angelyordanov/build_signTextJS.md

## build_signTextJS.md

      
    Raw
  

              build_signTextJS.md
            
          
    Building signTextJS


Clone https://github.com/angelyordanov/signTextJS
Run travis/osx..install script or open it and run the steps manually
Run travis/osx..script
If all goes well you'll have a signtextjs_plus-0.0.0-macos.dmg in the repo root


## setup_btrust.md

      
    Raw
  

              setup_btrust.md
            
          
    BTrust MacOS setup


Install Gemalto drivers. Open https://www.b-trust.bg/services/signature-installation, enter your email and install just the Gemalto drivers (the one behind the MacOS link).


Install firefox 68 ESR and disable auto updates (source)


Mount Firefox 68.12.0esr.dmg and copy Firefox.app to /Applications renamed as Firefox 68 ESR


Remove quarantine set by macOS.
xattr -r -d com.apple.quarantine Firefox\ 68\ ESR.app
If you see an error on startup that says: Firefox is damaged and can’t be opened. You should move it to the Trash.. This means that you did not run this command.


Deploy policies.json with auto updates disabled
cd Firefox\ 68\ ESR.app/Contents/Resources
mkdir distribution
cd distribution
tee policies.json << EOF
{
    "policies": {
        "AppAutoUpdate": false
    }
}
EOF


Add the following root certificates to the firefox chain.


B-Trust Root Qualified CA


B-Trust Operational Qualified CA


B-Trust Root Advanced CA


B-Trust Operational Advanced CA


The "Advanced" certificates are only required if you want to use the https://test.b-trust.org and not get a SSL error


Option 1: Open B-Trust certification chains page in firefox and install the certificates by clicking on the PEM link and adding all checkboxes in the dialog that FF shows.
Option 2:

1. Set firefox to use the keychain root certs by setting security.enterprise_roots.enabled to true in about:config

2. Open B-Trust certification chains page and download the certificates by clicking on the DER link

3. Add them to the keychain by double clicking on each

4. Open Keychain Access, find the certificates and move them to System

5. Open each certificate in Keychain Access and set Always Trust on all fields
Note: Only option 1 seems to work, as option 2 gives the error error:internalError. Probably manually trusting the root certificate authorities inside Firefox View Certificates... will work but has not been tested.
See this issue for details jasp00/signTextJS#29 (comment) (translation)


Install the https://addons.mozilla.org/bg/firefox/addon/signtextjs-plus/ extension to firefox


Install signtextjs' native backend

Make sure you have a folder /Library/Application Support/Mozilla/NativeMessagingHosts/ (check the correct name in here)
Open the signtextjs_plus-0.0.0-macos.dmg created with the build_signTextJS.md (or one downloaded from https://github.com/jasp00/signTextJS/releases)
Move the two files signtextjs_plus.app and signtextjs_plus.json in the NativeMessagingHosts folder that should be symlinked in the DMG


Load the Gemalto PKSC#11 Module in Firefox

In Preferences open Security Devices (at the bottom of the page)
Press Load and enter Gemalto PKSC#11 Module as the module name and /Library/Gemalto/libidprimepkcs11.dylib as the module filename
Close the device manager and verify your smart card by opening View Certificates... and selecting the tab Your Certificates


Verify signtext js installation by downloading locally https://raw.githubusercontent.com/jasp00/signTextJS/master/test/html/test.html and opening it in Firefox


Thank me later :)


## setup_btrust_win.md

      
    Raw
  

              setup_btrust_win.md
            
          
Install Gemalto drivers. Open https://www.b-trust.bg/services/signature-installation, enter your email, download the installer and unarchive it wit 7zip, install just the Gemalto drivers.


Install firefox 78 ESR and disable automatic updates by placing the following policies.json in folder distribution next to where the firefox EXE is.
C:\Program Files\Mozilla Firefox\distribution\policies.json

{
  "policies": {
    "AppAutoUpdate": false
  }
}


Add the following root certificates to the firefox chain.


B-Trust Root Qualified CA


B-Trust Operational Qualified CA


B-Trust Root Advanced CA


B-Trust Operational Advanced CA


The "Advanced" certificates are only required if you want to use the https://test.b-trust.org and not get a SSL error


Open B-Trust certification chains page in firefox and install the certificates by clicking on the PEM link and adding all checkboxes in the dialog that FF shows.


Install the https://addons.mozilla.org/bg/firefox/addon/signtextjs-plus/ extension to firefox


Install signtextjs' native backend vy downloading the latest release from the github page https://github.com/jasp00/signTextJS


Load the Gemalto PKSC#11 Module in Firefox

In Preferences open Security Devices (at the bottom of the page)
Press Load and enter Gemalto PKSC#11 Module as the module name and /Library/Gemalto/libidprimepkcs11.dylib as the module filename
Close the device manager and verify your smart card by opening View Certificates... and selecting the tab Your Certificates


Verify signtext js installation by downloading locally https://raw.githubusercontent.com/jasp00/signTextJS/master/test/html/test.html and opening it in Firefox
No results found