blockchain-certificates / cert-issuer Goto Github PK
View Code? Open in Web Editor NEWIssues Blockcerts using either the Bitcoin or Ethereum blockchain
License: MIT License
Issues Blockcerts using either the Bitcoin or Ethereum blockchain
License: MIT License
This would be a useful last resort check if anything went wrong at any phase of certificate issuing, i.e. if the issuer accidentally added more certificates to issue than they expected.
Hi,
I just cloned the most recent code and tried to install the experimental Ethereum build by running the following command (as per the instructions in the documentation):
python setup.py experimental --blockchain=ethereum
However, I get the following error:
Exception:
Traceback (most recent call last):
File "/home/ehein/miniconda3/lib/python3.6/site-packages/pip/basecommand.py", line 215, in main status = self.run(options, args)
File "/home/ehein/miniconda3/lib/python3.6/site-packages/pip/commands/install.py", line 312, in run
wheel_cache
File "/home/ehein/miniconda3/lib/python3.6/site-packages/pip/basecommand.py", line 276, in populate_requirement_set
wheel_cache=wheel_cache
File "/home/ehein/miniconda3/lib/python3.6/site-packages/pip/req/req_install.py", line 185, in from_line
name = name.strip()
AttributeError: 'list' object has no attribute 'strip'
It seems that the name of a dependency is a list instead of a string? I had a look at the recent commits and I think this is probably a bug introduced by changes in how dependencies are managed.
P.S. I also tried installing the most recent code with the normal Bitcoin blockchain and everything installs fine, so it seems that the problem is only with Ethereum.
Hi,
I am sorry if it comes out as a silly (very basic) question but while using cert-issuer instructions here https://github.com/blockchain-certificates/cert-issuer
in the "Creating issuing address" there is a statement to be executed under bitcoin bash:
sed -i.bak "s/issuing-address/$issuer/g" /etc/cert-issuer/conf.ini
in this what is the difference between issuing-address and $issuer ?
I believe $issuer is what I generated just above this statement ( issuer=bitcoin-cli getnewaddress
), but the what is issuing-address ?
Later when I am trying to execute "bitcoin-cli sendtoaddress $issuer 5"
This isn't working either, and due to this I am not able to generate certificate as it is saying insufficient balance.
Can you please help me with this.
Regards
Aayush
I am running the commands step by step as mentioned in the Readme. I am facing this exception.
Stack trace below
bash-4.3# cert-issuer -c /etc/cert-issuer/conf.ini
WARNING:root:Your app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
INFO:root:Set cost constants to recommended_tx_fee=0.000600,min_per_output=0.000028,satoshi_per_byte=250
INFO - Set cost constants to recommended_tx_fee=0.000600,min_per_output=0.000028,satoshi_per_byte=250
INFO:root:Processing 1 certificates
INFO - Processing 1 certificates
INFO:root:Processing 1 certificates under work path=/etc/cert-issuer/work
INFO - Processing 1 certificates under work path=/etc/cert-issuer/work
INFO:root:Total cost will be 133500 satoshis
INFO - Total cost will be 133500 satoshis
INFO:root:Starting finalizable signer
INFO - Starting finalizable signer
WARNING:root:app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
WARNING - app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
INFO:root:Stopping finalizable signer
INFO - Stopping finalizable signer
WARNING:root:app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
WARNING - app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
INFO:root:Unsigned hextx=01000000019340a205781240a858d6f9f4d0fdd481e7a2974d4d7a3d09f3eb38d64c7313f40100000000ffffffff02a07acc1d000000001976a9142af2b6b8244f5d26f3f9450540c27eb4cacba37888ac0000000000000000226a20819c418583a11b0d4351a96aba97534db2c758f655220d76a1ad984cf13b10d900000000
INFO - Unsigned hextx=01000000019340a205781240a858d6f9f4d0fdd481e7a2974d4d7a3d09f3eb38d64c7313f40100000000ffffffff02a07acc1d000000001976a9142af2b6b8244f5d26f3f9450540c27eb4cacba37888ac0000000000000000226a20819c418583a11b0d4351a96aba97534db2c758f655220d76a1ad984cf13b10d900000000
INFO:root:Preparing tx for signing
INFO - Preparing tx for signing
INFO:root:Starting finalizable signer
INFO - Starting finalizable signer
WARNING:root:app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
WARNING - app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
ERROR:root:Unable to sign transaction. hextx=01000000019340a205781240a858d6f9f4d0fdd481e7a2974d4d7a3d09f3eb38d64c7313f40100000000ffffffff02a07acc1d000000001976a9142af2b6b8244f5d26f3f9450540c27eb4cacba37888ac0000000000000000226a20819c418583a11b0d4351a96aba97534db2c758f655220d76a1ad984cf13b10d900000000
ERROR - Unable to sign transaction. hextx=01000000019340a205781240a858d6f9f4d0fdd481e7a2974d4d7a3d09f3eb38d64c7313f40100000000ffffffff02a07acc1d000000001976a9142af2b6b8244f5d26f3f9450540c27eb4cacba37888ac0000000000000000226a20819c418583a11b0d4351a96aba97534db2c758f655220d76a1ad984cf13b10d900000000
INFO:root:Stopping finalizable signer
INFO - Stopping finalizable signer
WARNING:root:app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
WARNING - app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
Traceback (most recent call last):
File "/usr/bin/cert-issuer", line 11, in
load_entry_point('cert-issuer==2.0.8', 'console_scripts', 'cert-issuer')()
File "/usr/lib/python3.5/site-packages/cert_issuer/main.py", line 17, in cert_issuer_main
issue_certificates.main(parsed_config)
File "/usr/lib/python3.5/site-packages/cert_issuer/issue_certificates.py", line 56, in main
return issue(app_config, certificate_batch_handler, transaction_handler)
File "/usr/lib/python3.5/site-packages/cert_issuer/issue_certificates.py", line 39, in issue
tx_id = issuer.issue()
File "/usr/lib/python3.5/site-packages/cert_issuer/issuer.py", line 27, in issue
txid = self.transaction_handler.issue_transaction(op_return_bytes)
File "/usr/lib/python3.5/site-packages/cert_issuer/transaction_handler.py", line 82, in issue_transaction
signed_tx = self.sign_transaction(prepared_tx)
File "/usr/lib/python3.5/site-packages/cert_issuer/transaction_handler.py", line 118, in sign_transaction
signed_tx = signer.sign_transaction(prepared_tx)
File "/usr/lib/python3.5/site-packages/cert_issuer/signer.py", line 120, in sign_transaction
return self.signer.sign_transaction(self.wif, transaction_to_sign)
File "/usr/lib/python3.5/site-packages/cert_issuer/signer.py", line 99, in sign_transaction
raise UnableToSignTxError('Unable to sign transaction')
cert_issuer.errors.UnableToSignTxError: Unable to sign transaction
Please let me know whats the issue
Right now, the docker build gets the default Bitcoin configuration going, but lacks direct support for building out an Ethereum container. Might be handy to have support for this.
i am facing this issue where it keeps stating permission denied.
