diff options
author | Your Name <you@example.com> | 2020-06-20 21:25:57 +0100 |
---|---|---|
committer | Your Name <you@example.com> | 2020-06-20 21:25:57 +0100 |
commit | 0eee65487bd54561244704b8d65cd971f9cd580f (patch) | |
tree | 087e8e08c3ef4f19b3f4939a3b35f132cd4aca6c | |
download | mitmproxy-pq-0eee65487bd54561244704b8d65cd971f9cd580f.tar.gz mitmproxy-pq-0eee65487bd54561244704b8d65cd971f9cd580f.tar.bz2 mitmproxy-pq-0eee65487bd54561244704b8d65cd971f9cd580f.zip |
fish
-rw-r--r-- | master/pkcs11 | 31 | ||||
-rw-r--r-- | master/series | 1 |
2 files changed, 32 insertions, 0 deletions
diff --git a/master/pkcs11 b/master/pkcs11 new file mode 100644 index 0000000..30cb486 --- /dev/null +++ b/master/pkcs11 @@ -0,0 +1,31 @@ +diff --git a/mitmproxy/net/tls.py b/mitmproxy/net/tls.py +index 4c0f1d6b..c5062272 100644 +--- a/mitmproxy/net/tls.py ++++ b/mitmproxy/net/tls.py +@@ -296,7 +296,25 @@ def create_client_context( + # Client Certs + if cert: + try: +- context.use_privatekey_file(cert) ++ if os.path.exists(cert + ".pkcs11" ): ++ with open(cert + ".pkcs11", 'r') as f: ++ pkcs11_url = f.read() ++ ++ pkcs11_url = pkcs11_url.rstrip("\n"); ++ ++ engine = SSL._lib.ENGINE_by_id( b"pkcs11" ) ++ SSL._lib.ENGINE_init(engine) ++ ++ _pkey = SSL._lib.ENGINE_load_private_key( engine, bytes(pkcs11_url, 'ascii'), SSL._ffi.NULL, SSL._ffi.NULL ) ++ ++ pkey = SSL.PKey() ++ pkey._pkey = _pkey ++ pkey._initialized = True ++ ++ context.use_privatekey(pkey) ++ else: ++ context.use_privatekey_file(cert) ++ + context.use_certificate_chain_file(cert) + except SSL.Error as v: + raise exceptions.TlsException("SSL client certificate error: %s" % str(v)) diff --git a/master/series b/master/series new file mode 100644 index 0000000..d5b8e2c --- /dev/null +++ b/master/series @@ -0,0 +1 @@ +pkcs11 |