@hibi_10000/crx 0.5.1

package/CHANGELOG.md

@@ -0,0 +1,88 @@
+# Change Log
+
+### 5.1.0 (2026/03/01 09:55 +09:00)
+- Migrate ESM (still support CommonJS require)
+- Use Typescript with tsdown
+- Drop support for Node.js v10 to v17 and v19
+- Replace node-rsa with node:crypto module
+- Update dependencies
+
+## Original Changelog from Forked
+
+### 5.0.1 (2019/07/22 09:57 +00:00)
+- [#107](https://github.com/oncletom/crx/pull/107) fix: loading relative path (@ahwayakchih)
+
+### v5.0.0 (2019/04/17 08:00 +00:00)
+- [#106](https://github.com/oncletom/crx/pull/106) chore: update CHANGELOG (@ahwayakchih)
+- [#105](https://github.com/oncletom/crx/pull/105) Update dependencies and prepare for new release (v5.0.0) (@ahwayakchih)
+- [#104](https://github.com/oncletom/crx/pull/104) fix: create private key file outside extension directory by default (@ahwayakchih)
+- [#103](https://github.com/oncletom/crx/pull/103) Move CLI script to src folder (@arkon)
+- [#100](https://github.com/oncletom/crx/pull/100) Move CRX2 logic to separate file (@arkon)
+- [#102](https://github.com/oncletom/crx/pull/102) feat: use `manifest.minimum_chrome_version` as XML's `prodversionmin` (@ahwayakchih)
+- [#99](https://github.com/oncletom/crx/pull/99) docs: add `--crx-format` to README (@ahwayakchih)
+- [#98](https://github.com/oncletom/crx/pull/98) feat: add support for CRXv3 (@ahwayakchih)
+- [#97](https://github.com/oncletom/crx/pull/97) chore: update dependencies (#97) (@ahwayakchih)
+- [#78](https://github.com/oncletom/crx/pull/78) Add generateAppId sample (#78) (@NN---)
+
+### v4.0.1 (2019/02/03 16:17 +00:00)
+- [#96](https://github.com/oncletom/crx/pull/96) Remove deprecated crx.writeFile() (@oncletom)
+
+### v4.0.0 (2019/02/03 15:57 +00:00)
+- [#95](https://github.com/oncletom/crx/pull/95) Release crx@4 (@oncletom)
+- [#93](https://github.com/oncletom/crx/pull/93) fix demo code (@g8up)
+- [#88](https://github.com/oncletom/crx/pull/88) Bump Node.js version requirement (@oncletom)
+- [#90](https://github.com/oncletom/crx/pull/90) Fix syntax in module usage (@blimmer)
+- [#83](https://github.com/oncletom/crx/pull/83) Update dependencies (@oncletom)
+- [#81](https://github.com/oncletom/crx/pull/81) Fix extension ID calculation from path (@oncletom, @conioh)
+- [#76](https://github.com/oncletom/crx/pull/76) Add Appveyor configuration to test build on Windows (@oncletom)
+- [#71](https://github.com/oncletom/crx/pull/71) Remove the manifest data from cache on crx.load() (@binhqx)
+- [#75](https://github.com/oncletom/crx/pull/75) [Snyk Update] New fixes for 1 vulnerable dependency path (@snyk-bot)
+
+### v3.2.1 (2016/10/13 13:13 +00:00)
+- [#67](https://github.com/oncletom/crx/pull/67) Drop iojs from package.engines (@dsblv)
+
+### v3.2.0 (2016/09/22 23:25 +00:00)
+- [#66](https://github.com/oncletom/crx/pull/66) Add the ability to load a list of files in addition to a path. (@oncletom)
+
+### v3.1.0 (2016/09/22 14:06 +00:00)
+- [#62](https://github.com/oncletom/crx/pull/62) Remove intermediate copy and use of temporary files (@oncletom)
+- [#63](https://github.com/oncletom/crx/pull/63) Add code coverage and add additional tests (@oncletom)
+
+### v3.0.4 (2016/09/21 13:00 +00:00)
+- [#58](https://github.com/oncletom/crx/pull/58) [security fix] Updated archiver dependency; drops support for node 0.8.x (@PavelVanecek)
+- [#56](https://github.com/oncletom/crx/pull/56) Update CLI documentation with -o instead of deprecated -f (@nhoizey)
+- [#52](https://github.com/oncletom/crx/pull/52) Generate 2048-bit keys at the keygen CLI (@ngyikp)
+- [#50](https://github.com/oncletom/crx/pull/50) test crx on node 4.1 and 5 (@joscha)
+
+### v3.0.3 (2015/07/22 16:10 +00:00)
+- [#47](https://github.com/oncletom/crx/pull/47) added .npmignore file (@PavelVanecek)
+
+### v3.0.2 (2015/02/06 11:28 +00:00)
+- [#39](https://github.com/oncletom/crx/pull/39) Do not concatenate a possible null buffer. (@oncletom)
+- [#37](https://github.com/oncletom/crx/pull/37) fix pack instruction in Module example (@qbarlas)
+
+### v2.0.1 (2015/01/15 18:28 +00:00)
+- [#34](https://github.com/oncletom/crx/pull/34) Fix various issues with CLI and creating .pem and .crx files (@Batterii)
+- [#35](https://github.com/oncletom/crx/pull/35) destroy() is not used (@okuryu)
+- [#26](https://github.com/oncletom/crx/pull/26) fixes minor code problems, such as missing semicolons, etc. (@joscha)
+- [#29](https://github.com/oncletom/crx/pull/29) generatePublicKey promise and generateAppId state (@joscha)
+- [#30](https://github.com/oncletom/crx/pull/30) use temp module (@joscha)
+- [#27](https://github.com/oncletom/crx/pull/27) throw error if public key is not set, yet (@joscha)
+
+### v2.0.0 (2014/11/29 16:39 +00:00)
+- [#24](https://github.com/oncletom/crx/pull/24) Unsigned archives (@oncletom)
+
+### v1.1.0 (2014/11/29 15:55 +00:00)
+- [#25](https://github.com/oncletom/crx/pull/25) Pure JavaScript public key (@oncletom)
+
+### v1.0.0 (2014/11/25 11:45 +00:00)
+- [#22](https://github.com/oncletom/crx/pull/22) Remove system ssh-keygen dependency (@oncletom)
+- [#20](https://github.com/oncletom/crx/pull/20) Promise-based interface (@oncletom)
+- [#19](https://github.com/oncletom/crx/pull/19) Event 'finished' no longer valid #18 (@yuryoparin)
+- [#17](https://github.com/oncletom/crx/pull/17) Fix deleting remaining ./tmp directory (@jokesterfr)
+- [#16](https://github.com/oncletom/crx/pull/16) removed bufferstream dependency (@christian-bromann)
+- [#14](https://github.com/oncletom/crx/pull/14) Support long private keys in latest Chrome 32 (@vitalets)
+- [#10](https://github.com/oncletom/crx/pull/10) Windows Compatibility (@adotout)
+- [#8](https://github.com/oncletom/crx/pull/8) Use proper stdin options in child_process.spawn() instead of passing a file child.stdin.end() (@nkakuev)
+- [#3](https://github.com/oncletom/crx/pull/3) Added support for maxBuffer (@oncletom)
+- [#2](https://github.com/oncletom/crx/pull/2) Updated the README example upon `crx` API (@oncletom)

