From a2a6986c2719849d4e794261f29c8689701445e3 Mon Sep 17 00:00:00 2001 From: Nick White Date: Tue, 21 Jun 2011 23:59:42 +0100 Subject: Make keyfile dependency in makefile explicit, update TODO --- TODO | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'TODO') diff --git a/TODO b/TODO index 7faeee9..9795f23 100644 --- a/TODO +++ b/TODO @@ -1,6 +1,10 @@ +chromium: + generate appid for use in update xml + see GenerateId in extension.cc of chrome for how it works + currently should be dbggpgfcgemloeeldimghohejgnkahdi + gecko: - finish update support. this means use tool http://www.softlights.net/projects/mxtools/uhura.html to sign mozilla thing - once it's working look into using rapper and bourne shell script to sign + use rapper and bourne shell script to sign this is difficult as mozilla wants the signature of a very particular serialisation of the update rdf https://developer.mozilla.org/en/Extension_Versioning,_Update_and_Compatibility#Update_RDF_Format openssl dgst -sha512 -binary -sign private.pem web/gecko-updates.rdf i'm pretty sure generates the correct signature. however it then has to be encoded, using asn1/der & base64. also, according to the docs only the hash is signed/hashed, whereas it looks like the whole (particularly serialised) rdf is used by uhura -- cgit v1.2.3