sign-xpi-lib¶
A library to handle the manipulations of signing XPIs at Mozilla.
- Free software: MIT license
- Documentation: https://sign-xpi-lib.readthedocs.io.
Overview¶
Information about how XPI signing works in Firefox can be found at the Mozilla wiki.
A tool that generates PKCS7 signatures in the correct format is autograph, which see for more information.
This library is used by the sign-xpi lambda, but can be used by other clients too.
Usage:
from sign_xpi_lib import XPIFile
x = XPIFile('hypothetical-addon-unsigned.xpi')
# this is the mozilla.sf file computed by hashing mozilla.rsa
signed_manifest = x.signed_manifest
print(signed_manifest)
# This probably talks to Autograph or an HSM or whatever
signature = 'generate-a-signature somehow'
x.make_signed('hypothetical-addon-signed.xpi', 'mozilla.rsa',
signed_manifest, signature)
See the tests for more details.
Credits¶
This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.