package/LICENSE.txt

@@ -0,0 +1,23 @@
+MIT License
+
+Copyright (c) 2025 Hibi_10000
+Copyright (c) 2019 Jed Schmidt, Thomas Parisot and contributors
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/README.md

@@ -0,0 +1,205 @@
+# crx [![Build Status](https://secure.travis-ci.org/oncletom/crx.svg)](http://travis-ci.org/oncletom/crx) [![Build status](https://ci.appveyor.com/api/projects/status/i8v95qmgwwxic5wn?svg=true)](https://ci.appveyor.com/project/oncletom/crx)
+
+> crx is a utility to **package Google Chrome extensions** via a *Node API* and the *command line*. It is written **purely in JavaScript** and **does not require OpenSSL**!
+
+Packages are available to use `crx` with:
+
+- *grunt*: [grunt-crx](https://npmjs.com/grunt-crx)
+- *gulp*: [gulp-crx-pack](https://npmjs.com/gulp-crx-pack)
+- *webpack*: [crx-webpack-plugin](https://npmjs.com/crx-webpack-plugin)
+
+**Compatibility**: this extension is compatible with `node>=10`.
+
+## Install
+
+```bash
+$ npm install crx
+```
+
+## Module API
+
+Asynchronous functions returns a native ECMAScript Promise.
+
+```js
+import fs from 'fs';
+import path from 'path';
+
+import ChromeExtension from 'crx';
+
+const crx = new ChromeExtension({
+  codebase: 'http://localhost:8000/myExtension.crx',
+  privateKey: fs.readFileSync('./key.pem')
+});
+
+crx.load(path.resolve(import.meta.dirname, './myExtension'))
+  .then(crx => crx.pack())
+  .then(crxBuffer => {
+    const updateXML = crx.generateUpdateXML()
+
+    fs.writeFileSync('../update.xml', updateXML);
+    fs.writeFileSync('../myExtension.crx', crxBuffer);
+  })
+  .catch(err => {
+    console.error(err);
+  });
+```
+
+### ChromeExtension = require("crx")
+### crx = new ChromeExtension(attrs?)
+
+This module exports the `ChromeExtension` constructor directly, which can take an optional attribute object, which is used to extend the instance.
+
+`attrs` is an optional object with advanced configuration elements:
+
+```js
+crx = new ChromeExtension({
+  // By default, we exclude bundling crx extensions within extensions
+  // You can change that, and ignore other files as well
+  ignore: ['*.crx']
+  // By default, it produces extensions compatible with CRX version 3 (since Chromium 64)
+  // CRX version 2 is for Chromium versions prior to 64
+  version: 3
+})
+```
+
+### crx.load(path|files)
+
+Prepares the temporary workspace for the Chrome Extension located at `path` — which is expected to directly contain `manifest.json`.
+
+```js
+crx.load('/path/to/extension').then(crx => {
+  // ...
+});
+```
+
+Alternatively, you can pass a list of files — the first `manifest.json` file to be found will be considered as the root of the application.
+
+```js
+crx.load(['/my/extension/manifest.json', '/my/extension/background.json']).then(crx => {
+  // ...
+});
+```
+
+### crx.pack()
+
+Packs the Chrome Extension and resolves the promise with a Buffer containing the `.crx` file.
+
+```js
+crx.load('/path/to/extension')
+  .then(crx => crx.pack())
+  .then(crxBuffer => {
+    fs.writeFileSync('/tmp/foobar.crx', crxBuffer);
+  });
+```
+
+### crx.generateUpdateXML()
+
+Returns a Buffer containing the update.xml file used for `autoupdate`, as specified for `update_url` in the manifest. In this case, the instance must have a property called `codebase`.
+
+```js
+const crx = new ChromeExtension({ ..., codebase: 'https://autoupdateserver.com/myFirstExtension.crx' });
+
+crx.load('/path/to/extension')
+  .then(crx => crx.pack())
+  .then(crxBuffer => {
+    // ...
+    const xmlBuffer = crx.generateUpdateXML();
+    fs.writeFileSync('/foo/bar/update.xml', xmlBuffer);
+  });
+```
+
+### crx.generateAppId
+
+Generates application id (extension id) from given path.
+
+```js
+new crx().generateAppId('/path/to/ext') // epgkjnfaepceeghkjflpimappmlalchn
+```
+
+## CLI API
+
+### crx pack [directory] [--crx-version number] [-o file] [--zip-output file] [-p private-key]
+
+Pack the specified directory into a .crx package, and output it to stdout. If no directory is specified, the current working directory is used.
+
+Use the `--crx-version` option to specify which CRX format version to output. Can be either "2" or "3", defaults to "3".
+
+Use the `-o` option to write the signed extension to a file instead of stdout.
+
+Use the `--zip-output` option to write the unsigned extension to a file.
+
+Use the `-p` option to specify an external private key. If this is not used, `key.pem` is used from within the directory. If this option is not used and no `key.pem` file exists, one will be generated automatically.
+
+Use the `-b` option to specify the maximum buffer allowed to generate extension. By default, will rely on `node` internal setting (~200KB).
+
+### crx keygen [directory]
+
+Generate a 2048-bit RSA private key within the directory. This is called automatically if a key is not specified, and `key.pem` does not exist.
+
+Use the `--force` option to overwrite an existing private key located in the same given folder.
+
+### crx --help
+
+Show information about using this utility, generated by [commander](https://github.com/visionmedia/commander.js).
+
+## CLI example
+
+Given the following directory structure:
+
+```
+└─┬ myFirstExtension
+  ├── manifest.json
+  └── icon.png
+```
+
+run this:
+
+```bash
+$ cd myFirstExtension
+$ crx pack -o
+```
+
+to generate this:
+
+```bash
+├─┬ myFirstExtension
+│ ├── manifest.json
+│ ├── icon.png
+│ └── key.pem
+└── myFirstExtension.crx
+```
+
+You can also name the output file like this:
+
+```bash
+$ cd myFirstExtension
+$ crx pack -o myFirstExtension.crx
+```
+
+to get the same results, or also pipe to the file manually like this.
+
+```bash
+$ cd myFirstExtension
+$ crx pack > ../myFirstExtension.crx
+```
+
+As you can see a key is generated for you at `key.pem` if none exists. You can also specify an external key. So if you have this:
+
+```
+├─┬ myFirstExtension
+│ ├── manifest.json
+│ └── icon.png
+└── myPrivateKey.pem
+```
+
+you can run this:
+
+```bash
+$ crx pack myFirstExtension -p myPrivateKey.pem -o
+```
+
+to sign your package without keeping the key in the directory.
+
+# License
+
+[MIT License](LICENSE).

