search

ADVTOOLS / ADVTrustStore

ADVTrustStore is a simple management script to import/list/remove CA certificates to the iOS simulator. It is working for iOS 5 and iOS 6.
355 stars 71 forks source link

iosCertTrustManager.py fails to successfully open tables #1

Closed cbowns closed 11 years ago

cbowns commented 11 years ago

On 10.8.2, I get the following when I try any actions with iosCertTrustManager.py:

List:

% iosCertTrustManager.py -l                                                  

iPhone/iPad simulator v3.2
Traceback (most recent call last):
  File "iosCertTrustManager.py", line 720, in <module>
    program.run()
  File "iosCertTrustManager.py", line 705, in run
    self.list_simulator_trustedcertificates(args.truststore)
  File "iosCertTrustManager.py", line 641, in list_simulator_trustedcertificates
    tstore.list_certificates()
  File "iosCertTrustManager.py", line 516, in list_certificates
    for row in c.execute('SELECT data FROM tsettings'):
sqlite3.OperationalError: no such table: tsettings

Dump:

% iosCertTrustManager.py --dump ~/Desktop/certtest                                         
Traceback (most recent call last):
  File "iosCertTrustManager.py", line 720, in <module>
    program.run()
  File "iosCertTrustManager.py", line 713, in run
    self.export_simulator_trustedcertificates(args.dump_base_filename, True, args.truststore)
  File "iosCertTrustManager.py", line 654, in export_simulator_trustedcertificates
    tstore.export_certificates_data(certificate_base_filename + "_" + simulator.version)
  File "iosCertTrustManager.py", line 493, in export_certificates_data
    for row in c.execute('SELECT sha1, subj, tset, data FROM tsettings'):
sqlite3.OperationalError: no such table: tsettings

But if I manually specify a truststore path, it works:

% iosCertTrustManager.py -t ~/Library/Application\ Support/iPhone\ Simulator/6.1/Library/Keychains/TrustStore.sqlite3 --dump ~/Desktop/certtest         
  subject= CN = Charles Proxy SSL Proxying, OU = http://charlesproxy.com/ssl, O = XK72 Ltd, L = Auckland, ST = Auckland, C = NZ
    Export certificate [y/N] n
  subject= CN = mitmproxy, O = mitmproxy
    Export certificate [y/N] n
cbowns commented 11 years ago

Looks like a couple of the truststores exist but aren't really full of anything useful:

% foreach truststore (/Users/cbowns/Library/Application\ Support/iPhone\ Simulator/*/Library/Keychains/TrustStore.sqlite3 ) do 
echo $truststore
done

/Users/cbowns/Library/Application Support/iPhone Simulator/3.2/Library/Keychains/TrustStore.sqlite3
/Users/cbowns/Library/Application Support/iPhone Simulator/4.0/Library/Keychains/TrustStore.sqlite3
/Users/cbowns/Library/Application Support/iPhone Simulator/4.2/Library/Keychains/TrustStore.sqlite3
/Users/cbowns/Library/Application Support/iPhone Simulator/4.3.2/Library/Keychains/TrustStore.sqlite3
/Users/cbowns/Library/Application Support/iPhone Simulator/5.0/Library/Keychains/TrustStore.sqlite3
/Users/cbowns/Library/Application Support/iPhone Simulator/5.1/Library/Keychains/TrustStore.sqlite3
/Users/cbowns/Library/Application Support/iPhone Simulator/6.0/Library/Keychains/TrustStore.sqlite3
/Users/cbowns/Library/Application Support/iPhone Simulator/6.1/Library/Keychains/TrustStore.sqlite3
% foreach truststore (/Users/cbowns/Library/Application\ Support/iPhone\ Simulator/*/Library/Keychains/TrustStore.sqlite3 ) do
echo $truststore
iosCertTrustManager.py -t $truststore -l
done
/Users/cbowns/Library/Application Support/iPhone Simulator/3.2/Library/Keychains/TrustStore.sqlite3

