file));)
cd chrome && $(ZIP) $(notdir $@) content locale skin
cd chrome && $(ZIP) -0 $(notdir $@) content locale skin
$(RMDIR) $(addprefix chrome/,content locale skin)

config.sed: config.properties
Expand All @@ -81,6 +78,25 @@ config.sed: config.properties
install.%: config.sed common_install.%
$(SED) -f $^ > $@

$(out_xpi): $(wildcard META-INF) chrome/useragentswitcher.jar chrome.manifest install.js install.rdf
$(out_xpi): chrome/useragentswitcher.jar chrome.manifest install.js install.rdf
$(MKDIR) builds
$(ZIP) $@ $^ license.txt

# The older, more convenient way to sign.
# I hope Mozilla reintroduces something like this.
selfsign: generate x509.cert
$(MKDIR) META-INF
signtool -d . -k $(ID) -p $(CERT_PASS) .
$(ZIP) $(out_xpi) META-INF/zigbert.rsa
$(ZIP) -D $(out_xpi) chrome/useragentswitcher.jar install.js install.rdf license.txt \
$(filter-out %.rsa,$(wildcard META-INF/*))
$(MV) $(out_xpi) $(subst .xpi,-selfsigned.xpi,$(out_xpi))

x509.cert: x509.cacert
$(CP) $< $@

x509.cacert: key3.db
signtool -G $(ID) -d . -p $(CERT_PASS)

key3.db:
certutil -N -d .

0 comments on commit 328e4cb

Please sign in to comment.