(venv) brendanluke_sf@quest-cert:/venv/cert-issuer$ python issue_certificates.py -c config.ini/venv/cert-issuer$
WARNING - Your app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
INFO - This run will try to issue on the bitcoin_testnet chain
INFO - Set cost constants to recommended_tx_fee=0.000600,min_per_output=0.000028,satoshi_per_byte=250
INFO - Set cost constants to recommended_tx_fee=0.000600,min_per_output=0.000028,satoshi_per_byte=250
ERROR - [Errno 13] Permission denied: '/etc/cert-issuer'
Traceback (most recent call last):
File "issue_certificates.py", line 60, in
tx_id = main(parsed_config)
File "issue_certificates.py", line 52, in main
return issue(app_config, certificate_batch_handler, transaction_handler)
File "issue_certificates.py", line 21, in issue
blockchain_certificates_dir, work_dir)
File "/home/brendanluke_sf/venv/cert-issuer/cert_issuer/helpers.py", line 45, in prepare_issuance_batch
os.makedirs(work_dir, exist_ok=True)
File "/home/brendanluke_sf/venv/lib/python3.5/os.py", line 231, in makedirs
makedirs(head, mode, exist_ok)
File "/home/brendanluke_sf/venv/lib/python3.5/os.py", line 241, in makedirs
mkdir(name, mode)
PermissionError: [Errno 13] Permission denied: '/etc/cert-issuer'
ERROR - [Errno 13] Permission denied: '/etc/cert-issuer'
Traceback (most recent call last):
File "issue_certificates.py", line 60, in
tx_id = main(parsed_config)
File "issue_certificates.py", line 52, in main
return issue(app_config, certificate_batch_handler, transaction_handler)
File "issue_certificates.py", line 21, in issue
File "/home/brendanluke_sf/venv/cert-issuer/cert_issuer/helpers.py", line 45, in prepare_issuance_batch
blockchain_certificates_dir, work_dir)
File "/home/brendanluke_sf/venv/cert-issuer/cert_issuer/helpers.py", line 45, in prepare_issuance_batch
os.makedirs(work_dir, exist_ok=True)
File "/home/brendanluke_sf/venv/lib/python3.5/os.py", line 231, in makedirs
makedirs(head, mode, exist_ok)
File "/home/brendanluke_sf/venv/lib/python3.5/os.py", line 241, in makedirs
mkdir(name, mode)
PermissionError: [Errno 13] Permission denied: '/etc/cert-issuer'
(venv) brendanluke_sf@quest-cert:
I dont have such a folder called etc....
Can someone please help me.
Hi,
Whenever I try to issue a second certificate batch on testnet a few minutes after a successful batch, cert-issuer gets stuck on the broadcasting step, as both connectors report the same errors on every retry:
ERROR:root:Error broadcasting the transaction through the Blockr.IO API. Error msg: {"status":"fail","data":"Could not push your transaction!","code":500,"message":"Did you sign your transaction?"}
ERROR - Error broadcasting the transaction through the Blockr.IO API. Error msg: {"status":"fail","data":"Could not push your transaction!","code":500,"message":"Did you sign your transaction?"}
WARNING:root:Caught exception trying provider <bound method BlockrIOBroadcaster.broadcast_tx of <cert_issuer.connectors.BlockrIOBroadcaster object at 0x7f0dae236c88>>. Trying another. Exception={"status":"fail","data":"Could not push your transaction!","code":500,"message":"Did you sign your transaction?"}
WARNING - Caught exception trying provider <bound method BlockrIOBroadcaster.broadcast_tx of <cert_issuer.connectors.BlockrIOBroadcaster object at 0x7f0dae236c88>>. Trying another. Exception={"status":"fail","data":"Could not push your transaction!","code":500,"message":"Did you sign your transaction?"}
ERROR:root:Error broadcasting the transaction through the BlockExplorer API. Error msg: 258: txn-mempool-conflict. Code:-26
ERROR - Error broadcasting the transaction through the BlockExplorer API. Error msg: 258: txn-mempool-conflict. Code:-26
WARNING:root:Caught exception trying provider <bound method BlockExplorerBroadcaster.broadcast_tx of <cert_issuer.connectors.BlockExplorerBroadcaster object at 0x7f0dae236cf8>>. Trying another. Exception=258: txn-mempool-conflict. Code:-26
WARNING - Caught exception trying provider <bound method BlockExplorerBroadcaster.broadcast_tx of <cert_issuer.connectors.BlockExplorerBroadcaster object at 0x7f0dae236cf8>>. Trying another. Exception=258: txn-mempool-conflict. Code:-26
WARNING:root:Broadcasting failed. Waiting before retrying. This is attempt number 0
WARNING - Broadcasting failed. Waiting before retrying. This is attempt number 0
Eventually the transaction does go through after some retries.
I believe this may be due to the first transaction not being confirmed yet when the second transaction is attempted, but that is just my gut feeling at the moment. Is there a way to avoid this long wait?
Thanks.
Hello Kim,
Apology for opening a new issue. Let me know if I should add this to old thread?
I was just setting up everything without docker. I get this error:
ERROR:root:'bytes' object has no attribute 'encode'
Traceback (most recent call last):
File "/home/ubuntu/development/cert-issuer/cert_issuer/issue_certificates.py", line 92, in
tx_id = main(parsed_config, secret_manager)
File "/home/ubuntu/development/cert-issuer/cert_issuer/issue_certificates.py", line 72, in main
tx_id = issuer.issue_certificates()
File "/usr/local/lib/python3.4/dist-packages/cert_issuer/issuer.py", line 132, in issue_certificates
tx_id = self.issue_on_blockchain()
File "/usr/local/lib/python3.4/dist-packages/cert_issuer/issuer.py", line 46, in issue_on_blockchain
op_return_value_bytes = unhexlify(self.tree.get_merkle_root())
File "/usr/local/lib/python3.4/dist-packages/cert_issuer/helpers.py", line 17, in unhexlify
def unhexlify(hex_string): return binascii.unhexlify(hex_string.encode('utf8'))
AttributeError: 'bytes' object has no attribute 'encode'
ERROR - 'bytes' object has no attribute 'encode'
Traceback (most recent call last):
File "/home/ubuntu/development/cert-issuer/cert_issuer/issue_certificates.py", line 92, in
tx_id = main(parsed_config, secret_manager)
File "/home/ubuntu/development/cert-issuer/cert_issuer/issue_certificates.py", line 72, in main
tx_id = issuer.issue_certificates()
File "/usr/local/lib/python3.4/dist-packages/cert_issuer/issuer.py", line 132, in issue_certificates
tx_id = self.issue_on_blockchain()
File "/usr/local/lib/python3.4/dist-packages/cert_issuer/issuer.py", line 46, in issue_on_blockchain
op_return_value_bytes = unhexlify(self.tree.get_merkle_root())
File "/usr/local/lib/python3.4/dist-packages/cert_issuer/helpers.py", line 17, in unhexlify
def unhexlify(hex_string): return binascii.unhexlify(hex_string.encode('utf8'))
AttributeError: 'bytes' object has no attribute 'encode'
=> ""
I am calling the below command from ruby application.
