1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/nss/tests/tools/tools.sh Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,498 @@
1.4 +#! /bin/bash
1.5 +#
1.6 +# This Source Code Form is subject to the terms of the Mozilla Public
1.7 +# License, v. 2.0. If a copy of the MPL was not distributed with this
1.8 +# file, You can obtain one at http://mozilla.org/MPL/2.0/.
1.9 +
1.10 +########################################################################
1.11 +#
1.12 +# mozilla/security/nss/tests/tools/tools.sh
1.13 +#
1.14 +# Script to test basic functionality of NSS tools
1.15 +#
1.16 +# needs to work on all Unix and Windows platforms
1.17 +#
1.18 +# tests implemented:
1.19 +# pk12util
1.20 +# signtool
1.21 +#
1.22 +# special strings
1.23 +# ---------------
1.24 +# FIXME ... known problems, search for this string
1.25 +# NOTE .... unexpected behavior
1.26 +########################################################################
1.27 +
1.28 + export pkcs12v2pbeWithSha1And128BitRc4=\
1.29 +"PKCS #12 V2 PBE With SHA-1 and 128 Bit RC4"
1.30 +
1.31 + export pkcs12v2pbeWithSha1And40BitRc4=\
1.32 +"PKCS #12 V2 PBE With SHA-1 and 40 Bit RC4"
1.33 +
1.34 + export pkcs12v2pbeWithSha1AndTripleDESCBC=\
1.35 +"PKCS #12 V2 PBE With SHA-1 and Triple DES-CBC"
1.36 +
1.37 + export pkcs12v2pbeWithSha1And128BitRc2Cbc=\
1.38 +"PKCS #12 V2 PBE With SHA-1 and 128 Bit RC2 CBC"
1.39 +
1.40 + export pkcs12v2pbeWithSha1And40BitRc2Cbc=\
1.41 +"PKCS #12 V2 PBE With SHA-1 and 40 Bit RC2 CBC"
1.42 +
1.43 + export pkcs12v2pbeWithMd2AndDESCBC=\
1.44 +"PKCS #5 Password Based Encryption with MD2 and DES-CBC"
1.45 +
1.46 + export pkcs12v2pbeWithMd5AndDESCBC=\
1.47 +"PKCS #5 Password Based Encryption with MD5 and DES-CBC"
1.48 +
1.49 + export pkcs12v2pbeWithSha1AndDESCBC=\
1.50 +"PKCS #5 Password Based Encryption with SHA-1 and DES-CBC"
1.51 +
1.52 + export pkcs5pbeWithMD2AndDEScbc=\
1.53 +"PKCS #5 Password Based Encryption with MD2 and DES-CBC"
1.54 +
1.55 + export pkcs5pbeWithMD5AndDEScbc=\
1.56 +"PKCS #5 Password Based Encryption with MD5 and DES-CBC"
1.57 +
1.58 + export pkcs5pbeWithSha1AndDEScbc=\
1.59 +"PKCS #5 Password Based Encryption with SHA-1 and DES-CBC"
1.60 +
1.61 +############################## tools_init ##############################
1.62 +# local shell function to initialize this script
1.63 +########################################################################
1.64 +tools_init()
1.65 +{
1.66 + SCRIPTNAME=tools.sh # sourced - $0 would point to all.sh
1.67 +
1.68 + if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
1.69 + CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
1.70 + fi
1.71 +
1.72 + if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
1.73 + cd ../common
1.74 + . ./init.sh
1.75 + fi
1.76 + if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
1.77 + cd ../cert
1.78 + . ./cert.sh
1.79 + fi
1.80 + SCRIPTNAME=tools.sh
1.81 +
1.82 + if [ -z "$NSS_DISABLE_ECC" ] ; then
1.83 + html_head "Tools Tests with ECC"
1.84 + else
1.85 + html_head "Tools Tests"
1.86 + fi
1.87 +
1.88 + grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
1.89 + Exit 15 "Fatal - S/MIME of cert.sh needs to pass first"
1.90 + }
1.91 +
1.92 + TOOLSDIR=${HOSTDIR}/tools
1.93 + COPYDIR=${TOOLSDIR}/copydir
1.94 + SIGNDIR=${TOOLSDIR}/signdir
1.95 +
1.96 + R_TOOLSDIR=../tools
1.97 + R_COPYDIR=../tools/copydir
1.98 + R_SIGNDIR=../tools/signdir
1.99 + P_R_COPYDIR=${R_COPYDIR}
