Skip to content

problem with BearSSL_CertStore example #4904

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
liebman opened this issue Jul 8, 2018 · 1 comment
Closed

problem with BearSSL_CertStore example #4904

liebman opened this issue Jul 8, 2018 · 1 comment
Assignees
@earlephilhower

Comments

@liebman
Copy link
Contributor

liebman commented Jul 8, 2018

Basic Infos

  • [x ] This issue complies with the issue POLICY doc.
  • [ x] I have read the documentation at readthedocs and the issue is not addressed there.
  • [ x] I have tested that the issue is present in current master branch (aka latest git).
  • [ x] I have searched the issue tracker for a similar issue.
  • [x ] If there is a stack dump, I have decoded it.
  • [ x] I have filled out all fields below.

Platform

  • Hardware: ESP-12s
  • Core Version: July 7 2018
  • Development Env: eclipse
  • Operating System: MacOS

Settings in IDE

  • Module: Generic ESP8266 Module
  • Flash Mode: dio
  • Flash Size: 4MB
  • lwip Variant: v2 Higher Bandwidth
  • Reset Method: none
  • Flash Frequency: 40Mhz
  • CPU Frequency: 160MHz
  • Upload Using: SERIAL
  • Upload Speed: 115200

Problem Description

Two minor issues with BearSSL_CertStore example.

  1. code shows a .idx file being accessed with no explanation that this is created internally in SPIFFS and not generated by "ar". I found this confusing, maybe add a comment in the code that this is not created by ar?

  2. the arguments to "ar" in the certs-from-mozilla.py script do not work on Linux or MacOS. I used "-q" on MacOS and that seemed to work.

MCVE Sketch

N/A

Debug Messages

Running certs-from-mozilla.py:

07:51:01 ~ chris.l$ ./certs-from-mozilla.py 
AC Camerfirma, S.A.:AC Camerfirma SA CIF A82743287:http://www.chambersign.org -> data/ca_000.der
AC Camerfirma, S.A.:AC Camerfirma S.A.: -> data/ca_001.der
AC Camerfirma, S.A.:AC Camerfirma SA CIF A82743287:http://www.chambersign.org -> data/ca_002.der
AC Camerfirma, S.A.:AC Camerfirma S.A.: -> data/ca_003.der
Actalis:Actalis S.p.A./03358520967: -> data/ca_004.der
Amazon Trust Services:Amazon: -> data/ca_005.der
Amazon Trust Services:Amazon: -> data/ca_006.der
Amazon Trust Services:Amazon: -> data/ca_007.der
Amazon Trust Services:Amazon: -> data/ca_008.der
Amazon Trust Services:Starfield Technologies, Inc.: -> data/ca_009.der
Asseco Data Systems S.A. (previously Unizeto Certum):Unizeto Sp. z o.o.: -> data/ca_010.der
Asseco Data Systems S.A. (previously Unizeto Certum):Unizeto Technologies S.A.:Certum Certification Authority -> data/ca_011.der
Asseco Data Systems S.A. (previously Unizeto Certum):Unizeto Technologies S.A.:Certum Certification Authority -> data/ca_012.der
Atos:Atos: -> data/ca_013.der
Autoridad de Certificacion Firmaprofesional:: -> data/ca_014.der
Buypass:Buypass AS-983163327: -> data/ca_015.der
Buypass:Buypass AS-983163327: -> data/ca_016.der
Certicámara:Sociedad Cameral de Certificación Digital - Certicámara S.A.: -> data/ca_017.der
Certinomis / Docapost:Certinomis:0002 433998903 -> data/ca_018.der
certSIGN:certSIGN:certSIGN ROOT CA -> data/ca_019.der
China Financial Certification Authority (CFCA):China Financial Certification Authority: -> data/ca_020.der
Chunghwa Telecom:Chunghwa Telecom Co., Ltd.:ePKI Root Certification Authority -> data/ca_021.der
Comodo CA:Comodo CA Limited: -> data/ca_022.der
Comodo CA:AddTrust AB:AddTrust TTP Network -> data/ca_023.der
Comodo CA:AddTrust AB:AddTrust External TTP Network -> data/ca_024.der
Comodo CA:COMODO CA Limited: -> data/ca_025.der
Comodo CA:COMODO CA Limited: -> data/ca_026.der
Comodo CA:COMODO CA Limited: -> data/ca_027.der
Comodo CA:The USERTRUST Network: -> data/ca_028.der
Comodo CA:The USERTRUST Network: -> data/ca_029.der
Comodo CA:The USERTRUST Network:http://www.usertrust.com -> data/ca_030.der
ComSign:ComSign: -> data/ca_031.der
Consorci Administració Oberta de Catalunya (Consorci AOC, CATCert):Agencia Catalana de Certificacio (NIF Q-0801176-I):Serveis Publics de Certificacio, Vegeu https://www.catcert.net/verarrel (c)03, Jerarquia Entitats de Certificacio Catalanes -> data/ca_032.der
Cybertrust Japan / JCSI:Japan Certification Services, Inc.: -> data/ca_033.der
D-TRUST:D-Trust GmbH: -> data/ca_034.der
D-TRUST:D-Trust GmbH: -> data/ca_035.der
D-TRUST:D-Trust GmbH: -> data/ca_036.der
Dhimyotis / Certigna:Dhimyotis: -> data/ca_037.der
DigiCert:Baltimore:CyberTrust -> data/ca_038.der
DigiCert:Cybertrust, Inc: -> data/ca_039.der
DigiCert:DigiCert Inc:www.digicert.com -> data/ca_040.der
DigiCert:DigiCert Inc:www.digicert.com -> data/ca_041.der
DigiCert:DigiCert Inc:www.digicert.com -> data/ca_042.der
DigiCert:DigiCert Inc:www.digicert.com -> data/ca_043.der
DigiCert:DigiCert Inc:www.digicert.com -> data/ca_044.der
DigiCert:DigiCert Inc:www.digicert.com -> data/ca_045.der
DigiCert:DigiCert Inc:www.digicert.com -> data/ca_046.der
DigiCert:DigiCert Inc:www.digicert.com -> data/ca_047.der
DigiCert:GeoTrust Inc.: -> data/ca_048.der
DigiCert:GeoTrust Inc.: -> data/ca_049.der
DigiCert:GeoTrust Inc.:(c) 2007 GeoTrust Inc. - For authorized use only -> data/ca_050.der
DigiCert:GeoTrust Inc.:(c) 2008 GeoTrust Inc. - For authorized use only -> data/ca_051.der
DigiCert:GeoTrust Inc.: -> data/ca_052.der
DigiCert:GeoTrust Inc.: -> data/ca_053.der
DigiCert:Symantec Corporation:Symantec Trust Network -> data/ca_054.der
DigiCert:Symantec Corporation:Symantec Trust Network -> data/ca_055.der
DigiCert:Symantec Corporation:Symantec Trust Network -> data/ca_056.der
DigiCert:Symantec Corporation:Symantec Trust Network -> data/ca_057.der