package/dist/cli.d.ts

@@ -0,0 +1,2 @@
+import { program } from "commander";
+export { program as default };

package/dist/cli.js

@@ -0,0 +1,89 @@
+#!/usr/bin/env node
+import ChromeExtension from "./index.js";
+import { version } from "./package.js";
+import path from "node:path";
+import fs from "node:fs";
+import crypto from "node:crypto";
+import { program } from "commander";
+
+//#region src/cli.ts
+const cwd = process.cwd();
+program.version(version);
+program.command("keygen [directory]").option("--force", "overwrite the private key if it exists").option("-c, --crx-version [number]", "CRX format version, can be either 2 or 3, defaults to 3", parseInt).description("generate a private key in [directory]/key.pem").action(keygen);
+program.command("pack [directory]").description("pack [directory] into a .crx extension").option("-o, --output <file>", "write the crx content to <file> instead of stdout").option("--zip-output <file>", "write the zip content to <file>").option("-p, --private-key <file>", "relative path to private key [key.pem], defaults to [directory/../key.pem]").option("-c, --crx-version [number]", "CRX format version, can be either 2 or 3, defaults to 3", parseInt).action(pack);
+program.parse(process.argv);
+/**
+* Generate a new key file
+* @param keyPath path of the key file to create
+* @param opts
+*/
+function generateKeyFile(keyPath, opts) {
+	const { privateKey } = crypto.generateKeyPairSync("rsa", {
+		modulusLength: 2048,
+		publicKeyEncoding: {
+			type: "spki",
+			format: "der"
+		},
+		privateKeyEncoding: {
+			type: `pkcs${opts.crxVersion === 2 ? "1" : "8"}`,
+			format: "pem"
+		}
+	});
+	return fs.promises.writeFile(keyPath, privateKey);
+}
+/**
+* Generates a Private Key
+*/
+async function keygen(dir, opts) {
+	dir = dir ? path.resolve(cwd, dir) : cwd;
+	const keyPath = path.join(dir, "key.pem");
+	try {
+		fs.accessSync(keyPath);
+		if (!opts.force) throw new Error("key.pem already exists in the given location.");
+	} catch (_err) {
+		await generateKeyFile(keyPath, opts);
+	}
+}
+async function pack(dir, opts) {
+	const input = dir ? path.resolve(cwd, dir) : cwd;
+	const keyPath = opts.privateKey ? path.resolve(cwd, opts.privateKey) : path.join(input, "..", "key.pem");
+	let output;
+	if (opts.output) {
+		if (path.extname(opts.output) !== ".crx") throw new Error(`-o file is expected to have a \`.crx\` suffix: [${opts.output}] was given.`);
+	}
+	if (opts.zipOutput) {
+		if (path.extname(opts.zipOutput) !== ".zip") throw new Error(`--zip-output file is expected to have a \`.zip\` suffix: [${opts.zipOutput}] was given.`);
+	}
+	const crx = new ChromeExtension({
+		rootDirectory: input,
+		version: opts.crxVersion || 3
+	});
+	await fs.promises.readFile(keyPath).then(null, async (err) => {
+		if (err.code === "ENOENT") {
+			await generateKeyFile(keyPath, opts);
+			process.stderr.write(`Created new private key at: ${keyPath}.\n`);
+			return fs.readFileSync(keyPath);
+		} else throw err;
+	}).then(async (key) => {
+		crx.privateKey = key;
+		await crx.load();
+		const fileBuffer = await crx.loadContents();
+		if (opts.zipOutput) {
+			const outFile = path.resolve(cwd, opts.zipOutput);
+			fs.createWriteStream(outFile).end(fileBuffer);
+		} else {
+			const crxBuffer = await crx.pack(fileBuffer);
+			if (opts.zipOutput) return;
+			else if (opts.output) output = opts.output;
+			else output = `${path.basename(cwd)}.crx`;
+			const outFile = path.resolve(cwd, output);
+			if (outFile) fs.createWriteStream(outFile).end(crxBuffer);
+			else process.stdout.end(crxBuffer);
+		}
+	});
+}
+var cli_default = program;
+
+//#endregion
+export { cli_default as default };
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","names":["packageJson.version","output: string"],"sources":["../src/cli.ts"],"sourcesContent":["#!/usr/bin/env node\n\nimport path from \"node:path\";\nimport fs from \"node:fs\";\nimport crypto from \"node:crypto\";\n\nimport { program } from \"commander\";\nimport ChromeExtension from \"./index.ts\";\n\nimport packageJson from \"../package.json\" with { type: \"json\" };\n\nconst cwd = process.cwd();\n\nprogram.version(packageJson.version);\n// coming soon\n// .option(\"-x, --xml\", \"output autoupdate xml instead of extension \")\n\ninterface InterfaceCli {\n  crxVersion?: number;\n  force: boolean;\n  privateKey: string;\n  output?: string;\n  zipOutput?: string;\n  //maxBuffer?: number;\n}\n\nprogram\n  .command(\"keygen [directory]\")\n  .option(\"--force\", \"overwrite the private key if it exists\")\n  .option(\n    \"-c, --crx-version [number]\",\n    \"CRX format version, can be either 2 or 3, defaults to 3\",\n    parseInt,\n  )\n  .description(\"generate a private key in [directory]/key.pem\")\n  .action(keygen);\n\nprogram\n  .command(\"pack [directory]\")\n  .description(\"pack [directory] into a .crx extension\")\n  .option(\n    \"-o, --output <file>\",\n    \"write the crx content to <file> instead of stdout\",\n  )\n  .option(\"--zip-output <file>\", \"write the zip content to <file>\")\n  .option(\n    \"-p, --private-key <file>\",\n    \"relative path to private key [key.pem], defaults to [directory/../key.pem]\")\n  //.option(\n  //  \"-b, --max-buffer <total>\",\n  //  \"max amount of memory