1.100 + P_R_SIGNDIR=${R_SIGNDIR}
1.101 + if [ -n "${MULTIACCESS_DBM}" ]; then
1.102 + P_R_COPYDIR="multiaccess:Tools.$version"
1.103 + P_R_SIGNDIR="multiaccess:Tools.sign.$version"
1.104 + fi
1.105 +
1.106 + mkdir -p ${TOOLSDIR}
1.107 + mkdir -p ${COPYDIR}
1.108 + mkdir -p ${SIGNDIR}
1.109 + cp ${ALICEDIR}/* ${SIGNDIR}/
1.110 + mkdir -p ${TOOLSDIR}/html
1.111 + cp ${QADIR}/tools/sign*.html ${TOOLSDIR}/html
1.112 +
1.113 + cd ${TOOLSDIR}
1.114 +}
1.115 +
1.116 +########################## list_p12_file ###############################
1.117 +# List the key and cert in the specified p12 file
1.118 +########################################################################
1.119 +list_p12_file()
1.120 +{
1.121 + echo "$SCRIPTNAME: Listing Alice's pk12 file"
1.122 + echo "pk12util -l ${1} -w ${R_PWFILE}"
1.123 +
1.124 + ${BINDIR}/pk12util -l ${1} -w ${R_PWFILE} 2>&1
1.125 + ret=$?
1.126 + html_msg $ret 0 "Listing ${1} (pk12util -l)"
1.127 + check_tmpfile
1.128 +}
1.129 +
1.130 +########################################################################
1.131 +# Import the key and cert from the specified p12 file
1.132 +########################################################################
1.133 +import_p12_file()
1.134 +{
1.135 + echo "$SCRIPTNAME: Importing Alice's pk12 ${1} file"
1.136 + echo "pk12util -i ${1} -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE}"
1.137 +
1.138 + ${BINDIR}/pk12util -i ${1} -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
1.139 + ret=$?
1.140 + html_msg $ret 0 "Importing ${1} (pk12util -i)"
1.141 + check_tmpfile
1.142 +}
1.143 +
1.144 +########################################################################
1.145 +# Export the key and cert to a p12 file using default ciphers
1.146 +########################################################################
1.147 +export_with_default_ciphers()
1.148 +{
1.149 + echo "$SCRIPTNAME: Exporting Alice's key & cert with [default:default] (pk12util -o)"
1.150 + echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
1.151 + echo " -k ${R_PWFILE} -w ${R_PWFILE}"
1.152 + ${BINDIR}/pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} \
1.153 + -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
1.154 + ret=$?
1.155 + html_msg $ret 0 "Exporting Alices's key & cert with [default:default] (pk12util -o)"
1.156 + check_tmpfile
1.157 + return $ret
1.158 +}
1.159 +
1.160 +########################################################################
1.161 +# Exports key/cert to a p12 file, the key encryption cipher is specified
1.162 +# and the cert encryption cipher is blank for default.
1.163 +########################################################################
1.164 +export_with_key_cipher()
1.165 +{
1.166 + # $1 key encryption cipher
1.167 + echo "$SCRIPTNAME: Exporting with [${1}:default]"
1.168 + echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
1.169 + echo " -k ${R_PWFILE} -w ${R_PWFILE} -c ${1}"
1.170 + ${BINDIR}/pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} \
1.171 + -k ${R_PWFILE} -w ${R_PWFILE} -c "${1}" 2>&1
1.172 + ret=$?
1.173 + html_msg $ret 0 "Exporting with [${1}:default] (pk12util -o)"
1.174 + check_tmpfile
1.175 + return $ret
1.176 +}
1.177 +
1.178 +########################################################################
1.179 +# Exports key/cert to a p12 file, the key encryption cipher is left
1.180 +# empty for default and the cert encryption cipher is specified.