sudo python3 /home/ubuntu/development/cert-issuer/cert_issuer/issue_certificates.py -c /home/ubuntu/development/ruby_blockchain_middleware/conf_updated.ini
I am on the latest master. Now conf_updated.ini looks like this:
issuing_address = random_address
revocation_address = random_address2
bitcoin_chain=testnet
usb_name=/home/ubuntu/development/ruby_blockchain_middleware/
key_file=pk_issuer.txt
unsigned_certificates_dir=/home/ubuntu/development/ruby_blockchain_middleware/unsigned
signed_certificates_dir=/home/ubuntu/development/ruby_blockchain_middleware/signed
blockchain_certificates_dir=/home/ubuntu/development/ruby_blockchain_middleware/blockchain
work_dir=/home/ubuntu/development/ruby_blockchain_middleware/work
no_safe_mode
pk_issuer.txt
random_key2
cert json:
https://s3.amazonaws.com/staging-accredible-blockchain/unsigned/10299954.json
When I use the same conf.ini file address and cert JSON inside docker app. It works fine. So the address is correct and cert JSON also.
Any idea, what I can do to debug this?
From @kimdhamilton on September 27, 2017 20:5
Instead of relying on public keys, we want to use Decentralized Identifiers (DIDs), since these enable longer-lived Blockcert ownership.
Note that the decentralized identifier spec is still being finalized in the W3C Credentials CG. There are 2 known (at this time) mostly compliant (i.e. the spec still isn't finalized) method specs -- Veres 1 and BTCR. Other popular method specs such as Sovrin and uPort are expected to comply shortly after spec finalization.
Blockcerts won't tie to any specific DID provider. Rather it only knows about DIDs. We may, for purposes of prototypes, show examples with the simplest DID method, i.e. BTCR.
DIDs enable more user-friendly means of recovery, e.g. social recovery in the case that you lose your device, or in some way make your private keys unrecoverable.
The schema change is super simple: we will simply use Verifiable Claims conventions enabling id
, entity
, and owner
to be DIDs.
Changes to the Blockcerts ecosystem could be interesting:
In general, this nicely decouples Blockcerts from key management.
Copied from original issue: blockchain-certificates/cert-schema#41
Hi, I'm trying to install this, but when I run docker build
command, it's always return errors below:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-build-o_d_2zxh/pyld/setup.py", line 17, in <module>
from pyld import jsonld
File "/tmp/pip-build-o_d_2zxh/pyld/lib/pyld/__init__.py", line 2, in <module>
from . import jsonld
File "/tmp/pip-build-o_d_2zxh/pyld/lib/pyld/jsonld.py", line 19, in <module>
import requests
ImportError: No module named 'requests'
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-o_d_2zxh/pyld/
unless I append 'requests' in Dockerfile's pip3 install, can you help me with that ?
I am getting below error after running docker build -t bc/cert-issuer:1.0 .
in step 1
C:\Users\Hafsah\Documents\Python_Scripts\cert-issuer>docker build -t bc/cert-issuer:1.0 .
Sending build context to Docker daemon 2.855MB
Step 1/6 : FROM seegno/bitcoind:0.13-alpine
0.13-alpine: Pulling from seegno/bitcoind
image operating system "linux" cannot be used on this platform
for this repo and all missing in digital-certificates.
See #9
Hi, I am a student doing my thesis from TU Delft. I came acros blockerts via the article in medium and I found it very interesting. I have a question though, with the GDPR regulations in Europe you cannot store personal information on the chain, how did you manage to negate it or is that currently not your domain or research.
Update issuer to use types and chains per #40
hi, I am trying to understand this prj. in particular I am interested in the backend. as far as I understand you are making use of existing bitcoin blockchain? so you are mostly a client of this bitcoin blockchain? From your description:
The cert-issuer project issues blockchain certificates by creating a transaction from the issuing institution to the recipient on the Bitcoin blockchain that includes the hash of the certificate itself.
if I wanted to recreate the prj then I would have to do the same as you do, reuse the bitcoin blockchain? how could I rebuild this using hyperledger?
There is no connector configured for Ethereum testnet issuing mode. What is the correct behavior?
This errror was reported:
Traceback (most recent call last):
File "/home/ludo/.local/bin/cert-issuer", line 11, in <module>
sys.exit(cert_issuer_main())
File "/home/ludo/.local/lib/python3.5/site-packages/cert_issuer/__main__.py", line 17, in cert_issuer_main
issue_certificates.main(parsed_config)
File "/home/ludo/.local/lib/python3.5/site-packages/cert_issuer/issue_certificates.py", line 68, in main
return issue(app_config, certificate_batch_handler, transaction_handler)
File "/home/ludo/.local/lib/python3.5/site-packages/cert_issuer/issue_certificates.py", line 35, in issue
transaction_handler.ensure_balance()
File "/home/ludo/.local/lib/python3.5/site-packages/cert_issuer/transaction_handler.py", line 167, in ensure_balance
self.balance = self.connector.get_balance(self.issuing_address)
File "/home/ludo/.local/lib/python3.5/site-packages/cert_issuer/connectors.py", line 205, in get_balance
for m in get_providers_for_chain(self.ethereum_chain, self.local_node):
File "/home/ludo/.local/lib/python3.5/site-packages/cert_issuer/connectors.py", line 374, in get_providers_for_chain
return connectors[chain]
KeyError: <Chain.ethereum_testnet: 6>
The OBI signing step makes sense as a separate step from the blockchain issuing process. Separate out mains so these can be called independently
I am getting the following error when I try to issue certificates either in bitcoin testnet or using docker and regtest. My bitcoin testnet wallet has 3.5 btcs and for the docker app, I am just following the steps in cert-issuer for the bitcoin-cli. Could you please post more detailed steps on how to make sure there are sufficient funds for both?
Thanks!