allowed to generate the crx, in byte\",\n  //)\n  .option(\n    \"-c, --crx-version [number]\",\n    \"CRX format version, can be either 2 or 3, defaults to 3\",\n    parseInt,\n  )\n  .action(pack);\n\nprogram.parse(process.argv);\n\n/**\n * Generate a new key file\n * @param keyPath path of the key file to create\n * @param opts\n */\nfunction generateKeyFile(keyPath: string, opts: InterfaceCli): Promise<void> {\n  const { privateKey } = crypto.generateKeyPairSync(\"rsa\", {\n    modulusLength: 2048,\n    publicKeyEncoding: {\n      type: \"spki\",\n      format: \"der\",\n    },\n    privateKeyEncoding: {\n      // Chromium (tested on 72.0.3626.109) which generates CRX v3 files requires pkcs8 key\n      type: `pkcs${opts.crxVersion === 2 ? \"1\" : \"8\"}`,\n      format: \"pem\",\n    },\n  });\n  return fs.promises.writeFile(keyPath, privateKey);\n}\n\n/**\n * Generates a Private Key\n */\nasync function keygen(dir: string, opts: InterfaceCli) {\n  dir = dir ? path.resolve(cwd, dir) : cwd;\n\n  const keyPath = path.join(dir, \"key.pem\");\n\n  try {\n    fs.accessSync(keyPath);\n    if (!opts.force) {\n      throw new Error(\"key.pem already exists in the given location.\");\n    }\n  }\n  catch (_err) {\n    await generateKeyFile(keyPath, opts);\n  }\n}\n\nasync function pack(dir: string, opts: InterfaceCli) {\n  const input = dir ? path.resolve(cwd, dir) : cwd;\n  const keyPath = opts.privateKey\n    ? path.resolve(cwd, opts.privateKey)\n    : path.join(input, \"..\", \"key.pem\");\n  let output: string;\n\n  if (opts.output) {\n    if (path.extname(opts.output) !== \".crx\") {\n      throw new Error(\n        `-o file is expected to have a \\`.crx\\` suffix: [${opts.output}] was given.`,\n      );\n    }\n  }\n\n  if (opts.zipOutput) {\n    if (path.extname(opts.zipOutput) !== \".zip\") {\n      throw new Error(\n        `--zip-output file is expected to have a \\`.zip\\` suffix: [${opts.zipOutput}] was given.`,\n      );\n    }\n  }\n\n  const crx = new ChromeExtension({\n    rootDirectory: input,\n    //maxBuffer: opts.maxBuffer,\n    version: opts.crxVersion || 3,\n  });\n\n  await fs.promises.readFile(keyPath)\n    .then(null, async (err: unknown) => {\n      // If the key file doesn't exist, create one\n      if ((err as NodeJS.ErrnoException).code === \"ENOENT\") {\n        await generateKeyFile(keyPath, opts);\n        process.stderr.write(`Created new private key at: ${keyPath}.\\n`);\n        return fs.readFileSync(keyPath);\n      }\n      else {\n        throw err;\n      }\n    })\n    .then(async (key) => {\n      crx.privateKey = key;\n      await crx.load();\n      const fileBuffer = await crx.loadContents();\n      if (opts.zipOutput) {\n        const outFile = path.resolve(cwd, opts.zipOutput);\n\n        fs.createWriteStream(outFile).end(fileBuffer);\n      }\n      else {\n        const crxBuffer = await crx.pack(fileBuffer);\n        if (opts.zipOutput) {\n          return;\n        }\n        else if (opts.output) {\n          output = opts.output;\n        }\n        else {\n          output = `${path.basename(cwd)}.crx`;\n        }\n\n        const outFile = path.resolve(cwd, output);\n        if (outFile) {\n          fs.createWriteStream(outFile).end(crxBuffer);\n        }\n        else {\n          process.stdout.end(crxBuffer);\n        }\n      }\n    });\n}\n\nexport default program;\n"],"mappings":";;;;;;;;;AAWA,MAAM,MAAM,QAAQ,KAAK;AAEzB,QAAQ,QAAQA,QAAoB;AAapC,QACG,QAAQ,qBAAqB,CAC7B,OAAO,WAAW,yCAAyC,CAC3D,OACC,8BACA,2DACA,SACD,CACA,YAAY,gDAAgD,CAC5D,OAAO,OAAO;AAEjB,QACG,QAAQ,mBAAmB,CAC3B,YAAY,yCAAyC,CACrD,OACC,uBACA,oDACD,CACA,OAAO,uBAAuB,kCAAkC,CAChE,OACC,4BACA,6EAA6E,CAK9E,OACC,8BACA,2DACA,SACD,CACA,OAAO,KAAK;AAEf,QAAQ,MAAM,QAAQ,KAAK;;;;;;AAO3B,SAAS,gBAAgB,SAAiB,MAAmC;CAC3E,MAAM,EAAE,eAAe,OAAO,oBAAoB,OAAO;EACvD,eAAe;EACf,mBAAmB;GACjB,MAAM;GACN,QAAQ;GACT;EACD,oBAAoB;GAElB,MAAM,OAAO,KAAK,eAAe,IAAI,MAAM;GAC3C,QAAQ;GACT;EACF,CAAC;AACF,QAAO,GAAG,SAAS,UAAU,SAAS,WAAW;;;;;AAMnD,eAAe,OAAO,KAAa,MAAoB;AACrD,OAAM,MAAM,KAAK,QAAQ,KAAK,IAAI,GAAG;CAErC,MAAM,UAAU,KAAK,KAAK,KAAK,UAAU;AAEzC,KAAI;AACF,KAAG,WAAW,QAAQ;AACtB,MAAI,CAAC,KAAK,MACR,OAAM,IAAI,MAAM,gDAAgD;UAG7D,MAAM;AACX,QAAM,gBAAgB,SAAS,KAAK;;;AAIxC,eAAe,KAAK,KAAa,MAAoB;CACnD,MAAM,QAAQ,MAAM,KAAK,QAAQ,KAAK,IAAI,GAAG;CAC7C,MAAM,UAAU,KAAK,aACjB,KAAK,QAAQ,KAAK,KAAK,WAAW,GAClC,KAAK,KAAK,OAAO,MAAM,UAAU;CACrC,IAAIC;AAEJ,KAAI,KAAK,QACP;MAAI,KAAK,QAAQ,KAAK,OAAO,KAAK,OAChC,OAAM,IAAI,MACR,mDAAmD,KAAK,OAAO,cAChE;;AAIL,KAAI,KAAK,WACP;MAAI,KAAK,QAAQ,KAAK,UAAU,KAAK,OACnC,OAAM,IAAI,MACR,6DAA6D,KAAK,UAAU,cAC7E;;CAIL,MAAM,MAAM,IAAI,gBAAgB;EAC9B,eAAe;EAEf,SAAS,KAAK,cAAc;EAC7B,CAAC;AAEF,OAAM,GAAG,SAAS,SAAS,QAAQ,CAChC,KAAK,MAAM,OAAO,QAAiB;AAElC,MAAK,IAA8B,SAAS,UAAU;AACpD,SAAM,gBAAgB,SAAS,KAAK;AACpC,WAAQ,OAAO,MAAM,+BAA+B,QAAQ,KAAK;AACjE,UAAO,GAAG,aAAa,QAAQ;QAG/B,OAAM;GAER,CACD,KAAK,OAAO,QAAQ;AACnB,MAAI,aAAa;AACjB,QAAM,IAAI,MAAM;EAChB,MAAM,aAAa,MAAM,IAAI,cAAc;AAC3C,MAAI,KAAK,WAAW;GAClB,MAAM,UAAU,KAAK,QAAQ,KAAK,KAAK,UAAU;AAEjD,MAAG,kBAAkB,QAAQ,CAAC,IAAI,WAAW;SAE1C;GACH,MAAM,YAAY,MAAM,IAAI,KAAK,WAAW;AAC5C,OAAI,KAAK,UACP;YAEO,KAAK,OACZ,UAAS,KAAK;OAGd,UAAS,GAAG,KAAK,SAAS,IAAI,CAAC;GAGjC,MAAM,UAAU,KAAK,QAAQ,KAAK,OAAO;AACzC,OAAI,QACF,IAAG,kBAAkB,QAAQ,CAAC,IAAI,UAAU;OAG5C,SAAQ,OAAO,IAAI,UAAU;;GAGjC;;AAGN,kBAAe"}