1.181 +########################################################################
1.182 +export_with_cert_cipher()
1.183 +{
1.184 + # $1 certificate encryption cipher
1.185 + echo "$SCRIPTNAME: Exporting with [default:${1}]"
1.186 + echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
1.187 + echo " -k ${R_PWFILE} -w ${R_PWFILE} -C ${1}"
1.188 + ${BINDIR}/pk12util -o Alice.p12 -n "Alice" -d ${P_R_ALICEDIR} \
1.189 + -k ${R_PWFILE} -w ${R_PWFILE} -C "${1}" 2>&1
1.190 + ret=$?
1.191 + html_msg $ret 0 "Exporting with [default:${1}] (pk12util -o)"
1.192 + check_tmpfile
1.193 + return $ret
1.194 +}
1.195 +
1.196 +########################################################################
1.197 +# Exports key/cert to a p12 file, both the key encryption cipher and
1.198 +# the cert encryption cipher are specified.
1.199 +########################################################################
1.200 +export_with_both_key_and_cert_cipher()
1.201 +{
1.202 + # $1 key encryption cipher or ""
1.203 + # $2 certificate encryption cipher or ""
1.204 +
1.205 + echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
1.206 + echo " -k ${R_PWFILE} -w ${R_PWFILE} -c ${1} -C ${2}"
1.207 + ${BINDIR}/pk12util -o Alice.p12 -n Alice -d ${P_R_ALICEDIR} \
1.208 + -k ${R_PWFILE} -w ${R_PWFILE} \
1.209 + -c "${1}" -C "${2}" 2>&1
1.210 + ret=$?
1.211 + html_msg $ret 0 "Exporting with [${1}:${2}] (pk12util -o)"
1.212 + check_tmpfile
1.213 + return $ret
1.214 +}
1.215 +
1.216 +########################################################################
1.217 +# Exports key and cert to a p12 file, both the key encryption cipher
1.218 +# and the cert encryption cipher are specified. The key and cert are
1.219 +# imported and the p12 file is listed
1.220 +########################################################################
1.221 +export_list_import()
1.222 +{
1.223 + # $1 key encryption cipher
1.224 + # $2 certificate encryption cipher
1.225 +
1.226 + if [ "${1}" != "DEFAULT" -a "${2}" != "DEFAULT" ]; then
1.227 + export_with_both_key_and_cert_cipher "${1}" "${2}"
1.228 + elif [ "${1}" != "DEFAULT" -a "${2}" = "DEFAULT" ]; then
1.229 + export_with_key_cipher "${1}"
1.230 + elif [ "${1}" = "DEFAULT" -a "${2}" != "DEFAULT" ]; then
1.231 + export_with_cert_cipher "${2}"
1.232 + else
1.233 + export_with_default_ciphers
1.234 + fi
1.235 +
1.236 + list_p12_file Alice.p12
1.237 + import_p12_file Alice.p12
1.238 +}
1.239 +
1.240 +########################################################################
1.241 +# Export using the pkcs5pbe ciphers for key and certificate encryption.
1.242 +# List the contents of and import from the p12 file.
1.243 +########################################################################
1.244 +tools_p12_export_list_import_all_pkcs5pbe_ciphers()
1.245 +{
1.246 + # specify each on key and cert cipher
1.247 + for key_cipher in "${pkcs5pbeWithMD2AndDEScbc}" \
1.248 + "${pkcs5pbeWithMD5AndDEScbc}" \
1.249 + "${pkcs5pbeWithSha1AndDEScbc}"\
1.250 + "DEFAULT"; do
1.251 + for cert_cipher in "${pkcs5pbeWithMD2AndDEScbc}" \
1.252 + "${pkcs5pbeWithMD5AndDEScbc}" \
1.253 + "${pkcs5pbeWithSha1AndDEScbc}" \
1.254 + "DEFAULT"\
1.255 + "null"; do
1.256 + export_list_import "${key_cipher}" "${cert_cipher}"
1.257 + done
1.258 + done
1.259 +}
1.260 +
1.261 +########################################################################
1.262 +# Export using the pkcs5v2 ciphers for key and certificate encryption.
1.263 +# List the contents of and import from the p12 file.
