从(ASN1)mozilla.rsa文件中提取扩展名ID [英] Extract extension id from (ASN1) mozilla.rsa file

问题描述

如何从xpi文件中检索扩展名ID? (例如，对于全局扩展安装，这是必需的)

How do you retrieve the extension ID from the xpi file? (It is needed f.ex. for global extension installation)

在以前的版本中，您可以从WebExtensions中不再存在的install.rdf中获取它. http://www.di-mgt.com.au/how-mozilla-signs-addons.html 描述它包含在META-INF/mozilla.rsa文件中.

In previous versions, you could get it from the install.rdf, which no longer exists in WebExtensions. http://www.di-mgt.com.au/how-mozilla-signs-addons.html describes that it is contained in the META-INF/mozilla.rsa file.

在python中，有pyasn1库.我无法在第一次尝试时使用它:

In python, there is the pyasn1 library. I could not get it to work on the first attempt:

from pyasn1.codec.der import decoder
f = open('/path/to/addon-dir/META-INF/mozilla.rsa')
decoder.decode(f)

给予

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/dist-packages/pyasn1/codec/ber/decoder.py", line 623, in __call__
    raise error.PyAsn1Error('Bad octet stream type')
pyasn1.error.PyAsn1Error: Bad octet stream type

推荐答案

decode方法需要缓冲区(字符串)，而不是文件对象.使用:

The decode method want a buffer (string), not a file object. Use:

from pyasn1.codec.der import decoder
buf = open('/path/to/addon-dir/META-INF/mozilla.rsa').read()
decoder.decode(buf)

为我工作.

编辑:

pyasn1_modules软件包包括代表某些常见PKCS结构的类.您可以从这样的内容开始:

The pyasn1_modules package includes classes that represent some common PKCS structs. You can start with something like this:

from pyasn1.codec.der import decoder as der_decoder
from pyasn1_modules import rfc5652, rfc2315, rfc5280

mozPath = "/path/to/mozilla.rsa"
buf = open(mozPath,"rb").read()
contentInfo = der_decoder.decode(buf, asn1Spec=rfc5652.ContentInfo())[0]

if contentInfo[0] != rfc2315.signedData:
    # fail...

signedData = der_decoder.decode(contentInfo[1], asn1Spec=rfc5652.SignedData())[0]

print(signedData.prettyPrint())

这会产生类似于openssl asn1parse -inform DER -in mozilla.rsa的输出(我自己更喜欢pyasn1的缩进，而不是openssl的"d = depth".)

This produces output similar to openssl asn1parse -inform DER -in mozilla.rsa (I myself prefer pyasn1's indentation over openssl's "d=depth".)

如果您想使用pyasn1进一步解析它，可以尝试以下操作:

If you want to further parse it using pyasn1 you can try something like:

for cert in signedData["certificates"]:
    subject = cert["certificate"]["tbsCertificate"]["subject"]
    for rdn in subject["rdnSequence"]:
        if rdn[0][0] == rfc5280.AttributeType("2.5.4.3"):
            cn = rdn[0][1].asOctets()[2:]          ### Not nice
            if cn != "production-signing-ca.addons.mozilla.org":
                print cn

这里的主要问题是我在做一些令人讨厌的事情来使字符串出现在标记的行中，但是除此之外，我认为你不会变得更好.

The major problem is here is that I'm doing something kind awful to get the string in the marked line, but except for this I don't think you can get much better.

如果您了解如何正确获取字符串，请分享.

If you find out how to get the string properly please share.

这篇关于从(ASN1)mozilla.rsa文件中提取扩展名ID的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！