package/dist/crx2.js

@@ -0,0 +1,36 @@
+import crypto from "node:crypto";
+
+//#region src/crx2.ts
+/**
+* Generates and returns a signed package from extension content.
+*
+* BC BREAK `this.package` is not stored anymore (since 1.0.0)
+*/
+function generatePackage(privateKey, publicKey, contents) {
+	const signature = generateSignature(privateKey, contents);
+	const keyLength = publicKey.length;
+	const sigLength = signature.length;
+	const zipLength = contents.length;
+	const length = 16 + keyLength + sigLength + zipLength;
+	const crx = Buffer.alloc(length);
+	crx.write("Cr24" + new Array(13).join("\0"), "binary");
+	crx[4] = 2;
+	crx.writeUInt32LE(keyLength, 8);
+	crx.writeUInt32LE(sigLength, 12);
+	publicKey.copy(crx, 16);
+	signature.copy(crx, 16 + keyLength);
+	contents.copy(crx, 16 + keyLength + sigLength);
+	return crx;
+}
+/**
+* Generates a SHA1 package signature.
+*
+* BC BREAK `this.signature` is not stored anymore (since 1.0.0)
+*/
+function generateSignature(privateKey, contents) {
+	return crypto.createSign("sha1").update(contents).sign(privateKey);
+}
+
+//#endregion
+export { generatePackage as default };
+//# sourceMappingURL=crx2.js.map