1.264 +########################################################################
1.265 +tools_p12_export_list_import_all_pkcs5v2_ciphers()
1.266 +{
1.267 + # These should pass
1.268 + for key_cipher in\
1.269 + RC2-CBC \
1.270 + DES-EDE3-CBC \
1.271 + AES-128-CBC \
1.272 + AES-192-CBC \
1.273 + AES-256-CBC \
1.274 + CAMELLIA-128-CBC \
1.275 + CAMELLIA-192-CBC \
1.276 + CAMELLIA-256-CBC; do
1.277 +
1.278 +#---------------------------------------------------------------
1.279 +# Bug 452464 - pk12util -o fails when -C option specifies AES or
1.280 +# Camellia ciphers
1.281 +# FIXME Restore these to the list
1.282 +# AES-128-CBC, \
1.283 +# AES-192-CBC, \
1.284 +# AES-256-CBC, \
1.285 +# CAMELLIA-128-CBC, \
1.286 +# CAMELLIA-192-CBC, \
1.287 +# CAMELLIA-256-CBC, \
1.288 +# when 452464 is fixed
1.289 +#---------------------------------------------------------------
1.290 + for cert_cipher in \
1.291 + RC2-CBC \
1.292 + DES-EDE3-CBC \
1.293 + null; do
1.294 + export_list_import ${key_cipher} ${cert_cipher}
1.295 + done
1.296 + done
1.297 +}
1.298 +
1.299 +########################################################################
1.300 +# Export using the pkcs12v2pbe ciphers for key and certificate encryption.
1.301 +# List the contents of and import from the p12 file.
1.302 +########################################################################
1.303 +tools_p12_export_list_import_all_pkcs12v2pbe_ciphers()
1.304 +{
1.305 +#---------------------------------------------------------------
1.306 +# Bug 452471 - pk12util -o fails when -c option specifies pkcs12v2 PBE ciphers
1.307 +# FIXME - Restore these to the list
1.308 +# "${pkcs12v2pbeWithSha1And128BitRc4}" \
1.309 +# "${pkcs12v2pbeWithSha1And40BitRc4}" \
1.310 +# "${pkcs12v2pbeWithSha1AndTripleDESCBC}" \
1.311 +# "${pkcs12v2pbeWithSha1And128BitRc2Cbc}" \
1.312 +# "${pkcs12v2pbeWithSha1And40BitRc2Cbc}" \
1.313 +# "${pkcs12v2pbeWithMd2AndDESCBC}" \
1.314 +# "${pkcs12v2pbeWithMd5AndDESCBC}" \
1.315 +# "${pkcs12v2pbeWithSha1AndDESCBC}" \
1.316 +# "DEFAULT"; do
1.317 +# when 452471 is fixed
1.318 +#---------------------------------------------------------------
1.319 +# for key_cipher in \
1.320 + key_cipher="DEFAULT"
1.321 + for cert_cipher in "${pkcs12v2pbeWithSha1And128BitRc4}" \
1.322 + "${pkcs12v2pbeWithSha1And40BitRc4}" \
1.323 + "${pkcs12v2pbeWithSha1AndTripleDESCBC}" \
1.324 + "${pkcs12v2pbeWithSha1And128BitRc2Cbc}" \
1.325 + "${pkcs12v2pbeWithSha1And40BitRc2Cbc}" \
1.326 + "${pkcs12v2pbeWithMd2AndDESCBC}" \
1.327 + "${pkcs12v2pbeWithMd5AndDESCBC}" \
1.328 + "${pkcs12v2pbeWithSha1AndDESCBC}" \
1.329 + "DEFAULT"\
1.330 + "null"; do
1.331 + export_list_import "${key_cipher}" "${key_cipher}"
1.332 + done
1.333 + #done
1.334 +}
1.335 +
1.336 +#########################################################################
1.337 +# Export with no encryption on key should fail but on cert should pass
1.338 +#########################################################################
1.339 +tools_p12_export_with_null_ciphers()
1.340 +{
1.341 + # use null as the key encryption algorithm default for the cert one
1.342 + # should fail
1.343 +
1.344 + echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
1.345 + echo " -k ${R_PWFILE} -w ${R_PWFILE} -c null"
1.346 + ${BINDIR}/pk12util -o Alice.p12 -n Alice -d ${P_R_ALICEDIR} \
1.347 + -k ${R_PWFILE} -w ${R_PWFILE} \
1.348 + -c null 2>&1
1.349 + ret=$?