Error:
WARNING - Your app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
INFO - This run will try to issue on the bitcoin_regtest chain
INFO - Set cost constants to recommended_tx_fee=0.000600,min_per_output=0.000028,satoshi_per_byte=250
INFO - Set cost constants to recommended_tx_fee=0.000600,min_per_output=0.000028,satoshi_per_byte=250
INFO - Processing 2 certificates
INFO - Processing 2 certificates
INFO - Processing 2 certificates under work path=/Users/itinawi/superurop/cert-issuer/data/work
INFO - Processing 2 certificates under work path=/Users/itinawi/superurop/cert-issuer/data/work
WARNING - [Errno 2] No such file or directory: '/Users/itinawi/Library/Application Support/Bitcoin/bitcoin.conf'
WARNING - [Errno 2] No such file or directory: '/Users/itinawi/Library/Application Support/Bitcoin/bitcoin.conf'
WARNING - address mt8vRAdRifBTrCsA4Ja1SK2DwNLknbsqVZ has a balance of 0
WARNING - address mt8vRAdRifBTrCsA4Ja1SK2DwNLknbsqVZ has a balance of 0
INFO - Total cost will be 133500 satoshis
INFO - Total cost will be 133500 satoshis
ERROR - Please add 133500 satoshis to the address mt8vRAdRifBTrCsA4Ja1SK2DwNLknbsqVZ
ERROR - Please add 133500 satoshis to the address mt8vRAdRifBTrCsA4Ja1SK2DwNLknbsqVZ
Traceback (most recent call last):
File "/Users/itinawi/superurop/cert-issuer/venv/bin/cert-issuer", line 11, in
load_entry_point('cert-issuer==2.0.11', 'console_scripts', 'cert-issuer')()
File "/Users/itinawi/superurop/cert-issuer/venv/lib/python3.6/site-packages/cert_issuer-2.0.11-py3.6.egg/cert_issuer/main.py", line 17, in cert_issuer_main
issue_certificates.main(parsed_config)
File "/Users/itinawi/superurop/cert-issuer/venv/lib/python3.6/site-packages/cert_issuer-2.0.11-py3.6.egg/cert_issuer/issue_certificates.py", line 52, in main
return issue(app_config, certificate_batch_handler, transaction_handler)
File "/Users/itinawi/superurop/cert-issuer/venv/lib/python3.6/site-packages/cert_issuer-2.0.11-py3.6.egg/cert_issuer/issue_certificates.py", line 30, in issue
transaction_handler.ensure_balance()
File "/Users/itinawi/superurop/cert-issuer/venv/lib/python3.6/site-packages/cert_issuer-2.0.11-py3.6.egg/cert_issuer/bitcoin/transaction_handlers.py", line 51, in ensure_balance
raise InsufficientFundsError(error_message)
cert_issuer.errors.InsufficientFundsError: Please add 133500 satoshis to the address mt8vRAdRifBTrCsA4Ja1SK2DwNLknbsqVZ
There is some duplication between this and other libraries like cert-verifier. Refactor this for reuse.
I followed the steps here to build the docker container for cert-issuer, and also replacing libressl-dev for openssl-dev to overcome the errors I got, as shown here.
Then after running this (using python3.6 with virtualenv):
(venv) bash-4.3# python setup.py experimental --blockchain=ethereum
I got this error:
ethereum 2.3.2 has requirement rlp<2.0.0,>=1.0.1, but you'll have rlp 0.6.0 which is incompatible.
Installing collected packages: rlp
Found existing installation: rlp 1.0.2
Uninstalling rlp-1.0.2:
Successfully uninstalled rlp-1.0.2
Successfully installed rlp-0.6.0
I found this which suggests adding rlp<1 to "ethereum_requirements.txt", but it is already added, so I changed "rlp<1" to "rlp>=1" and the setup seemed to complete successfully.
Then I get this error, after running:
(venv) bash-4.3# cert-issuer -c /etc/cert-issuer/conf.ini
...
Traceback (most recent call last):
File "/usr/bin/cert-issuer", line 11, in <module>
load_entry_point('cert-issuer==2.0.15', 'console_scripts', 'cert-issuer')()
File "/usr/lib/python3.6/site-packages/cert_issuer/__main__.py", line 17, in cert_issuer_main
issue_certificates.main(parsed_config)
File "/usr/lib/python3.6/site-packages/cert_issuer/issue_certificates.py", line 36, in main
return issue(app_config, certificate_batch_handler, transaction_handler)
File "/usr/lib/python3.6/site-packages/cert_issuer/issue_certificates.py", line 22, in issue
tx_id = issuer.issue(app_config.chain)
File "/usr/lib/python3.6/site-packages/cert_issuer/issuer.py", line 27, in issue
txid = self.transaction_handler.issue_transaction(blockchain_bytes)
File "/usr/lib/python3.6/site-packages/cert_issuer/blockchain_handlers/ethereum/transaction_handlers.py", line 61, in issue_transaction
self.verify_transaction(signed_tx, eth_data_field)
File "/usr/lib/python3.6/site-packages/cert_issuer/blockchain_handlers/ethereum/transaction_handlers.py", line 92, in verify_transaction
tx_utils.verify_eth_transaction(signed_tx, eth_data_field)
File "/usr/lib/python3.6/site-packages/cert_issuer/blockchain_handlers/ethereum/tx_utils.py", line 24, in verify_eth_transaction
for s in signed_hextx.split('80a0'):
AttributeError: 'dict' object has no attribute 'split'
Previously reported this in the Community forum in this post and posting it here as requested.
Thanks.
e.g. testnet bitcoind configurations. This is currently in an old docs repo and they need to be updated before adding.
The environment setup in the Docker image isn't correct -- the main issuer module can't be found without performing additional steps. I've added steps to the docs to work around this, but I want to automate away the manual steps
Error:
Traceback (most recent call last):
File “/usr/bin/cert-issuer”, line 11, in
load_entry_point(‘cert-issuer==2.0.12’, ‘console_scripts’, ‘cert-issuer’)()
File “/usr/lib/python3.6/site-packages/cert_issuer/main.py”, line 17, in cert_issuer_main
issue_certificates.main(parsed_config)
File “/usr/lib/python3.6/site-packages/cert_issuer/issue_certificates.py”, line 32, in main
from cert_issuer import ethereum
File “/usr/lib/python3.6/site-packages/cert_issuer/ethereum/init.py”, line 9, in
from cert_issuer.ethereum.signer import EthereumSigner
File “/usr/lib/python3.6/site-packages/cert_issuer/ethereum/signer.py”, line 2, in
from ethereum import transactions
File “/usr/lib/python3.6/site-packages/ethereum/init.py”, line 11, in
from . import slogging # noqa
File “/usr/lib/python3.6/site-packages/ethereum/slogging.py”, line 6, in
from ethereum.utils import bcolors, is_numeric
File “/usr/lib/python3.6/site-packages/ethereum/utils.py”, line 13, in
from rlp.utils import decode_hex, encode_hex, ascii_chr, str_to_bytes
ImportError: cannot import name ‘decode_hex’
Solution for the time being is to force RLP below 1. Once the recent pyethereum ticket is closed, we can try uping the version again.
Hi, during the installation of cert-issuer, as I execute the following command inside python 3 environment, everything runs smoothly until step (41/41), as it shows error in Running setup.py install for cryptography: finished with status 'error' line;
(PS ; NOTE : already installed 'pip install pyopenssl ndg-httpsclient pyasn1' and 'pip install cryptography'):
(myvenv) dj@home:~/cert-tools/cert-issuer$ docker build -t bc/cert-issuer:1.0 .