package/dist/crx2.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crx2.js","names":[],"sources":["../src/crx2.ts"],"sourcesContent":["\"use strict\";\n\nimport crypto from \"node:crypto\";\n\n/**\n * Generates and returns a signed package from extension content.\n *\n * BC BREAK `this.package` is not stored anymore (since 1.0.0)\n */\nexport default function generatePackage(privateKey: crypto.KeyLike, publicKey: Buffer, contents: Buffer): Buffer {\n  const signature = generateSignature(privateKey, contents);\n\n  const keyLength = publicKey.length;\n  const sigLength = signature.length;\n  const zipLength = contents.length;\n  const length = 16 + keyLength + sigLength + zipLength;\n\n  const crx = Buffer.alloc(length);\n\n  crx.write(\"Cr24\" + new Array(13).join(\"\\x00\"), \"binary\");\n\n  crx[4] = 2;\n  crx.writeUInt32LE(keyLength, 8);\n  crx.writeUInt32LE(sigLength, 12);\n\n  publicKey.copy(crx, 16);\n  signature.copy(crx, 16 + keyLength);\n  contents.copy(crx, 16 + keyLength + sigLength);\n\n  return crx;\n};\n\n/**\n * Generates a SHA1 package signature.\n *\n * BC BREAK `this.signature` is not stored anymore (since 1.0.0)\n */\nfunction generateSignature(privateKey: crypto.KeyLike, contents: Buffer): Buffer {\n  return crypto\n    .createSign(\"sha1\")\n    .update(contents)\n    .sign(privateKey);\n}\n"],"mappings":";;;;;;;;AASA,SAAwB,gBAAgB,YAA4B,WAAmB,UAA0B;CAC/G,MAAM,YAAY,kBAAkB,YAAY,SAAS;CAEzD,MAAM,YAAY,UAAU;CAC5B,MAAM,YAAY,UAAU;CAC5B,MAAM,YAAY,SAAS;CAC3B,MAAM,SAAS,KAAK,YAAY,YAAY;CAE5C,MAAM,MAAM,OAAO,MAAM,OAAO;AAEhC,KAAI,MAAM,SAAS,IAAI,MAAM,GAAG,CAAC,KAAK,KAAO,EAAE,SAAS;AAExD,KAAI,KAAK;AACT,KAAI,cAAc,WAAW,EAAE;AAC/B,KAAI,cAAc,WAAW,GAAG;AAEhC,WAAU,KAAK,KAAK,GAAG;AACvB,WAAU,KAAK,KAAK,KAAK,UAAU;AACnC,UAAS,KAAK,KAAK,KAAK,YAAY,UAAU;AAE9C,QAAO;;;;;;;AAQT,SAAS,kBAAkB,YAA4B,UAA0B;AAC/E,QAAO,OACJ,WAAW,OAAO,CAClB,OAAO,SAAS,CAChB,KAAK,WAAW"}

package/dist/crx3.js

@@ -0,0 +1,90 @@
+import { writeCrxFileHeader, writeSignedData } from "./crx3.pb.js";
+import crypto from "node:crypto";
+import PBf from "pbf";
+
+//#region src/crx3.ts
+/**
+* Generates and returns a signed package from extension content.
+*
+* Based on `crx_creator` from Chromium project.
+*
+* @see {@link https://github.com/chromium/chromium/blob/master/components/crx_file/crx_creator.cc}
+*/
+function generatePackage(privateKey, publicKey, contents) {
+	let pb;
+	pb = new PBf();
+	writeSignedData({ crx_id: getCrxId(publicKey) }, pb);
+	const signedHeaderData = pb.finish();
+	pb = new PBf();
+	writeCrxFileHeader({
+		sha256_with_rsa: [{
+			public_key: publicKey,
+			signature: generateSignature(privateKey, signedHeaderData, contents)
+		}],
+		signed_header_data: signedHeaderData
+	}, pb);
+	const header = Buffer.from(pb.finish());
+	const size = kSignature.length + kVersion.length + SIZE_BYTES + header.length + contents.length;
+	const result = Buffer.allocUnsafe(size);
+	let index = 0;
+	kSignature.copy(result, index);
+	kVersion.copy(result, index += kSignature.length);
+	result.writeUInt32LE(header.length, index += kVersion.length);
+	header.copy(result, index += SIZE_BYTES);
+	contents.copy(result, index += header.length);
+	return result;
+}
+/**
+* CRX IDs are 16 bytes long
+*/
+const CRX_ID_SIZE = 16;
+/**
+* CRX3 uses 32bit numbers in various places,
+* so let's prepare size constant for that.
+*/
+const SIZE_BYTES = 4;
+/**
+* Used for file format.
+* @see {@link https://github.com/chromium/chromium/blob/master/components/crx_file/crx3.proto}
+*/
+const kSignature = Buffer.from("Cr24", "utf8");
+/**
+* Used for file format.
+* @see {@link https://github.com/chromium/chromium/blob/master/components/crx_file/crx3.proto}
+*/
+const kVersion = Buffer.from([
+	3,
+	0,
+	0,
+	0
+]);
+/**
+* Used for generating package signatures.
+* @see {@link https://github.com/chromium/chromium/blob/master/components/crx_file/crx3.proto}
+*/
+const kSignatureContext = Buffer.from("CRX3 SignedData\0", "utf8");
+/**
+* Given public key data, returns CRX ID.
+*/
+function getCrxId(publicKey) {
+	const hash = crypto.createHash("sha256");
+	hash.update(publicKey);
+	return hash.digest().subarray(0, CRX_ID_SIZE);
+}
+/**
+* Generates and returns a signature.
+*/
+function generateSignature(privateKey, signedHeaderData, contents) {
+	const hash = crypto.createSign("sha256");
+	hash.update(kSignatureContext);
+	const sizeOctets = Buffer.allocUnsafe(SIZE_BYTES);
+	sizeOctets.writeUInt32LE(signedHeaderData.length, 0);
+	hash.update(sizeOctets);
+	hash.update(signedHeaderData);
+	hash.update(contents);
+	return Buffer.from(hash.sign(privateKey).toString(), "binary");
+}
+
+//#endregion
+export { generatePackage as default };
+//# sourceMappingURL=crx3.js.map