1.350 + html_msg $ret 30 "Exporting with [null:default] (pk12util -o)"
1.351 + check_tmpfile
1.352 +
1.353 + # use default as the key encryption algorithm null for the cert one
1.354 + # should pass
1.355 +
1.356 + echo "pk12util -o Alice.p12 -n \"Alice\" -d ${P_R_ALICEDIR} \\"
1.357 + echo " -k ${R_PWFILE} -w ${R_PWFILE} -C null"
1.358 + ${BINDIR}/pk12util -o Alice.p12 -n Alice -d ${P_R_ALICEDIR} \
1.359 + -k ${R_PWFILE} -w ${R_PWFILE} \
1.360 + -C null 2>&1
1.361 + ret=$?
1.362 + html_msg $ret 0 "Exporting with [default:null] (pk12util -o)"
1.363 + check_tmpfile
1.364 +
1.365 +}
1.366 +
1.367 +#########################################################################
1.368 +# Exports using the default key and certificate encryption ciphers.
1.369 +# Imports from and lists the contents of the p12 file.
1.370 +# Repeats the test with ECC if enabled.
1.371 +########################################################################
1.372 +tools_p12_export_list_import_with_default_ciphers()
1.373 +{
1.374 + echo "$SCRIPTNAME: Exporting Alice's email cert & key - default ciphers"
1.375 +
1.376 + export_list_import "DEFAULT" "DEFAULT"
1.377 +
1.378 + if [ -z "$NSS_DISABLE_ECC" ] ; then
1.379 + echo "$SCRIPTNAME: Exporting Alice's email EC cert & key---------------"
1.380 + echo "pk12util -o Alice-ec.p12 -n \"Alice-ec\" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \\"
1.381 + echo " -w ${R_PWFILE}"
1.382 + ${BINDIR}/pk12util -o Alice-ec.p12 -n "Alice-ec" -d ${P_R_ALICEDIR} -k ${R_PWFILE} \
1.383 + -w ${R_PWFILE} 2>&1
1.384 + ret=$?
1.385 + html_msg $ret 0 "Exporting Alice's email EC cert & key (pk12util -o)"
1.386 + check_tmpfile
1.387 +
1.388 + echo "$SCRIPTNAME: Importing Alice's email EC cert & key --------------"
1.389 + echo "pk12util -i Alice-ec.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE}"
1.390 + ${BINDIR}/pk12util -i Alice-ec.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
1.391 + ret=$?
1.392 + html_msg $ret 0 "Importing Alice's email EC cert & key (pk12util -i)"
1.393 + check_tmpfile
1.394 +
1.395 + echo "$SCRIPTNAME: Listing Alice's pk12 EC file -----------------"
1.396 + echo "pk12util -l Alice-ec.p12 -w ${R_PWFILE}"
1.397 + ${BINDIR}/pk12util -l Alice-ec.p12 -w ${R_PWFILE} 2>&1
1.398 + ret=$?
1.399 + html_msg $ret 0 "Listing Alice's pk12 EC file (pk12util -l)"
1.400 + check_tmpfile
1.401 + fi
1.402 +}
1.403 +
1.404 +############################## tools_p12 ###############################
1.405 +# local shell function to test basic functionality of pk12util
1.406 +########################################################################
1.407 +tools_p12()
1.408 +{
1.409 + tools_p12_export_list_import_with_default_ciphers
1.410 + tools_p12_export_list_import_all_pkcs5v2_ciphers
1.411 + tools_p12_export_list_import_all_pkcs5pbe_ciphers
1.412 + tools_p12_export_list_import_all_pkcs12v2pbe_ciphers
1.413 + tools_p12_export_with_null_ciphers
1.414 +}
1.415 +
1.416 +############################## tools_sign ##############################
1.417 +# local shell function pk12util uses a hardcoded tmp file, if this exists
1.418 +# and is owned by another user we don't get reasonable errormessages
1.419 +########################################################################
1.420 +check_tmpfile()
1.421 +{
1.422 + if [ $ret != "0" -a -f /tmp/Pk12uTemp ] ; then
