From 147d2ebe5a041a43c34210ef52441610bee70458 Mon Sep 17 00:00:00 2001 From: John Bieling Date: Tue, 11 Dec 2018 15:48:36 +0100 Subject: [PATCH 1/5] Update README --- README | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 71 insertions(+), 1 deletion(-) diff --git a/README b/README index 21e492f..9cc83b1 100644 --- a/README +++ b/README @@ -1 +1,71 @@ -See http://hyperstruct.net/projects/spock. +** spock +A command-line tool to sign update manifests of Mozilla extensions + +** What is this? +spock signs a Mozilla extension manifest (update.rdf) file and optionally sets a value for , , and . + +It was hacked together as a non-interactive replacement to McCoy. + +** Prerequisites +- libxml +- libxslt +- ruby, with bindings to libxml and libxslt +You should have created a key with McCoy. The key must not be protected with a password. If there is more than one key, the first one will be used. +spock, normalize_update_rdf.rb, nss_sign_data and rdf2nt.xsl must be in the same directory. +Additionally, on Debian Sid, I used these packages, plus their *-dev counterparts: + +- libnss3-1d +- libnspr4-0d +These are needed on Fedora instead (thanks, Godmar!). Include files will be placed in /usr/include/nss3 and /usr/include/nspr4, requiring a Makefile change: + +-nss-devel +-nss +-nspr-devel +-nspr +See Godmar's comment below for more instructions about Fedora. + +** Usage + +Usage: spock [options] FILE + -i, --extension-id ID ID of the extension resource, including version if any + Examples: + urn:mozilla:extension:foo@bar.org:0.1 + urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} + -v, --version VERSION Set value in resulting update.rdf + -u, --update-link URL Set value in resulting update.rdf + -f, --file PACKAGE_FILENAME Determine value using PACKAGE_FILENAME + -d, --nss-directory DIR Directory containing key key3.db + Example: ~/.mozilla/mccoy/rt7xxbxw.default/ + + -h, --help This help text + +** Simple example: + + +$ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} -d ~/.mozilla/mccoy/rt7xxbxw.default/ >update.rdf.signed + +** Advanced example: + + +$ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} -d ~/.mozilla/mccoy/rt7xxbxw.default/ -v 0.1.0 -u http://my.site.com/extensions/ext.xpi -f ext.xpi >update.rdf.signed + +** Limitations +update.rdf must be valid XML. Note that Mozilla reading the file correctly does not ensure that it will be valid for libxml. Common issues include about= and resource= attributes being unqualified (so if you have an xmlns:RDF= at the top, make sure you write RDF:about= and RDF:resource=). You might want to use include sample.update.rdf as a guide for your own. +Only the first key in McCoy database is used, and it must not be protected by a password. +Only one extension per update.rdf is supported. +The input update.rdf must not contain an element already. +update.rdf must already contain and tags, even if empty. Spock won't add them. + +** Credits +For rtf2nt.xsl, see file. + +normalize_update_rdf.rb is a direct translation (minus mistakes, mine) of Dave Townsend’s rdfserializer.js from McCoy. Much of nss_sign_data.c has been adapted from there too. + +Content of the nss/ directory comes from libnss3. + +A big thank-you to dafi (Davide Ficano) for helping with testing. + +Important notice +This software is NOT endorsed by Mozilla. + +This software is also NOT supported by the author. Use at your own risk. From 831d19b727ff19c3497073b5405e80c1bffe55e7 Mon Sep 17 00:00:00 2001 From: John Bieling Date: Tue, 11 Dec 2018 15:49:03 +0100 Subject: [PATCH 2/5] Rename README to README.MD --- README => README.MD | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename README => README.MD (100%) diff --git a/README b/README.MD similarity index 100% rename from README rename to README.MD From 9c1f39a7044ba6740d4b5a192689c08084a2736a Mon Sep 17 00:00:00 2001 From: John Bieling Date: Tue, 11 Dec 2018 15:49:50 +0100 Subject: [PATCH 3/5] Update README.MD --- README.MD | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/README.MD b/README.MD index 9cc83b1..a9f842c 100644 --- a/README.MD +++ b/README.MD @@ -1,12 +1,12 @@ -** spock +# spock A command-line tool to sign update manifests of Mozilla extensions -** What is this? +## What is this? spock signs a Mozilla extension manifest (update.rdf) file and optionally sets a value for , , and . It was hacked together as a non-interactive replacement to McCoy. -** Prerequisites +## Prerequisites - libxml - libxslt - ruby, with bindings to libxml and libxslt @@ -24,7 +24,7 @@ These are needed on Fedora instead (thanks, Godmar!). Include files will be plac -nspr See Godmar's comment below for more instructions about Fedora. -** Usage +## Usage Usage: spock [options] FILE -i, --extension-id ID ID of the extension resource, including version if any @@ -39,24 +39,24 @@ Usage: spock [options] FILE -h, --help This help text -** Simple example: +## Simple example: $ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} -d ~/.mozilla/mccoy/rt7xxbxw.default/ >update.rdf.signed -** Advanced example: +## Advanced example: $ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} -d ~/.mozilla/mccoy/rt7xxbxw.default/ -v 0.1.0 -u http://my.site.com/extensions/ext.xpi -f ext.xpi >update.rdf.signed -** Limitations +## Limitations update.rdf must be valid XML. Note that Mozilla reading the file correctly does not ensure that it will be valid for libxml. Common issues include about= and resource= attributes being unqualified (so if you have an xmlns:RDF= at the top, make sure you write RDF:about= and RDF:resource=). You might want to use include sample.update.rdf as a guide for your own. Only the first key in McCoy database is used, and it must not be protected by a password. Only one extension per update.rdf is supported. The input update.rdf must not contain an element already. update.rdf must already contain and tags, even if empty. Spock won't add them. -** Credits +## Credits For rtf2nt.xsl, see file. normalize_update_rdf.rb is a direct translation (minus mistakes, mine) of Dave Townsend’s rdfserializer.js from McCoy. Much of nss_sign_data.c has been adapted from there too. @@ -65,7 +65,7 @@ Content of the nss/ directory comes from libnss3. A big thank-you to dafi (Davide Ficano) for helping with testing. -Important notice +## Important notice This software is NOT endorsed by Mozilla. This software is also NOT supported by the author. Use at your own risk. From 3f2ae10b0f6fce88117b737c2a615974a7dc7f33 Mon Sep 17 00:00:00 2001 From: John Bieling Date: Tue, 11 Dec 2018 15:51:33 +0100 Subject: [PATCH 4/5] Update README.MD --- README.MD | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.MD b/README.MD index a9f842c..e032995 100644 --- a/README.MD +++ b/README.MD @@ -10,18 +10,22 @@ It was hacked together as a non-interactive replacement to McCoy. - libxml - libxslt - ruby, with bindings to libxml and libxslt + You should have created a key with McCoy. The key must not be protected with a password. If there is more than one key, the first one will be used. + spock, normalize_update_rdf.rb, nss_sign_data and rdf2nt.xsl must be in the same directory. Additionally, on Debian Sid, I used these packages, plus their *-dev counterparts: - libnss3-1d - libnspr4-0d + These are needed on Fedora instead (thanks, Godmar!). Include files will be placed in /usr/include/nss3 and /usr/include/nspr4, requiring a Makefile change: -nss-devel -nss -nspr-devel -nspr + See Godmar's comment below for more instructions about Fedora. ## Usage @@ -51,9 +55,13 @@ $ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8 ## Limitations update.rdf must be valid XML. Note that Mozilla reading the file correctly does not ensure that it will be valid for libxml. Common issues include about= and resource= attributes being unqualified (so if you have an xmlns:RDF= at the top, make sure you write RDF:about= and RDF:resource=). You might want to use include sample.update.rdf as a guide for your own. + Only the first key in McCoy database is used, and it must not be protected by a password. + Only one extension per update.rdf is supported. + The input update.rdf must not contain an element already. + update.rdf must already contain and tags, even if empty. Spock won't add them. ## Credits From 080a8e7a2db3e1d3516445586a8ab87c6af613ff Mon Sep 17 00:00:00 2001 From: John Bieling Date: Tue, 11 Dec 2018 15:52:43 +0100 Subject: [PATCH 5/5] Update README.MD --- README.MD | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.MD b/README.MD index e032995..b22b9f5 100644 --- a/README.MD +++ b/README.MD @@ -30,6 +30,7 @@ See Godmar's comment below for more instructions about Fedora. ## Usage +``` Usage: spock [options] FILE -i, --extension-id ID ID of the extension resource, including version if any Examples: @@ -42,16 +43,15 @@ Usage: spock [options] FILE Example: ~/.mozilla/mccoy/rt7xxbxw.default/ -h, --help This help text +``` ## Simple example: - -$ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} -d ~/.mozilla/mccoy/rt7xxbxw.default/ >update.rdf.signed +$ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} -d ~/.mozilla/mccoy/rt7xxbxw.default/ > update.rdf.signed ## Advanced example: - -$ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} -d ~/.mozilla/mccoy/rt7xxbxw.default/ -v 0.1.0 -u http://my.site.com/extensions/ext.xpi -f ext.xpi >update.rdf.signed +$ ./spock update.rdf -i urn:mozilla:extension:{eecba28f-b68b-4b3a-b501-6ce12e6b8696} -d ~/.mozilla/mccoy/rt7xxbxw.default/ -v 0.1.0 -u http://my.site.com/extensions/ext.xpi -f ext.xpi > update.rdf.signed ## Limitations update.rdf must be valid XML. Note that Mozilla reading the file correctly does not ensure that it will be valid for libxml. Common issues include about= and resource= attributes being unqualified (so if you have an xmlns:RDF= at the top, make sure you write RDF:about= and RDF:resource=). You might want to use include sample.update.rdf as a guide for your own.