A library to handle the manipulations of signing XPIs at Mozilla.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for glasserc from gravatar.com glasserc

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Mozilla Public License 2.0 (MPL 2.0) (MPL)
  • Author: Ethan Glasser-Camp
  • Tags sign_xpi
Classifiers

Project description

sign-xpi-lib

https://img.shields.io/pypi/v/sign_xpi_lib.svg https://img.shields.io/travis/mozilla-services/sign-xpi-lib.svg Documentation Status Updates

A library to handle the manipulations of signing XPIs at Mozilla.

Overview

Information about how XPI signing works in Firefox can be found at the Mozilla wiki.

A tool that generates PKCS7 signatures in the correct format is autograph, which see for more information.

This library is used by the sign-xpi lambda, but can be used by other clients too.

Usage:

from sign_xpi_lib import XPIFile

x = XPIFile('hypothetical-addon-unsigned.xpi')

# this is the mozilla.sf file computed by hashing mozilla.rsa
signed_manifest = x.signed_manifest
print(signed_manifest)

# This probably talks to Autograph or an HSM or whatever
signature = 'generate-a-signature somehow'

x.make_signed('hypothetical-addon-signed.xpi', 'mozilla.rsa',
              signed_manifest, signature)

See the tests for more details.

Credits

This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.

History

0.1.0 (2017-07-07)

  • First release on PyPI.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for glasserc from gravatar.com glasserc

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Mozilla Public License 2.0 (MPL 2.0) (MPL)
  • Author: Ethan Glasser-Camp
  • Tags sign_xpi
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sign-xpi-lib-0.1.0.tar.gz (24.3 kB view details)

Uploaded Source

Built Distribution

sign_xpi_lib-0.1.0-py2.py3-none-any.whl (7.8 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file sign-xpi-lib-0.1.0.tar.gz.

File metadata

File hashes

Hashes for sign-xpi-lib-0.1.0.tar.gz
Algorithm Hash digest
SHA256 22ec00d91327085762089db0a6aeec941cf54428b7f4f996a068911807416d98
MD5 39bb94705ec6f50633a7be8ba7dc75ef
BLAKE2b-256 2a9c7958274a43073f2fa4589cce478194ed456c07a625b43a5afc2d4bbc341e

See more details on using hashes here.

File details

Details for the file sign_xpi_lib-0.1.0-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for sign_xpi_lib-0.1.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 00e16b22385e60e1b7253e090670254f455fe5012b986c964ff4ed5e4b57b640
MD5 2ec92114e5042b36078b25b6c71706ba
BLAKE2b-256 0310dc8507bab0debbd199c8739b83e1d26821bef879d61b2acd8f6b8ff5e647

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page