1.423 + echo "Error: pk12util temp file exists. Please remove this file and"
1.424 + echo " rerun the test (/tmp/Pk12uTemp) "
1.425 + fi
1.426 +}
1.427 +
1.428 +############################## tools_sign ##############################
1.429 +# local shell function to test basic functionality of signtool
1.430 +########################################################################
1.431 +tools_sign()
1.432 +{
1.433 + echo "$SCRIPTNAME: Create objsign cert -------------------------------"
1.434 + echo "signtool -G \"objectsigner\" -d ${P_R_SIGNDIR} -p \"nss\""
1.435 + ${BINDIR}/signtool -G "objsigner" -d ${P_R_SIGNDIR} -p "nss" 2>&1 <<SIGNSCRIPT
1.436 +y
1.437 +TEST
1.438 +MOZ
1.439 +NSS
1.440 +NY
1.441 +US
1.442 +liz
1.443 +liz@moz.org
1.444 +SIGNSCRIPT
1.445 + html_msg $? 0 "Create objsign cert (signtool -G)"
1.446 +
1.447 + echo "$SCRIPTNAME: Signing a jar of files ----------------------------"
1.448 + echo "signtool -Z nojs.jar -d ${P_R_SIGNDIR} -p \"nss\" -k objsigner \\"
1.449 + echo " ${R_TOOLSDIR}/html"
1.450 + ${BINDIR}/signtool -Z nojs.jar -d ${P_R_SIGNDIR} -p "nss" -k objsigner \
1.451 + ${R_TOOLSDIR}/html
1.452 + html_msg $? 0 "Signing a jar of files (signtool -Z)"
1.453 +
1.454 + echo "$SCRIPTNAME: Listing signed files in jar ----------------------"
1.455 + echo "signtool -v nojs.jar -d ${P_R_SIGNDIR} -p nss -k objsigner"
1.456 + ${BINDIR}/signtool -v nojs.jar -d ${P_R_SIGNDIR} -p nss -k objsigner
1.457 + html_msg $? 0 "Listing signed files in jar (signtool -v)"
1.458 +
1.459 + echo "$SCRIPTNAME: Show who signed jar ------------------------------"
1.460 + echo "signtool -w nojs.jar -d ${P_R_SIGNDIR}"
1.461 + ${BINDIR}/signtool -w nojs.jar -d ${P_R_SIGNDIR}
1.462 + html_msg $? 0 "Show who signed jar (signtool -w)"
1.463 +
1.464 + echo "$SCRIPTNAME: Signing a xpi of files ----------------------------"
1.465 + echo "signtool -Z nojs.xpi -X -d ${P_R_SIGNDIR} -p \"nss\" -k objsigner \\"
1.466 + echo " ${R_TOOLSDIR}/html"
1.467 + ${BINDIR}/signtool -Z nojs.xpi -X -d ${P_R_SIGNDIR} -p "nss" -k objsigner \
1.468 + ${R_TOOLSDIR}/html
1.469 + html_msg $? 0 "Signing a xpi of files (signtool -Z -X)"
1.470 +
1.471 + echo "$SCRIPTNAME: Listing signed files in xpi ----------------------"
1.472 + echo "signtool -v nojs.xpi -d ${P_R_SIGNDIR} -p nss -k objsigner"
1.473 + ${BINDIR}/signtool -v nojs.xpi -d ${P_R_SIGNDIR} -p nss -k objsigner
1.474 + html_msg $? 0 "Listing signed files in xpi (signtool -v)"
1.475 +
1.476 + echo "$SCRIPTNAME: Show who signed xpi ------------------------------"
1.477 + echo "signtool -w nojs.xpi -d ${P_R_SIGNDIR}"
1.478 + ${BINDIR}/signtool -w nojs.xpi -d ${P_R_SIGNDIR}
1.479 + html_msg $? 0 "Show who signed xpi (signtool -w)"
1.480 +
1.481 +}
1.482 +
1.483 +############################## tools_cleanup ###########################
1.484 +# local shell function to finish this script (no exit since it might be
1.485 +# sourced)
1.486 +########################################################################
1.487 +tools_cleanup()
1.488 +{
1.489 + html "</TABLE><BR>"
1.490 + cd ${QADIR}
1.491 + . common/cleanup.sh
1.492 +}
1.493 +
1.494 +################## main #################################################
1.495 +
1.496 +tools_init
1.497 +tools_p12
1.498 +tools_sign
1.499 +tools_cleanup
1.500 +
1.501 +