package/dist/crx3.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crx3.js","names":["pb: PBf"],"sources":["../src/crx3.ts"],"sourcesContent":["\"use strict\";\n\nimport crypto from \"node:crypto\";\nimport PBf from \"pbf\";\nimport * as crx from \"./crx3.pb.js\";\n\n/**\n * Generates and returns a signed package from extension content.\n *\n * Based on `crx_creator` from Chromium project.\n *\n * @see {@link https://github.com/chromium/chromium/blob/master/components/crx_file/crx_creator.cc}\n */\nexport default function generatePackage(privateKey: crypto.KeyLike, publicKey: Buffer, contents: Buffer): Buffer {\n  let pb: PBf;\n\n  pb = new PBf();\n  crx.writeSignedData({\n    crx_id: getCrxId(publicKey),\n  }, pb);\n  const signedHeaderData = pb.finish();\n\n  pb = new PBf();\n  crx.writeCrxFileHeader({\n    sha256_with_rsa: [{\n      public_key: publicKey,\n      signature: generateSignature(privateKey, signedHeaderData, contents),\n    }],\n    signed_header_data: signedHeaderData,\n  }, pb);\n  const header = Buffer.from(pb.finish());\n\n  const size\n    = kSignature.length // Magic constant\n      + kVersion.length // Version number\n      + SIZE_BYTES // Header size\n      + header.length\n      + contents.length;\n\n  const result = Buffer.allocUnsafe(size);\n\n  let index = 0;\n  kSignature.copy(result, index);\n  kVersion.copy(result, index += kSignature.length);\n  result.writeUInt32LE(header.length, index += kVersion.length);\n  header.copy(result, index += SIZE_BYTES);\n  contents.copy(result, index += header.length);\n\n  return result;\n};\n\n/**\n * CRX IDs are 16 bytes long\n */\nconst CRX_ID_SIZE = 16;\n\n/**\n * CRX3 uses 32bit numbers in various places,\n * so let's prepare size constant for that.\n */\nconst SIZE_BYTES = 4;\n\n/**\n * Used for file format.\n * @see {@link https://github.com/chromium/chromium/blob/master/components/crx_file/crx3.proto}\n */\nconst kSignature = Buffer.from(\"Cr24\", \"utf8\");\n\n/**\n * Used for file format.\n * @see {@link https://github.com/chromium/chromium/blob/master/components/crx_file/crx3.proto}\n */\nconst kVersion = Buffer.from([3, 0, 0, 0]);\n\n/**\n * Used for generating package signatures.\n * @see {@link https://github.com/chromium/chromium/blob/master/components/crx_file/crx3.proto}\n */\nconst kSignatureContext = Buffer.from(\"CRX3 SignedData\\x00\", \"utf8\");\n\n/**\n * Given public key data, returns CRX ID.\n */\nfunction getCrxId(publicKey: Buffer): Buffer {\n  const hash = crypto.createHash(\"sha256\");\n  hash.update(publicKey);\n  return hash.digest().subarray(0, CRX_ID_SIZE);\n}\n\n/**\n* Generates and returns a signature.\n*/\nfunction generateSignature(privateKey: crypto.KeyLike, signedHeaderData: Uint8Array, contents: Buffer): Buffer {\n  const hash = crypto.createSign(\"sha256\");\n\n  // Magic constant\n  hash.update(kSignatureContext);\n\n  // Size of signed_header_data\n  const sizeOctets = Buffer.allocUnsafe(SIZE_BYTES);\n  sizeOctets.writeUInt32LE(signedHeaderData.length, 0);\n  hash.update(sizeOctets);\n\n  // Content of signed_header_data\n  hash.update(signedHeaderData);\n\n  // ZIP content\n  hash.update(contents);\n\n  return Buffer.from(hash.sign(privateKey).toString(), \"binary\");\n}\n"],"mappings":";;;;;;;;;;;;AAaA,SAAwB,gBAAgB,YAA4B,WAAmB,UAA0B;CAC/G,IAAIA;AAEJ,MAAK,IAAI,KAAK;AACd,iBAAoB,EAClB,QAAQ,SAAS,UAAU,EAC5B,EAAE,GAAG;CACN,MAAM,mBAAmB,GAAG,QAAQ;AAEpC,MAAK,IAAI,KAAK;AACd,oBAAuB;EACrB,iBAAiB,CAAC;GAChB,YAAY;GACZ,WAAW,kBAAkB,YAAY,kBAAkB,SAAS;GACrE,CAAC;EACF,oBAAoB;EACrB,EAAE,GAAG;CACN,MAAM,SAAS,OAAO,KAAK,GAAG,QAAQ,CAAC;CAEvC,MAAM,OACF,WAAW,SACT,SAAS,SACT,aACA,OAAO,SACP,SAAS;CAEf,MAAM,SAAS,OAAO,YAAY,KAAK;CAEvC,IAAI,QAAQ;AACZ,YAAW,KAAK,QAAQ,MAAM;AAC9B,UAAS,KAAK,QAAQ,SAAS,WAAW,OAAO;AACjD,QAAO,cAAc,OAAO,QAAQ,SAAS,SAAS,OAAO;AAC7D,QAAO,KAAK,QAAQ,SAAS,WAAW;AACxC,UAAS,KAAK,QAAQ,SAAS,OAAO,OAAO;AAE7C,QAAO;;;;;AAMT,MAAM,cAAc;;;;;AAMpB,MAAM,aAAa;;;;;AAMnB,MAAM,aAAa,OAAO,KAAK,QAAQ,OAAO;;;;;AAM9C,MAAM,WAAW,OAAO,KAAK;CAAC;CAAG;CAAG;CAAG;CAAE,CAAC;;;;;AAM1C,MAAM,oBAAoB,OAAO,KAAK,qBAAuB,OAAO;;;;AAKpE,SAAS,SAAS,WAA2B;CAC3C,MAAM,OAAO,OAAO,WAAW,SAAS;AACxC,MAAK,OAAO,UAAU;AACtB,QAAO,KAAK,QAAQ,CAAC,SAAS,GAAG,YAAY;;;;;AAM/C,SAAS,kBAAkB,YAA4B,kBAA8B,UAA0B;CAC7G,MAAM,OAAO,OAAO,WAAW,SAAS;AAGxC,MAAK,OAAO,kBAAkB;CAG9B,MAAM,aAAa,OAAO,YAAY,WAAW;AACjD,YAAW,cAAc,iBAAiB,QAAQ,EAAE;AACpD,MAAK,OAAO,WAAW;AAGvB,MAAK,OAAO,iBAAiB;AAG7B,MAAK,OAAO,SAAS;AAErB,QAAO,OAAO,KAAK,KAAK,KAAK,WAAW,CAAC,UAAU,EAAE,SAAS"}