/Users/cbowns/Library/Application Support/iPhone Simulator/3.2/Library/Keychains/TrustStore.sqlite3
Traceback (most recent call last):
  File "iosCertTrustManager.py", line 720, in <module>
    program.run()
  File "iosCertTrustManager.py", line 705, in run
    self.list_simulator_trustedcertificates(args.truststore)
  File "iosCertTrustManager.py", line 637, in list_simulator_trustedcertificates
    tstore.list_certificates()
  File "iosCertTrustManager.py", line 516, in list_certificates
    for row in c.execute('SELECT data FROM tsettings'):
sqlite3.OperationalError: no such table: tsettings
/Users/cbowns/Library/Application Support/iPhone Simulator/4.0/Library/Keychains/TrustStore.sqlite3

/Users/cbowns/Library/Application Support/iPhone Simulator/4.0/Library/Keychains/TrustStore.sqlite3
unable to load certificate
29111:error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data:/SourceCache/OpenSSL098/OpenSSL098-47/src/crypto/asn1/a_d2i_fp.c:238:

   subject= CN = Charles Proxy SSL Proxying, OU = http://charlesproxy.com/ssl, O = XK72 Ltd, L = Auckland, ST = Auckland, C = NZ

/Users/cbowns/Library/Application Support/iPhone Simulator/4.2/Library/Keychains/TrustStore.sqlite3

/Users/cbowns/Library/Application Support/iPhone Simulator/4.2/Library/Keychains/TrustStore.sqlite3
   subject= CN = Charles Proxy SSL Proxying, OU = http://charlesproxy.com/ssl, O = XK72 Ltd, L = Auckland, ST = Auckland, C = NZ

/Users/cbowns/Library/Application Support/iPhone Simulator/4.3.2/Library/Keychains/TrustStore.sqlite3

/Users/cbowns/Library/Application Support/iPhone Simulator/4.3.2/Library/Keychains/TrustStore.sqlite3
unable to load certificate
29116:error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data:/SourceCache/OpenSSL098/OpenSSL098-47/src/crypto/asn1/a_d2i_fp.c:238:

   subject= CN = Charles Proxy SSL Proxying, OU = http://charlesproxy.com/ssl, O = XK72 Ltd, L = Auckland, ST = Auckland, C = NZ

/Users/cbowns/Library/Application Support/iPhone Simulator/5.0/Library/Keychains/TrustStore.sqlite3

/Users/cbowns/Library/Application Support/iPhone Simulator/5.0/Library/Keychains/TrustStore.sqlite3
   subject= CN = Charles Proxy SSL Proxying, OU = http://charlesproxy.com/ssl, O = XK72 Ltd, L = Auckland, ST = Auckland, C = NZ

/Users/cbowns/Library/Application Support/iPhone Simulator/5.1/Library/Keychains/TrustStore.sqlite3

/Users/cbowns/Library/Application Support/iPhone Simulator/5.1/Library/Keychains/TrustStore.sqlite3
   subject= CN = Charles Proxy SSL Proxying, OU = http://charlesproxy.com/ssl, O = XK72 Ltd, L = Auckland, ST = Auckland, C = NZ

/Users/cbowns/Library/Application Support/iPhone Simulator/6.0/Library/Keychains/TrustStore.sqlite3

/Users/cbowns/Library/Application Support/iPhone Simulator/6.0/Library/Keychains/TrustStore.sqlite3
   subject= CN = Charles Proxy SSL Proxying, OU = http://charlesproxy.com/ssl, O = XK72 Ltd, L = Auckland, ST = Auckland, C = NZ

/Users/cbowns/Library/Application Support/iPhone Simulator/6.1/Library/Keychains/TrustStore.sqlite3

/Users/cbowns/Library/Application Support/iPhone Simulator/6.1/Library/Keychains/TrustStore.sqlite3
   subject= CN = Charles Proxy SSL Proxying, OU = http://charlesproxy.com/ssl, O = XK72 Ltd, L = Auckland, ST = Auckland, C = NZ

   subject= CN = mitmproxy, O = mitmproxy
daniel-c commented 11 years ago

Fixed to report TrustStore.sqlite3 with no table as invalid and ignore them. It seems this occurs only with iOS version < 4.2.