def main():
parser = argparse.ArgumentParser(description='Sign a B2G app manifest.')
parser.add_argument('-d', action='store',
required=True, help='NSS database directory')
parser.add_argument('-f', action='store',
type=argparse.FileType('rb'),
required=True, help='password file')
parser.add_argument('-k', action='store',
required=True, help="nickname of signing cert.")
parser.add_argument('-i', action='store', type=argparse.FileType('rb'),
required=True, help="input manifest file (unsigned)")
parser.add_argument('-o', action='store', type=argparse.FileType('wb'),
required=True, help="output manifest file (signed)")
args = parser.parse_args()
db_dir = args.d
password = args.f.readline().strip()
cert_nickname = args.k
cert = None
try:
nss_ctypes.NSS_Init(db_dir)
wincx = nss_ctypes.SetPasswordContext(password)
cert = nss_ctypes.PK11_FindCertFromNickname(cert_nickname, wincx)
sign_file(args.i, args.o, cert, wincx)
return 0
finally:
nss_ctypes.CERT_DestroyCertificate(cert)
nss_ctypes.NSS_Shutdown()
def nss_load_cert(nss_db_dir, nss_password, cert_nickname):
nss_ctypes.NSS_Init(nss_db_dir)
try:
wincx = nss_ctypes.SetPasswordContext(nss_password)
cert = nss_ctypes.PK11_FindCertFromNickname(cert_nickname, wincx)
return (wincx, cert)
except:
nss_ctypes.NSS_Shutdown()
raise