From 88be34e2dcb92023c36e2e63397aab9ebe6d987f Mon Sep 17 00:00:00 2001
From: gnorbsl <6427935+gnorbsl@users.noreply.github.com>
Date: Mon, 7 Sep 2020 15:06:36 +0200
Subject: [PATCH] Update certs-from-mozilla.py (#7578)

* Update certs-from-mozilla.py

Check if ar exists, if not tell the user what to get to prevent issue #7300 also dynamically get certs instead of hardcoded row item https://github.com/esp8266/Arduino/pull/7573#issuecomment-686192353
changed comment for missing ar exception
updated path and check for openssl
---
 .../examples/BearSSL_CertStore/certs-from-mozilla.py | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/libraries/ESP8266WiFi/examples/BearSSL_CertStore/certs-from-mozilla.py b/libraries/ESP8266WiFi/examples/BearSSL_CertStore/certs-from-mozilla.py
index 88e3f398d..1f35a9985 100755
--- a/libraries/ESP8266WiFi/examples/BearSSL_CertStore/certs-from-mozilla.py
+++ b/libraries/ESP8266WiFi/examples/BearSSL_CertStore/certs-from-mozilla.py
@@ -11,6 +11,8 @@ from __future__ import print_function
 import csv
 import os
 import sys
+from shutil import which
+
 from subprocess import Popen, PIPE, call
 try:
     from urllib.request import urlopen
@@ -21,6 +23,12 @@ try:
 except Exception:
     from io import StringIO
 
+# check if ar and openssl are available
+if which('ar') is None and not os.path.isfile('./ar') and not os.path.isfile('./ar.exe'):
+    raise Exception("You need the program 'ar' from xtensa-lx106-elf found here: (esp8266-arduino-core)/hardware/esp8266com/esp8266/tools/xtensa-lx106-elf/xtensa-lx106-elf/bin/ar")
+if which('openssl') is None and not os.path.isfile('./openssl') and not os.path.isfile('./openssl.exe'):
+    raise Exception("You need to have openssl in PATH, installable from https://www.openssl.org/")
+    
 # Mozilla's URL for the CSV file with included PEM certs
 mozurl = "https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReportPEMCSV"
 
@@ -35,7 +43,9 @@ csvFile = StringIO(csvData)
 csvReader = csv.reader(csvFile)
 for row in csvReader:
     names.append(row[0]+":"+row[1]+":"+row[2])
-    pems.append(row[32])
+    for item in row:
+        if item.startswith("'-----BEGIN CERTIFICATE-----"):
+            pems.append(item)
 del names[0] # Remove headers
 del pems[0] # Remove headers