Google Git
Sign in
dart / root_certificates / 050faf5c9180fd405fe7bde23dc4fd786f9f8964^! / .
commit050faf5c9180fd405fe7bde23dc4fd786f9f8964[log] [tgz]
authorJim Beveridge <jimbe@chromium.org>Mon Jan 09 08:42:52 2017 -0800
committerJim Beveridge <jimbe@chromium.org>Mon Jan 09 08:42:52 2017 -0800
treefe9d01936ec6045cc10699aa4e2b48afbcf431ea
parentaed07942ce98507d2be28cbd29e879525410c7fc [diff]
Update instructions to match current requirements

diff --git a/README.google b/README.google
index cfc4e18..b537f91 100644
--- a/README.google
+++ b/README.google

@@ -1,36 +1,52 @@
 Name: Root certificates for trusted CAs
 Short Name: root_certificates
 URL: https://github.com/dart-lang/root_certificates
-Version: 0.1
-Date: June 29, 2015
+Version: 0.2
+Date: Jan 9, 2017
 License: MPL/2.0, https://www.mozilla.org/MPL/2.0/
 
 Description:
 This directory contains the root CA certificates chosen to be trusted by
 Mozilla's NSS library, reformatted into an array in C source code, to be
 used by the default SecurityContext obect in Dart's dart:io library for
-secure networking (TLS, SSL).
+secure networking (TLS, SSL) for operating systems that don't have a supported
+certificate store.
 
-The certificates are fetched from Mozilla with the command line
+The files can be updated as follows:
+
+1. Fetch the certificates from Mozilla with this command line:
 
 curl https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt -o certdata.txt
 
-and then a derived file, with the certificates in PEM format, is created by
-running the utility at https://github.com/agl/extract-nss-root-certs:
+2. Convert from Mozilla format to PEM format by running the utility
+at https://github.com/agl/extract-nss-root-certs:
 
 go run convert_mozilla_certdata.go > certdata.pem
 
 Note that this utility produces a warning about one certificate with a negative
 serial number.  This is expected.
 
-Comments are stripped from this file, to decrease the size of the string
+3. Strip comments from this file to decrease the size of the string
 that will be compiled into the Dart executable:
 
 sed '/^#/d' ./certdata.pem > ./certdata.stripped
 
-The stripped file is converted to a C character array with the xxd utility:
+4. Convert the stripped file to a C character array with the xxd utility:
 
 xxd -i certdata.stripped > certdata.cc
 
-And finally the name of the array is changed to root_certificates and the
-MPL copyright header is added back to the file, creating root_certificates.cc.
+5. Make the following changes to certdata.cc:
+   - Copy the MPL copyright header from root_certificates.cc to certdata.cc.
+   - Update the conversion date in the copyright comment.
+   - Copy the #ifdef/#endif and  namespace declarations from
+      root_certificates.cc into certdata.cc.
+   - Rename the array variable from certdata_stripped to root_certificates_pem_.
+   - Rename the variable containing the array length from
+     certdata_stripped_length to root_certificates_pem_length.
+   - Above the declaration for root_certificates_pem_length, add this line:
+     const unsigned char* root_certificates_pem = root_certificates_pem_;
+
+6. Update root_certificates.cc as follows:
+
+mv certdata.cc root_certificates.cc
+