Step 1/6 : FROM seegno/bitcoind:0.13-alpine
---> 73b9b57b4bd1
Step 2/6 : MAINTAINER Kim Duffy "[email protected]"
---> Using cache
---> 27cd852f5081
Step 3/6 : COPY . /cert-issuer
---> 798eb9b98c8c
Step 4/6 : COPY conf_regtest.ini /etc/cert-issuer/conf.ini
---> 5f1780b93c44
Step 5/6 : RUN apk add --update bash ca-certificates curl gcc gmp-dev libffi-dev
.
.
.
(39/41) Installing python3 (3.6.1-r3)
(40/41) Installing python3-dev (3.6.1-r3)
(41/41) Installing tar (1.29-r1)
Executing busybox-1.26.2-r5.trigger
Executing ca-certificates-20161130-r2.trigger
OK: 249 MiB in 61 packages
Requirement already satisfied: setuptools in /usr/lib/python3.6/site-packages
Requirement already satisfied: pip in /usr/lib/python3.6/site-packages
.
.
.
merkletools 1.0.2 has requirement pysha3==1.0b1, but you'll have pysha3 1.0.2 which is incompatible.
Installing collected packages: urllib3, certifi, chardet, idna, asn1crypto, six, pycparser, cffi, cryptography, pyOpenSSL, requests, pyld, jsonschema, py, pluggy, virtualenv, tox, decorator, validators, cert-schema, configargparse, inflection, click, PyYAML, clickclick, Werkzeug, MarkupSafe, Jinja2, itsdangerous, flask, swagger-spec-validator, connexion, PyMongo, Flask-PyMongo, python-dateutil, pytz, simplekv, cert-core, pysha3, merkletools, chainpoint, glob2, pbr, mock, pycoin, python-bitcoinlib, cert-issuer
Running setup.py install for pycparser: started
Running setup.py install for pycparser: finished with status 'done'
Running setup.py install for cffi: started
Running setup.py install for cffi: finished with status 'done'
Running setup.py install for cryptography: started
Running setup.py install for cryptography: finished with status 'error'
Complete output from command /usr/bin/python3.6 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-bns48t_5/cryptography/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-2xx703v_/install-record.txt --single-version-externally-managed --compile:
running install
running build
running build_py
creating build
creating build/lib.linux-x86_64-3.6
creating build/lib.linux-x86_64-3.6/cryptography
copying src/cryptography/exceptions.py -> build/lib.linux-x86_64-3.6/cryptography
copying src/cryptography/utils.py -> build/lib.linux-x86_64-3.6/cryptography
.
.
.
copying src/cryptography/hazmat/backends/openssl/aead.py -> build/lib.linux-x86_64-3.6/cryptography/hazmat/backends/openssl
running egg_info
writing src/cryptography.egg-info/PKG-INFO
writing dependency_links to src/cryptography.egg-info/dependency_links.txt
writing requirements to src/cryptography.egg-info/requires.txt
writing top-level names to src/cryptography.egg-info/top_level.txt
reading manifest file 'src/cryptography.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
no previously-included directories found matching 'docs/_build'
warning: no previously-included files matching '*' found under directory 'vectors'
writing manifest file 'src/cryptography.egg-info/SOURCES.txt'
running build_ext
generating cffi module 'build/temp.linux-x86_64-3.6/_padding.c'
creating build/temp.linux-x86_64-3.6
generating cffi module 'build/temp.linux-x86_64-3.6/_constant_time.c'
generating cffi module 'build/temp.linux-x86_64-3.6/_openssl.c'
building '_openssl' extension
creating build/temp.linux-x86_64-3.6/build
creating build/temp.linux-x86_64-3.6/build/temp.linux-x86_64-3.6
**gcc -Wno-unused-result -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -Wstrict-prototypes -Os -fomit-frame-pointer -Os -fomit-frame-pointer -Os -fomit-frame-pointer -fPIC -I/usr/include/python3.6m -c build/temp.linux-x86_64-3.6/_openssl.c -o build/temp.linux-x86_64-3.6/build/temp.linux-x86_64-3.6/_openssl.o -Wconversion -Wno-error=sign-conversion**
build/temp.linux-x86_64-3.6/_openssl.c: In function 'dev_urandom_read':
build/temp.linux-x86_64-3.6/_openssl.c:1540:17: warning: conversion to 'int' from 'ssize_t {aka long int}' may alter its value [-Wconversion]
size -= n;
^
build/temp.linux-x86_64-3.6/_openssl.c: In function 'osrandom_rand_bytes':
build/temp.linux-x86_64-3.6/_openssl.c:1732:21: warning: conversion to 'int' from 'long int' may alter its value [-Wconversion]
size -= n;
^
build/temp.linux-x86_64-3.6/_openssl.c: In function 'SSL_SESSION_get_master_key':
build/temp.linux-x86_64-3.6/_openssl.c:2155:23: warning: conversion to 'size_t {aka long unsigned int}' from 'int' may change the sign of the result [-Wsign-conversion]
return session->master_key_length;
~~~~~~~^~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:2157:18: warning: conversion to 'size_t {aka long unsigned int}' from 'int' may change the sign of the result [-Wsign-conversion]
outlen = session->master_key_length;
^~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: At top level:
build/temp.linux-x86_64-3.6/_openssl.c:2269:38: warning: initialization makes integer from pointer without a cast [-Wint-conversion]
static const long SSL_OP_NO_DTLSv1 = NULL;
^~~~
build/temp.linux-x86_64-3.6/_openssl.c:2270:40: warning: initialization makes integer from pointer without a cast [-Wint-conversion]
static const long SSL_OP_NO_DTLSv1_2 = NULL;
^~~~
build/temp.linux-x86_64-3.6/_openssl.c:2472:7: error: 'X509_VERIFY_PARAM_set1_host' redeclared as different kind of symbol
int (*X509_VERIFY_PARAM_set1_host)(X509_VERIFY_PARAM *, const char *,
^~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/x509.h:595:0,
from /usr/include/openssl/engine.h:96,
from build/temp.linux-x86_64-3.6/_openssl.c:572:
/usr/include/openssl/x509_vfy.h:545:5: note: previous declaration of 'X509_VERIFY_PARAM_set1_host' was here
int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param, const char *name,
^~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:2478:7: error: 'X509_VERIFY_PARAM_set1_ip_asc' redeclared as different kind of symbol
int (*X509_VERIFY_PARAM_set1_ip_asc)(X509_VERIFY_PARAM *, const char *) = NULL;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/openssl/x509.h:595:0,
from /usr/include/openssl/engine.h:96,
from build/temp.linux-x86_64-3.6/_openssl.c:572:
/usr/include/openssl/x509_vfy.h:547:5: note: previous declaration of 'X509_VERIFY_PARAM_set1_ip_asc' was here
int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function 'init_mutexes':
build/temp.linux-x86_64-3.6/_openssl.c:2607:19: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
for (i = 0; i < _ssl_locks_count; i++) {
^
build/temp.linux-x86_64-3.6/_openssl.c: In function '_setup_ssl_threads':
build/temp.linux-x86_64-3.6/_openssl.c:2615:28: warning: conversion to 'unsigned int' from 'int' may change the sign of the result [-Wsign-conversion]
_ssl_locks_count = CRYPTO_num_locks();
^~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function 'Cryptography_pem_password_cb':
build/temp.linux-x86_64-3.6/_openssl.c:2648:35: warning: conversion to 'size_t {aka long unsigned int}' from 'int' may change the sign of the result [-Wsign-conversion]
memcpy(buf, st->password, st->length);
^~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_DTLS_get_link_min_mtu':
build/temp.linux-x86_64-3.6/_openssl.c:22451:10: warning: return makes integer from pointer without a cast [-Wint-conversion]
return DTLS_get_link_min_mtu(x0);