package/dist/crx3.pb.js

@@ -0,0 +1,17 @@
+//#region src/crx3.pb.js
+function writeCrxFileHeader(obj, pbf) {
+	if (obj.sha256_with_rsa) for (const item of obj.sha256_with_rsa) pbf.writeMessage(2, writeAsymmetricKeyProof, item);
+	if (obj.sha256_with_ecdsa) for (const item of obj.sha256_with_ecdsa) pbf.writeMessage(3, writeAsymmetricKeyProof, item);
+	if (obj.signed_header_data != null) pbf.writeBytesField(1e4, obj.signed_header_data);
+}
+function writeAsymmetricKeyProof(obj, pbf) {
+	if (obj.public_key != null) pbf.writeBytesField(1, obj.public_key);
+	if (obj.signature != null) pbf.writeBytesField(2, obj.signature);
+}
+function writeSignedData(obj, pbf) {
+	if (obj.crx_id != null) pbf.writeBytesField(1, obj.crx_id);
+}
+
+//#endregion
+export { writeCrxFileHeader, writeSignedData };
+//# sourceMappingURL=crx3.pb.js.map

package/dist/crx3.pb.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crx3.pb.js","names":[],"sources":["../src/crx3.pb.js"],"sourcesContent":["// code generated by pbf v4.0.1 from https://github.com/chromium/chromium/blob/e4a3bada6aab7aed90460ec7d27f8c7167c5666e/components/crx_file/crx3.proto\n\nexport function readCrxFileHeader(pbf, end) {\n    return pbf.readFields(readCrxFileHeaderField, {sha256_with_rsa: [], sha256_with_ecdsa: [], signed_header_data: undefined}, end);\n}\nfunction readCrxFileHeaderField(tag, obj, pbf) {\n    if (tag === 2) obj.sha256_with_rsa.push(readAsymmetricKeyProof(pbf, pbf.readVarint() + pbf.pos));\n    else if (tag === 3) obj.sha256_with_ecdsa.push(readAsymmetricKeyProof(pbf, pbf.readVarint() + pbf.pos));\n    else if (tag === 10000) obj.signed_header_data = pbf.readBytes();\n}\nexport function writeCrxFileHeader(obj, pbf) {\n    if (obj.sha256_with_rsa) for (const item of obj.sha256_with_rsa) pbf.writeMessage(2, writeAsymmetricKeyProof, item);\n    if (obj.sha256_with_ecdsa) for (const item of obj.sha256_with_ecdsa) pbf.writeMessage(3, writeAsymmetricKeyProof, item);\n    if (obj.signed_header_data != null) pbf.writeBytesField(10000, obj.signed_header_data);\n}\n\nexport function readAsymmetricKeyProof(pbf, end) {\n    return pbf.readFields(readAsymmetricKeyProofField, {public_key: undefined, signature: undefined}, end);\n}\nfunction readAsymmetricKeyProofField(tag, obj, pbf) {\n    if (tag === 1) obj.public_key = pbf.readBytes();\n    else if (tag === 2) obj.signature = pbf.readBytes();\n}\nexport function writeAsymmetricKeyProof(obj, pbf) {\n    if (obj.public_key != null) pbf.writeBytesField(1, obj.public_key);\n    if (obj.signature != null) pbf.writeBytesField(2, obj.signature);\n}\n\nexport function readSignedData(pbf, end) {\n    return pbf.readFields(readSignedDataField, {crx_id: undefined}, end);\n}\nfunction readSignedDataField(tag, obj, pbf) {\n    if (tag === 1) obj.crx_id = pbf.readBytes();\n}\nexport function writeSignedData(obj, pbf) {\n    if (obj.crx_id != null) pbf.writeBytesField(1, obj.crx_id);\n}\n"],"mappings":";AAUA,SAAgB,mBAAmB,KAAK,KAAK;AACzC,KAAI,IAAI,gBAAiB,MAAK,MAAM,QAAQ,IAAI,gBAAiB,KAAI,aAAa,GAAG,yBAAyB,KAAK;AACnH,KAAI,IAAI,kBAAmB,MAAK,MAAM,QAAQ,IAAI,kBAAmB,KAAI,aAAa,GAAG,yBAAyB,KAAK;AACvH,KAAI,IAAI,sBAAsB,KAAM,KAAI,gBAAgB,KAAO,IAAI,mBAAmB;;AAU1F,SAAgB,wBAAwB,KAAK,KAAK;AAC9C,KAAI,IAAI,cAAc,KAAM,KAAI,gBAAgB,GAAG,IAAI,WAAW;AAClE,KAAI,IAAI,aAAa,KAAM,KAAI,gBAAgB,GAAG,IAAI,UAAU;;AASpE,SAAgB,gBAAgB,KAAK,KAAK;AACtC,KAAI,IAAI,UAAU,KAAM,KAAI,gBAAgB,GAAG,IAAI,OAAO"}