search

ADVTOOLS / ADVTrustStore

ADVTrustStore is a simple management script to import/list/remove CA certificates to the iOS simulator. It is working for iOS 5 and iOS 6.
355 stars 71 forks source link

iosCertTrustManager.py fails to install certs on all simulators because it can't encode character u'\u0280' #9

Closed igorpakushin closed 4 years ago

igorpakushin commented 5 years ago 
Import certificate to iPhone X v12.2 [y/N] Importing to /Users/jenkins/Library/Developer/CoreSimulator/Devices/51901893-EEF8-46AA-991C-643E98E0DAD6/data/Library/Keychains/TrustStore.sqlite3
  Existing certificate replaced
Traceback (most recent call last):
  File "iosCertTrustManager.py", line 757, in <module>
    program.run()
  File "iosCertTrustManager.py", line 746, in run
    self.import_to_simulator(args.certificate_file, args.truststore)
  File "iosCertTrustManager.py", line 654, in import_to_simulator
    if query_yes_no("Import certificate to " + simulator.title, "no") == "yes":
  File "iosCertTrustManager.py", line 57, in query_yes_no
    sys.stdout.write(question + prompt)
UnicodeEncodeError: 'ascii' codec can't encode character u'\u0280' in position 30: ordinal not in range(128)

This is how we use it:

url="https://github.com/ADVTOOLS/ADVTrustStore/raw/master/iosCertTrustManager.py"
[[ ! -e iosCertTrustManager.py ]] && curl -O -L ${url}
yes | python iosCertTrustManager.py -a ~/.mitmproxy/mitmproxy-ca-cert.pem
andrivet commented 5 years ago

Can you post your mitmproxy-ca-cert.pem?

igorpakushin commented 4 years ago

oh, sorry @andrivet, didn't see you writing back. Here is the file:

% cat mitmproxy-ca-cert.pem
-----BEGIN CERTIFICATE-----
MIIDoTCCAomgAwIBAgIGDhY9F9lCMA0GCSqGSIb3DQEBCwUAMCgxEjAQBgNVBAMM
CW1pdG1wcm94eTESMBAGA1UECgwJbWl0bXByb3h5MB4XDTE5MDEyODE3MDE0NFoX
DTIyMDEyOTE3MDE0NFowKDESMBAGA1UEAwwJbWl0bXByb3h5MRIwEAYDVQQKDAlt
aXRtcHJveHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC40Rpec4np
H0Ic8GAToDuL0FzcmGbVOY4I5B1F/F3LRfNFFoFORA/4PoLiMPj2gX0+QTRUh1lF
Ma0xZcV5N6PUnC7mwQHvjUyy/8lC3X+8nH+nY9AI8cPX6g9K1AS5GvevouqNHJ7b
h0hIfspoewnA9fj2Ohgx22bmpCwybQAMFL4JD93SrwdTdJcoe8JqnVgTqIfgsLkC
Yc7F2UzOeGD56j5fxHc63B72srGtXlxqhtXmsM+icNUGTg7eUluGnJgV1HMA+6N9
V8nlC1a7LUGEjNenH2XtlzSARPLoY8mWMf39R76bcFMxKOkWJeJnbM0HTdd3Ey1g
C4t94ZWJ0WOlAgMBAAGjgdAwgc0wDwYDVR0TAQH/BAUwAwEB/zARBglghkgBhvhC
AQEEBAMCAgQweAYDVR0lBHEwbwYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcD
BAYIKwYBBQUHAwgGCisGAQQBgjcCARUGCisGAQQBgjcCARYGCisGAQQBgjcKAwEG
CisGAQQBgjcKAwMGCisGAQQBgjcKAwQGCWCGSAGG+EIEATAOBgNVHQ8BAf8EBAMC
AQYwHQYDVR0OBBYEFImnQD+5EojU5OiLMyzOTJAVjkccMA0GCSqGSIb3DQEBCwUA
A4IBAQBn7vYDaLS+oGT3XBKatM5sk85KWeWXntMgLIVO6v2iv+sHtiYnthssKUW+
o1TxdUzRAdMqqIw31bPKZP5J4GvdDZrCe1RtHECtoUinjfCzpMHimB35sDnnfA51
CT/utz5PCyeIyYG6nG0iDBT6YuTQ4TC9hu6N2IoQKijqR8tg1q08om8/818feQbq
qqigXo3qMUDovPIQFHj76GIKC+K+huNhq8U04atHQB8MicF3l03QR7C+FHGPCP+q
f6oxrDlMhO3rFubiL1i9s8p8vEs7lVBv3PSo322HBRlQW5QmdRmtbHUKwRcrfO29
I6PZceDqpBTM1oFyFJcbt2GUwn6C
-----END CERTIFICATE-----

mitmproxy-ca-cert.pem.zip

igorpakushin commented 4 years ago

Hey, I was thinking about this problem.. It shows in a traceback that it failed at line 57, in query_yes_no The line 57 is sys.stdout.write(question + prompt), so, probably either question or prompt contain this weird sybmol that it cannot encode. If I follow up with a prompt, then it seems like it can only be one of [y/n], or [Y/n], or [y/N] where I see no problematic symbols. However the question part, is coming from a call at line 654:

if query_yes_no("Import certificate to " + simulator.title, "no") == "yes":

and it constructs the question out from Import certificate to and simulator.title.

But the simulator title does have a weird symbol nowadays. One of such is iPhone Xʀ, note the ʀ, which is like a small capital "R". So I think that symbol is causing an issue..