^~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_DTLS_get_link_min_mtu':
build/temp.linux-x86_64-3.6/_openssl.c:22474:12: warning: assignment makes integer from pointer without a cast [-Wint-conversion]
{ result = DTLS_get_link_min_mtu(x0); }
^
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_DTLS_set_link_mtu':
build/temp.linux-x86_64-3.6/_openssl.c:22535:10: warning: return makes integer from pointer without a cast [-Wint-conversion]
return DTLS_set_link_mtu(x0, x1);
^~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_DTLS_set_link_mtu':
build/temp.linux-x86_64-3.6/_openssl.c:22568:12: warning: assignment makes integer from pointer without a cast [-Wint-conversion]
{ result = DTLS_set_link_mtu(x0, x1); }
^
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_add_extra_chain_cert':
build/temp.linux-x86_64-3.6/_openssl.c:46134:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_add_extra_chain_cert(x0, x1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_add_extra_chain_cert':
build/temp.linux-x86_64-3.6/_openssl.c:46174:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_add_extra_chain_cert(x0, x1); }
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_clear_options':
build/temp.linux-x86_64-3.6/_openssl.c:46223:10: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_clear_options(x0, x1);
^~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:46223:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_clear_options':
build/temp.linux-x86_64-3.6/_openssl.c:46256:14: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_clear_options(x0, x1); }
^~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:46256:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_get_mode':
build/temp.linux-x86_64-3.6/_openssl.c:46508:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_get_mode(x0);
^~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_get_mode':
build/temp.linux-x86_64-3.6/_openssl.c:46531:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_get_mode(x0); }
^~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_get_options':
build/temp.linux-x86_64-3.6/_openssl.c:46544:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_get_options(x0);
^~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_get_options':
build/temp.linux-x86_64-3.6/_openssl.c:46567:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_get_options(x0); }
^~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_get_session_cache_mode':
build/temp.linux-x86_64-3.6/_openssl.c:46616:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_get_session_cache_mode(x0);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_get_session_cache_mode':
build/temp.linux-x86_64-3.6/_openssl.c:46639:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_get_session_cache_mode(x0); }
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_set_cookie_verify_cb':
build/temp.linux-x86_64-3.6/_openssl.c:47913:36: warning: passing argument 2 of 'SSL_CTX_set_cookie_verify_cb' from incompatible pointer type [-Wincompatible-pointer-types]
SSL_CTX_set_cookie_verify_cb(x0, x1);
^~
In file included from build/temp.linux-x86_64-3.6/_openssl.c:712:0:
/usr/include/openssl/ssl.h:760:6: note: expected 'int (*)(SSL *, unsigned char *, unsigned int) {aka int (*)(struct ssl_st *, unsigned char *, unsigned int)}' but argument is of type 'int (*)(SSL *, const unsigned char *, unsigned int) {aka int (*)(struct ssl_st *, const unsigned char *, unsigned int)}'
void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_set_cookie_verify_cb':
build/temp.linux-x86_64-3.6/_openssl.c:47945:38: warning: passing argument 2 of 'SSL_CTX_set_cookie_verify_cb' from incompatible pointer type [-Wincompatible-pointer-types]
{ SSL_CTX_set_cookie_verify_cb(x0, x1); }
^~
In file included from build/temp.linux-x86_64-3.6/_openssl.c:712:0:
/usr/include/openssl/ssl.h:760:6: note: expected 'int (*)(SSL *, unsigned char *, unsigned int) {aka int (*)(struct ssl_st *, unsigned char *, unsigned int)}' but argument is of type 'int (*)(SSL *, const unsigned char *, unsigned int) {aka int (*)(struct ssl_st *, const unsigned char *, unsigned int)}'
void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_set_mode':
build/temp.linux-x86_64-3.6/_openssl.c:48245:10: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_set_mode(x0, x1);
^~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:48245:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_set_mode':
build/temp.linux-x86_64-3.6/_openssl.c:48278:14: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_set_mode(x0, x1); }
^~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:48278:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_set_options':
build/temp.linux-x86_64-3.6/_openssl.c:48409:10: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_set_options(x0, x1);
^~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:48409:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_set_options':
build/temp.linux-x86_64-3.6/_openssl.c:48442:14: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_set_options(x0, x1); }
^~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:48442:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
In file included from build/temp.linux-x86_64-3.6/_openssl.c:712:0:
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_set_session_cache_mode':
build/temp.linux-x86_64-3.6/_openssl.c:48593:45: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_set_session_cache_mode(x0, x1);
^
build/temp.linux-x86_64-3.6/_openssl.c:48593:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_set_session_cache_mode(x0, x1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from build/temp.linux-x86_64-3.6/_openssl.c:712:0:
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_set_session_cache_mode':
build/temp.linux-x86_64-3.6/_openssl.c:48626:49: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_set_session_cache_mode(x0, x1); }
^
build/temp.linux-x86_64-3.6/_openssl.c:48626:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_set_session_cache_mode(x0, x1); }
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_set_tmp_dh':
build/temp.linux-x86_64-3.6/_openssl.c:48995:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_set_tmp_dh(x0, x1);
^~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_set_tmp_dh':
build/temp.linux-x86_64-3.6/_openssl.c:49035:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_set_tmp_dh(x0, x1); }
^~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_CTX_set_tmp_ecdh':
build/temp.linux-x86_64-3.6/_openssl.c:49048:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_CTX_set_tmp_ecdh(x0, x1);
^~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_CTX_set_tmp_ecdh':
build/temp.linux-x86_64-3.6/_openssl.c:49088:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_CTX_set_tmp_ecdh(x0, x1); }
^~~~~~~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_get_mode':
build/temp.linux-x86_64-3.6/_openssl.c:50981:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_get_mode(x0);
^~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_get_mode':
build/temp.linux-x86_64-3.6/_openssl.c:51004:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_get_mode(x0); }
