i2p.plugins.firefox/scripts/makeplugin.sh

#!/bin/sh
#
#  basic packaging up of a plugin
#
#  usage: makeplugin.sh plugindir
#
#  zzz 2010-02
#  zzz 2014-08 added support for su3 files
#

if [ -z "$I2P" -a -d "$PWD/../i2p.i2p/pkg-temp" ]; then
	export I2P=../i2p.i2p/pkg-temp
fi

if [ ! -d "$I2P" ]; then
	echo "Can't locate your I2P installation. Please add a environment variable named I2P with the path to the folder as value"
	echo "On OSX this solved with running: export I2P=/Applications/i2p if default install directory is used."
	exit 1
fi

PUBKEYDIR=$HOME/.i2p-plugin-keys
PUBKEYFILE=$PUBKEYDIR/plugin-public-signing.key
PRIVKEYFILE=$PUBKEYDIR/plugin-private-signing.key
B64KEYFILE=$PUBKEYDIR/plugin-public-signing.txt
PUBKEYSTORE=$PUBKEYDIR/plugin-su3-public-signing.crt
PRIVKEYSTORE=$PUBKEYDIR/plugin-su3-keystore.ks
KEYTYPE=RSA_SHA512_4096

PLUGINDIR=${1:-plugin}

PC=plugin.config
PCT=${PC}.tmp

if [ ! -d $PLUGINDIR ]
then
	echo "You must have a $PLUGINDIR directory"
	exit 1
fi

if [ ! -f $PLUGINDIR/$PC ]
then
	echo "You must have a $PLUGINDIR/$PC file"
	exit 1
fi

SIGNER=`grep '^signer=' $PLUGINDIR/$PC`
if [ "$?" -ne "0" ]
then
	echo "You must have a plugin name in $PC"
	echo 'For example name=foo'
	exit 1
fi
SIGNER=`echo $SIGNER | cut -f 2 -d '='`

if [ ! -f $PRIVKEYFILE ]
then
	echo "Creating new XPI2P DSA keys"
	mkdir -p $PUBKEYDIR || exit 1
	java -cp $I2P/lib/i2p.jar net.i2p.crypto.TrustedUpdate keygen $PUBKEYFILE $PRIVKEYFILE || exit 1
	java -cp $I2P/lib/i2p.jar net.i2p.data.Base64 encode $PUBKEYFILE $B64KEYFILE || exit 1
	rm -rf logs/
	chmod 444 $PUBKEYFILE $B64KEYFILE
	chmod 400 $PRIVKEYFILE
	echo "Created new XPI2P keys: $PUBKEYFILE $PRIVKEYFILE"
fi

if [ ! -f $PRIVKEYSTORE ]
then
	echo "Creating new SU3 $KEYTYPE keys for $SIGNER"
	java -cp $I2P/lib/i2p.jar net.i2p.crypto.SU3File keygen -t $KEYTYPE $PUBKEYSTORE $PRIVKEYSTORE $SIGNER || exit 1
	echo '*** Save your password in a safe place!!! ***'
	rm -rf logs/
	# copy to the router dir so verify will work
        CDIR=$I2P/certificates/plugin
	mkdir -p $CDIR || exit 1
	CFILE=$CDIR/`echo $SIGNER | sed s/@/_at_/`.crt
	cp $PUBKEYSTORE $CFILE
	chmod 444 $PUBKEYSTORE
	chmod 400 $PRIVKEYSTORE
	chmod 644 $CFILE
	echo "Created new SU3 keys: $PUBKEYSTORE $PRIVKEYSTORE"
	echo "Copied public key to $CFILE for testing"
fi

rm -f plugin.zip

OPWD=$PWD
cd $PLUGINDIR

grep -q '^name=' $PC
if [ "$?" -ne "0" ]
then
	echo "You must have a plugin name in $PC"
	echo 'For example name=foo'
	exit 1
fi

grep -q '^version=' $PC
if [ "$?" -ne "0" ]
then
	echo "You must have a version in $PC"
	echo 'For example version=0.1.2'
	exit 1
fi

# update the date
grep -v '^date=' $PC > $PCT
DATE=`date '+%s000'`
echo "date=$DATE" >> $PCT
mv $PCT $PC || exit 1

# add our Base64 key
grep -v '^key=' $PC > $PCT
B64KEY=`cat $B64KEYFILE`
echo "key=$B64KEY" >> $PCT || exit 1
mv $PCT $PC || exit 1

# zip it
zip -r $OPWD/plugin.zip * || exit 1

# get the version and use it for the sud header
VERSION=`grep '^version=' $PC | cut -f 2 -d '='`
# get the name and use it for the file name
NAME=`grep '^name=' $PC | cut -f 2 -d '='`
XPI2P=${NAME}.xpi2p
SU3=${NAME}.su3
cd $OPWD

# sign it
echo 'Signing. ...'
java -cp $I2P/lib/i2p.jar net.i2p.crypto.TrustedUpdate sign plugin.zip $XPI2P $PRIVKEYFILE $VERSION || exit 1
java -cp $I2P/lib/i2p.jar net.i2p.crypto.SU3File sign -c PLUGIN -t $KEYTYPE plugin.zip $SU3 $PRIVKEYSTORE $VERSION $SIGNER || exit 1
rm -f plugin.zip

# verify
echo 'Verifying. ...'
java -cp $I2P/lib/i2p.jar net.i2p.crypto.TrustedUpdate showversion $XPI2P || exit 1
java -cp $I2P/lib/i2p.jar -Drouter.trustedUpdateKeys=$B64KEY net.i2p.crypto.TrustedUpdate verifysig $XPI2P || exit 1
java -cp $I2P/lib/i2p.jar net.i2p.crypto.SU3File showversion $SU3 || exit 1
java -cp $I2P/lib/i2p.jar net.i2p.crypto.SU3File verifysig -k $PUBKEYSTORE $SU3 || exit 1
rm -rf logs/

echo 'Plugin files created: '
wc -c $XPI2P
wc -c $SU3

exit 0