DigiCert:thawte, Inc.:Certification Services Division, (c) 2006 thawte, Inc. - For authorized use only -> data/ca_058.der
DigiCert:thawte, Inc.:(c) 2007 thawte, Inc. - For authorized use only -> data/ca_059.der
DigiCert:thawte, Inc.:Certification Services Division, (c) 2008 thawte, Inc. - For authorized use only -> data/ca_060.der
DigiCert:VeriSign, Inc.:VeriSign Trust Network, (c) 1999 VeriSign, Inc. - For authorized use only -> data/ca_061.der
DigiCert:VeriSign, Inc.:VeriSign Trust Network, (c) 1999 VeriSign, Inc. - For authorized use only -> data/ca_062.der
DigiCert:VeriSign, Inc.:VeriSign Trust Network, (c) 1999 VeriSign, Inc. - For authorized use only -> data/ca_063.der
DigiCert:VeriSign, Inc.:VeriSign Trust Network, (c) 2007 VeriSign, Inc. - For authorized use only -> data/ca_064.der
DigiCert:VeriSign, Inc.:VeriSign Trust Network, (c) 2006 VeriSign, Inc. - For authorized use only -> data/ca_065.der
DigiCert:VeriSign, Inc.:VeriSign Trust Network, (c) 2008 VeriSign, Inc. - For authorized use only -> data/ca_066.der
Disig, a.s.:Disig a.s.: -> data/ca_067.der
DocuSign (OpenTrust/Keynectis):Certplus: -> data/ca_068.der
DocuSign (OpenTrust/Keynectis):Certplus: -> data/ca_069.der
DocuSign (OpenTrust/Keynectis):Certplus: -> data/ca_070.der
DocuSign (OpenTrust/Keynectis):OpenTrust: -> data/ca_071.der
DocuSign (OpenTrust/Keynectis):OpenTrust: -> data/ca_072.der
DocuSign (OpenTrust/Keynectis):OpenTrust: -> data/ca_073.der
E-Tugra:E-Tuğra EBG Bilişim Teknolojileri ve Hizmetleri A.Ş.:E-Tugra Sertifikasyon Merkezi -> data/ca_074.der
Entrust:AffirmTrust: -> data/ca_075.der
Entrust:AffirmTrust: -> data/ca_076.der
Entrust:AffirmTrust: -> data/ca_077.der
Entrust:AffirmTrust: -> data/ca_078.der
Entrust:Entrust, Inc.:www.entrust.net/CPS is incorporated by reference, (c) 2006 Entrust, Inc. -> data/ca_079.der
Entrust:Entrust, Inc.:See www.entrust.net/legal-terms, (c) 2012 Entrust, Inc. - for authorized use only -> data/ca_080.der
Entrust:Entrust, Inc.:See www.entrust.net/legal-terms, (c) 2009 Entrust, Inc. - for authorized use only -> data/ca_081.der
Entrust:Entrust.net:www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), (c) 1999 Entrust.net Limited -> data/ca_082.der
Global Digital Cybersecurity Authority Co., Ltd. (Formerly Guang Dong Certificate Authority (GDCA)):GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.: -> data/ca_083.der
GlobalSign:GlobalSign:GlobalSign ECC Root CA - R5 -> data/ca_084.der
GlobalSign:GlobalSign:GlobalSign Root CA - R3 -> data/ca_085.der
GlobalSign:GlobalSign:GlobalSign Root CA - R2 -> data/ca_086.der
GlobalSign:GlobalSign nv-sa:Root CA -> data/ca_087.der
Go Daddy:The Go Daddy Group, Inc.:Go Daddy Class 2 Certification Authority -> data/ca_088.der
Go Daddy:GoDaddy.com, Inc.: -> data/ca_089.der
Go Daddy:Starfield Technologies, Inc.:Starfield Class 2 Certification Authority -> data/ca_090.der
Go Daddy:Starfield Technologies, Inc.: -> data/ca_091.der
Google Trust Services LLC (GTS):GlobalSign:GlobalSign ECC Root CA - R4 -> data/ca_092.der
Google Trust Services LLC (GTS):GlobalSign:GlobalSign Root CA - R2 -> data/ca_093.der
Government of Hong Kong (SAR), Hongkong Post, Certizen:Hongkong Post: -> data/ca_094.der
Government of Spain, Autoritat de Certificació de la Comunitat Valenciana (ACCV):ACCV:PKIACCV -> data/ca_095.der
Government of Spain, Fábrica Nacional de Moneda y Timbre (FNMT):FNMT-RCM:AC RAIZ FNMT-RCM -> data/ca_096.der
Government of Taiwan, Government Root Certification Authority (GRCA):Government Root Certification Authority: -> data/ca_097.der
Government of The Netherlands, PKIoverheid (Logius):Staat der Nederlanden: -> data/ca_098.der
Government of The Netherlands, PKIoverheid (Logius):Staat der Nederlanden: -> data/ca_099.der
Government of The Netherlands, PKIoverheid (Logius):Staat der Nederlanden: -> data/ca_100.der
Government of Turkey, Kamu Sertifikasyon Merkezi (Kamu SM):Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK:Kamu Sertifikasyon Merkezi - Kamu SM -> data/ca_101.der