^~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_get_options':
build/temp.linux-x86_64-3.6/_openssl.c:51017:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
return SSL_get_options(x0);
^~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_get_options':
build/temp.linux-x86_64-3.6/_openssl.c:51040:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_get_options(x0); }
^~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_set_mode':
build/temp.linux-x86_64-3.6/_openssl.c:52816:10: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
return SSL_set_mode(x0, x1);
^~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:52816:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_set_mode':
build/temp.linux-x86_64-3.6/_openssl.c:52849:14: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_set_mode(x0, x1); }
^~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:52849:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_d_SSL_set_options':
build/temp.linux-x86_64-3.6/_openssl.c:52862:10: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
return SSL_set_options(x0, x1);
^~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:52862:10: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
build/temp.linux-x86_64-3.6/_openssl.c: In function '_cffi_f_SSL_set_options':
build/temp.linux-x86_64-3.6/_openssl.c:52895:14: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion]
{ result = SSL_set_options(x0, x1); }
^~~~~~~~~~~~~~~
build/temp.linux-x86_64-3.6/_openssl.c:52895:14: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion]
error: command 'gcc' failed with exit status 1
----------------------------------------
Command "/usr/bin/python3.6 -u -c "import setuptools, tokenize;__file__='/tmp/pip-install-bns48t_5/cryptography/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-record-2xx703v_/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-install-bns48t_5/cryptography/
The command '/bin/sh -c apk add --update bash ca-certificates curl gcc gmp-dev libffi-dev libressl-dev linux-headers make musl-dev python python3 python3-dev tar && python3 -m ensurepip && pip3 install --upgrade pip setuptools && mkdir -p /etc/cert-issuer/data/unsigned_certificates && mkdir /etc/cert-issuer/data/blockchain_certificates && mkdir ~/.bitcoin && echo $'rpcuser=foo\nrpcpassword=bar\nrpcport=8332\nregtest=1\nrelaypriority=0\nrpcallowip=127.0.0.1\nrpcconnect=127.0.0.1\n' > /root/.bitcoin/bitcoin.conf && pip3 install /cert-issuer/. && rm -r /usr/lib/python*/ensurepip && rm -rf /var/cache/apk/* && rm -rf /root/.cache && sed -i.bak s/==1\.0b1/\>=1\.0b1/g /usr/lib/python3.*/site-packages/merkletools-1.0.2-py3.*.egg-info/requires.txt' returned a non-zero code: 1
Request indicate issue. Host OS is Ubuntu 16.04 (on VM) and performed "python3 -m venv myvenv" for my virtual environment.
Regards
From @kimdhamilton on September 27, 2017 19:35
We want to use the Verifiable Claims schema, but in an Open Badges compatible way; ideally by "integrating" Open Badges with Verifiable Claims directly
Copied from original issue: blockchain-certificates/cert-schema#39
I updated the json template with a displayHtml part to work with the android wallet, but I get this error when trying to sign it:
WARNING - Caught exception trying provider <bound method BlockrIOBroadcaster.broadcast_tx of <cert_issuer.bitcoin.connectors.BlockrIOBroadcaster object at 0x7fbecc918e80>>. Trying another. Exception=Expecting value: line 1 column 1 (char 0)
Here is the json that gives this error: https://api.myjson.com/bins/bwvt3
Our ethereum connector code throws an error if the response status code is not 200.
Unfortunately, etherscan gives a 200 back even if there's an error on there end. The following is an example of an error being returned back from etherscan:
{‘jsonrpc’: ‘2.0’, ‘error’: {‘code’: -32010, ‘message’: ‘Insufficient funds. The account you tried to send transaction from does not have enough funds. Required 500000000000000 and got: 0.’}, ‘id’: 1}
Would be nice if we could throw and return the message. Otherwise, a INFO - Transaction ID obtained from broadcast through Etherscan: None
gets returned.
Some discussion on that here: https://community.blockcerts.org/t/no-transaction-occuring/1142
Because of the consistent issues popping up on the blockcerts forum over dependency conflicts (such as https://community.blockcerts.org/t/merkletools-pysha-dependency-conflict/1107), I've narrowed down the issue to PyChainpoint requiring a specific version of Merkletools that requires a specific pysha version that classes with other dependencies.
I've opened a ticket with PyChainpoint to use the latest version of Merkletools that would fix this dependency hell for us, but no response (lontivero/PyChainpoint#2)
We have a dockerfile script handle this for us automatically, but when people are running cert-issuer locally, across different environments, it's a pain to try to troubleshoot and deal with as a consumer.
I believe the only course of action to fix this dependency hell is to fork PyChainpoint and upload to pypi with a Requires.txt that has the latest version of Merkletools in it.
CMD - docker build -t bc/cert-issuer:1.0 .
Expected Result -
successful build...
Actual result -
Error response from daemon: Get https://registry-1.docker.io/v2/seegno/bitcoind/manifests/0.13-alpine: unauthorized: incorrect username or password
Env -
Os - MacOS X
Docker version - Docker version 18.03.1-ce
Python - 3.6
We first had to demote RLP to <1 since there was problems with the latest version of pyethereum.
However, pyethereum was updated and required a newer version of RLP to be compatible. I haven't had time to play around with which combination of dependencies work, but if we could investigate that and get the most up to date of both working again, that would be great. Currently we forced ethereum and RLP to be a specific version that we know works (issue #107).
Essentially, update dependencies, verify ethereum ropsten/mainnet certs still issue without exception. If not, then play around with combinations or leave as is until they are both cooperative again.
Hello,
By reading the MIT blog in https://medium.com/mit-media-lab/what-we-learned-from-designing-an-academic-certificates-system-on-the-blockchain-34ba5874f196, you mention that in version 2 you would use a Merkle for storage of certificates.
Since this tree would be a single transaction in the blockchain, how do you proceed when the user wants to add a new certificate? A new node is created with the existing node content plus the new data? How is the old node exluded from further validations?
Regards,
Cláudio Ramos
This assumes we're using the current style of Merkle tree batch issuance. Requires updating
This can be broken into several issues.
when i am executing the command :
cert-issuer -c /etc/cert-issuer/conf.ini
I am getting following errors:
WARNING:root:Your app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
INFO:root:Processing 0 certificates
INFO - Processing 0 certificates
INFO:root:Processing 0 certificates under work path=/etc/cert-issuer/work
INFO - Processing 0 certificates under work path=/etc/cert-issuer/work
INFO:root:Signing certificates...
INFO - Signing certificates...
