mexumgen - Mozilla Extension Update Manifest Generator, version 1.2
menumgen [-h | -k key.pem] [-w] [-o out.rdf] etc...
Calculate SHA1 hash of every installation package and include it in the update manifest. If -k option is present this is implied.
The private key to sign the update manifest with. Typically it is 1024-bit RSA key in PEM format. If this parameter is omitted the update manifest will not be signed.
updateInfoURL (a.k.a ``What's new'') should be included in the
generated update manifest. This changes the meaning of the tail of the command
line (see etc below).
The output update manifest file (generated and signed). This can be the same file as specified with -i option. If this parameter is omitted the resulting update manifest will be written to the standard output.
The remaining command line arguments specify the installation packages to be used and the corresponding URLs.
If -w option is present, the number of remaining arguments must be multiple of 3. Each group of 3 arguments specifies (in that order): the path to the installation package in the local file system, the URL where that package is going to be available, the URL of the ``What's new'' page for the package.
If -w option is not present, the number of remaining arguments must be multiple of 2. Each pair of arguments specifies the path to the installation package in the local file system and the URL where that package is going to be available.
In other words, the -w option indicates whether ``What's new'' URLs must be present in the list of the installation packages.
The install.rdf file found in each installation package specified in the
command line is parsed to retrieve the information about the extension (id,
version) and about the target
application(s) (id, minVersion,
maxVersion). Also, if the update manifest is to be signed or if -h
command line option is present, the SHA1 hash of each installation package
(xpi file) is calculated. That information is used to construct a new update
A key to sign the update manifest can be generated with OpenSSL:
openssl genrsa -out keyfile.pem 1024
This produces a new private key that can be used to sign update manifests.
In order to have the signature successfully verified the corresponding public
key must be specified as the updateKey in the installation manifest of the
version(s) of the extension(s). To obtain the public key the following
command can be used:
openssl rsa -in keyfile.pem -pubout -out keyfile.pub
The content of keyfile.pub (excluding the lines designating begin/end of the public key) can be copied to the installation manifests of all extensions the key is going to be used with. Obviously, this has to be done before creating the installation packages and attempting to generate an update manifest.
menumgen -k key.pem -w -o update.rdf extension.xpi http://www.example.com/download/extension.xpi http://www.example.com/extension/update.xhtml
The targetPlatform from the installation packages is not taken into account.
If the key is encrypted the password must be entered interactively, there is no way to specify it on the command line.
Signing an existing update manifest is not supported in the current version.
Convert::ASN1, XML::Parser, RDF::Core, OpenSSL, unzip
Copyright (C) 2008 Sergei Zhirikov (email@example.com)