summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYour Name <you@example.com>2020-06-20 21:25:57 +0100
committerYour Name <you@example.com>2020-06-20 21:25:57 +0100
commit0eee65487bd54561244704b8d65cd971f9cd580f (patch)
tree087e8e08c3ef4f19b3f4939a3b35f132cd4aca6c
downloadmitmproxy-pq-0eee65487bd54561244704b8d65cd971f9cd580f.tar.gz
mitmproxy-pq-0eee65487bd54561244704b8d65cd971f9cd580f.tar.bz2
mitmproxy-pq-0eee65487bd54561244704b8d65cd971f9cd580f.zip
fish
-rw-r--r--master/pkcs1131
-rw-r--r--master/series1
2 files changed, 32 insertions, 0 deletions
diff --git a/master/pkcs11 b/master/pkcs11
new file mode 100644
index 0000000..30cb486
--- /dev/null
+++ b/master/pkcs11
@@ -0,0 +1,31 @@
+diff --git a/mitmproxy/net/tls.py b/mitmproxy/net/tls.py
+index 4c0f1d6b..c5062272 100644
+--- a/mitmproxy/net/tls.py
++++ b/mitmproxy/net/tls.py
+@@ -296,7 +296,25 @@ def create_client_context(
+ # Client Certs
+ if cert:
+ try:
+- context.use_privatekey_file(cert)
++ if os.path.exists(cert + ".pkcs11" ):
++ with open(cert + ".pkcs11", 'r') as f:
++ pkcs11_url = f.read()
++
++ pkcs11_url = pkcs11_url.rstrip("\n");
++
++ engine = SSL._lib.ENGINE_by_id( b"pkcs11" )
++ SSL._lib.ENGINE_init(engine)
++
++ _pkey = SSL._lib.ENGINE_load_private_key( engine, bytes(pkcs11_url, 'ascii'), SSL._ffi.NULL, SSL._ffi.NULL )
++
++ pkey = SSL.PKey()
++ pkey._pkey = _pkey
++ pkey._initialized = True
++
++ context.use_privatekey(pkey)
++ else:
++ context.use_privatekey_file(cert)
++
+ context.use_certificate_chain_file(cert)
+ except SSL.Error as v:
+ raise exceptions.TlsException("SSL client certificate error: %s" % str(v))
diff --git a/master/series b/master/series
new file mode 100644
index 0000000..d5b8e2c
--- /dev/null
+++ b/master/series
@@ -0,0 +1 @@
+pkcs11