INFO:root:Set cost constants to recommended_tx_fee=0.000600,min_per_output=0.000028,satoshi_per_byte=250
INFO - Set cost constants to recommended_tx_fee=0.000600,min_per_output=0.000028,satoshi_per_byte=250
INFO:root:Total cost will be 84250 satoshis
INFO - Total cost will be 84250 satoshis
INFO:root:Preparing certificate batch
INFO - Preparing certificate batch
INFO:root:Signing certificates
INFO - Signing certificates
INFO:root:Starting finalizable transaction signer
INFO - Starting finalizable transaction signer
WARNING:root:app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
WARNING - app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
INFO:root:Stopping finalizable transaction signer
INFO - Stopping finalizable transaction signer
WARNING:root:app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
WARNING - app is configured to skip the wifi check when the USB is plugged in. Read the documentation to ensure this is what you want, since this is less secure
INFO:root:Preparing certificate batch
INFO - Preparing certificate batch
INFO:root:Issuing the certificates on the blockchain
INFO - Issuing the certificates on the blockchain
Traceback (most recent call last):
File "/usr/bin/cert-issuer", line 11, in
load_entry_point('cert-issuer==0.0.7', 'console_scripts', 'cert-issuer')()
File "/usr/lib/python3.5/site-packages/cert_issuer/main.py", line 17, in cert_issuer_main
issue_certificates.main(parsed_config)
File "/usr/lib/python3.5/site-packages/cert_issuer/issue_certificates.py", line 67, in main
tx_id = issuer.issue_certificates()
File "/usr/lib/python3.5/site-packages/cert_issuer/issuer.py", line 114, in issue_certificates
tx_id = self.issue_on_blockchain()
File "/usr/lib/python3.5/site-packages/cert_issuer/issuer.py", line 43, in issue_on_blockchain
op_return_value_bytes = unhexlify(self.tree.get_merkle_root())
File "/usr/lib/python3.5/site-packages/cert_issuer/helpers.py", line 17, in unhexlify
def unhexlify(hex_string): return binascii.unhexlify(hex_string.encode('utf8'))
AttributeError: 'NoneType' object has no attribute 'encode'
I have followed the directions to setup the cert-issuer from source code and got to the step when I need to actually run 'python cert-issuer -c conf_ethtest.ini'. I get this error:
/usr/local/Cellar/python/3.6.5/Frameworks/Python.framework/Versions/3.6/Resources/Python.app/Contents/MacOS/Python: can't open file 'cert-issuer': [Errno 2] No such file or directory
I tried running form the root folder (cert-issuer) and from one folder up, same error. What am I missing?
When pushing a transaction to the bitcoin network, it's better to push through as many broadcasters as possible. The results are the same, and it can reduce the time to get a confirmation. Also, it will avoid failure in the issuing process if a single broadcaster is experiencing issues.
I requested digital certificate using cert-viewer repository but Im unable to issue the certificate, and it returns "Unhandled exception: localhost:27017: [Errno 111] Connection refused" on http://localhost:5000/request .
Suggest me what change I need to correct it.
I am trying to issue certificate on bitcoin testnet. I have created cert template based on https://github.com/blockchain-certificates/cert-tools.
When i try to run “cert-issuer -c conf.ini” these warning are shown after some hex values:
`WARNING - Caught exception trying provider <bound method BlockrIOBroadcaster.broadcast_tx of <cert_issuer.blockchain_handlers.bitcoin.connectors.BlockrIOBroadcaster object at 0x7fea30293cc0>>. Trying another. Exception=Expecting value: line 1 column 1 (char 0)
ERROR - Error broadcasting the transaction through the BlockExplorer API. Error msg: Missing inputs. Code:-25`
It seems like I am missing the input for the API but I am not sure which input and how do I change it. Any suggestion on how to solve this error?Thanks
e.g. ETHData
Getting this error: Not a valid certificate. Transaction occurred at time when issuing address was not considered valid.
@vocab works during template creation and certificate batch creation but fails the schema check during issuing.
Hello,
First off, thanks for the great work on the project. I started integrating with the system a week back and till now it has worked like charm.
I have few question before using it on mainnet:
a) For issuing on mainNet, link suggested method is to use USB. Any way I can overwrite this? What if I give a path to a cert-issuer directory like in regtest, will it still work?
b) Is the instruction given [here]((https://github.com/blockchain-certificates/cert-issuer/blob/master/docs/bitcoin_options.md) are latest? Asking this because first advanced docs link (Overview of issuing options) from Readme returns 404.
c) Can I just update docker generated conf.ini at /etc/cert-issuer/work to have mainnet as bitcoin_chain and other accounts id accordingly. Will it then make a transaction on mainnet? Because this doc suggest python cert-issuer -c conf.ini
if i have installed package. which method is more recommended docker or package installation?
Please let me know if this is not a right place to ask above question. I will delete it and post it where you will recommend.
Best,
Deep
Hi,
When running python setup.py experimental --blockchain=ethereum I'm stuck here, any idea ?
Installing collected packages: idna, urllib3, chardet, certifi, six, pycparser, cffi, enum34, asn1crypto, ipaddress, cryptography, pyOpenSSL, requests
Traceback (most recent call last):
File "setup.py", line 70, in <module>
packages=find_packages()
File "/usr/lib/python2.7/distutils/core.py", line 151, in setup
dist.run_commands()
File "/usr/lib/python2.7/distutils/dist.py", line 953, in run_commands
self.run_command(cmd)
File "/usr/lib/python2.7/distutils/dist.py", line 972, in run_command
cmd_obj.run()
File "setup.py", line 44, in run
install(reqs)
File "setup.py", line 48, in install
subprocess.check_call([sys.executable, '-m', 'pip', 'install', package])
File "/usr/lib/python2.7/subprocess.py", line 186, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/usr/bin/python', '-m', 'pip', 'install', 'requests[security]>=2.18.4\n']' returned non-zero exit status -11
If of any help, running python -m requests.help gives me:
{
"chardet": {
"version": "3.0.4"
},
"cryptography": {
"version": "2.2.2"
},
"idna": {
"version": "2.7"
},
"implementation": {
"name": "CPython",
"version": "2.7.13"
},
"platform": {
"release": "4.9.0-6-amd64",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "1010008f",
"version": "18.0.0"
},
"requests": {
"version": "2.19.1"
},
"system_ssl": {
"version": "1010006f"
},
"urllib3": {
"version": "1.23"
},
"using_pyopenssl": true
}
When running cert-issuer in a local environment (virtual or otherwise) or an IDE, the error Module not found: bitcoin.rpc
is a frequent occurrence. This does not happen in the Docker build. This also happens with Ethereum libraries.
The reason for this is that we have a couple of submodules named bitcoin
and ethereum
, the purpose of which is to act as drivers for our interoperation with existing third-party libraries. Whenever they are referenced from within the module context, they are called cert_issuer.bitcoin
and cert_issuer.ethereum
, which yields no collision. However, when running from an IDE, the cert_issuer
prefix gets stripped off, resulting in the submodules being referenced as root-level modules named bitcoin
and ethereum
. The result is a namespace conflict and in the case of Python's module resolution, the first on the PYTHONPATH wins.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.