HARICA:Hellenic Academic and Research Institutions Cert. Authority: -> data/ca_102.der
HARICA:Hellenic Academic and Research Institutions Cert. Authority: -> data/ca_103.der
HARICA:Hellenic Academic and Research Institutions Cert. Authority: -> data/ca_104.der
IdenTrust Services, LLC:Digital Signature Trust Co.: -> data/ca_105.der
IdenTrust Services, LLC:IdenTrust: -> data/ca_106.der
IdenTrust Services, LLC:IdenTrust: -> data/ca_107.der
Internet Security Research Group (ISRG):Internet Security Research Group: -> data/ca_108.der
Izenpe S.A.:IZENPE S.A.: -> data/ca_109.der
Krajowa Izba Rozliczeniowa S.A. (KIR):Krajowa Izba Rozliczeniowa S.A.: -> data/ca_110.der
LuxTrust:LuxTrust S.A.: -> data/ca_111.der
Microsec Ltd.:Microsec Ltd.: -> data/ca_112.der
NetLock Ltd.:NetLock Kft.:Tanúsítványkiadók (Certification Services) -> data/ca_113.der
QuoVadis:QuoVadis Limited: -> data/ca_114.der
QuoVadis:QuoVadis Limited: -> data/ca_115.der
QuoVadis:QuoVadis Limited: -> data/ca_116.der
QuoVadis:QuoVadis Limited: -> data/ca_117.der
QuoVadis:QuoVadis Limited: -> data/ca_118.der
QuoVadis:QuoVadis Limited:Root Certification Authority -> data/ca_119.der
SECOM Trust Systems CO., LTD.:SECOM Trust.net:Security Communication RootCA1 -> data/ca_120.der
SECOM Trust Systems CO., LTD.:SECOM Trust Systems CO.,LTD.:Security Communication RootCA2 -> data/ca_121.der
SK ID Solutions AS:AS Sertifitseerimiskeskus: -> data/ca_122.der
SSL.com:SSL Corporation: -> data/ca_123.der
SSL.com:SSL Corporation: -> data/ca_124.der
SSL.com:SSL Corporation: -> data/ca_125.der
SSL.com:SSL Corporation: -> data/ca_126.der
Swisscom (Switzerland) Ltd:Swisscom:Digital Certificate Services -> data/ca_127.der
SwissSign AG:SwissSign AG: -> data/ca_128.der
SwissSign AG:SwissSign AG: -> data/ca_129.der
SwissSign AG:SwissSign AG: -> data/ca_130.der
T-Systems International GmbH (Deutsche Telekom):Deutsche Telekom AG:T-TeleSec Trust Center -> data/ca_131.der
T-Systems International GmbH (Deutsche Telekom):T-Systems Enterprise Services GmbH:T-Systems Trust Center -> data/ca_132.der
T-Systems International GmbH (Deutsche Telekom):T-Systems Enterprise Services GmbH:T-Systems Trust Center -> data/ca_133.der
Taiwan-CA Inc. (TWCA):TAIWAN-CA:Root CA -> data/ca_134.der
Taiwan-CA Inc. (TWCA):TAIWAN-CA:Root CA -> data/ca_135.der
Telia Company (formerly TeliaSonera):Sonera: -> data/ca_136.der
Telia Company (formerly TeliaSonera):TeliaSonera: -> data/ca_137.der
TrustCor Systems:TrustCor Systems S. de R.L.:TrustCor Certificate Authority -> data/ca_138.der
TrustCor Systems:TrustCor Systems S. de R.L.:TrustCor Certificate Authority -> data/ca_139.der
TrustCor Systems:TrustCor Systems S. de R.L.:TrustCor Certificate Authority -> data/ca_140.der
Trustis:Trustis Limited:Trustis FPS Root CA -> data/ca_141.der
Trustwave:SecureTrust Corporation: -> data/ca_142.der
Trustwave:SecureTrust Corporation: -> data/ca_143.der
Trustwave:XRamp Security Services Inc:www.xrampsecurity.com -> data/ca_144.der
Visa:VISA:Visa International Service Association -> data/ca_145.der
Web.com:Network Solutions L.L.C.: -> data/ca_146.der
WISeKey:WISeKey:Copyright (c) 2005, OISTE Foundation Endorsed -> data/ca_147.der
WISeKey:WISeKey:OISTE Foundation Endorsed -> data/ca_148.der
ar: illegal option combination for -m
usage:  ar -d [-TLsv] archive file ...
	ar -m [-TLsv] archive file ...
	ar -m [-abiTLsv] position archive file ...
	ar -p [-TLsv] archive [file ...]
	ar -q [-cTLsv] archive file ...
	ar -r [-cuTLsv] archive file ...
	ar -r [-abciuTLsv] position archive file ...
	ar -t [-TLsv] archive [file ...]
	ar -x [-ouTLsv] archive [file ...]
@earlephilhower earlephilhower self-assigned this Jul 9, 2018
@earlephilhower
Copy link
Collaborator

Fixed by #4907 and verified MacOS compatibility via private email.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@earlephilhower earlephilhower

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@earlephilhower @liebman and others