Rooba
/
mitmproxy
mirror of https://github.com/mitmproxy/mitmproxy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

python3++

This commit is contained in:
Maximilian Hils 2015-09-18 15:38:31 +02:00
parent 7b6b157547
commit d1904c2f52
1 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
netlib/certutils.py
View File

@ -12,7 +12,7 @@ import OpenSSL
DEFAULT_EXP = 157680000 # = 24 * 60 * 60 * 365 * 5 DEFAULT_EXP = 157680000 # = 24 * 60 * 60 * 365 * 5
# Generated with "openssl dhparam". It's too slow to generate this on startup. # Generated with "openssl dhparam". It's too slow to generate this on startup.
DEFAULT_DHPARAM = """ DEFAULT_DHPARAM = b"""
-----BEGIN DH PARAMETERS----- -----BEGIN DH PARAMETERS-----
MIICCAKCAgEAyT6LzpwVFS3gryIo29J5icvgxCnCebcdSe/NHMkD8dKJf8suFCg3 MIICCAKCAgEAyT6LzpwVFS3gryIo29J5icvgxCnCebcdSe/NHMkD8dKJf8suFCg3
O2+dguLakSVif/t6dhImxInJk230HmfC8q93hdcg/j8rLGJYDKu3ik6H//BAHKIv O2+dguLakSVif/t6dhImxInJk230HmfC8q93hdcg/j8rLGJYDKu3ik6H//BAHKIv
@ -43,29 +43,29 @@ def create_ca(o, cn, exp):
cert.set_pubkey(key) cert.set_pubkey(key)
cert.add_extensions([ cert.add_extensions([
OpenSSL.crypto.X509Extension( OpenSSL.crypto.X509Extension(
"basicConstraints", b"basicConstraints",
True, True,
"CA:TRUE" b"CA:TRUE"
), ),
OpenSSL.crypto.X509Extension( OpenSSL.crypto.X509Extension(
"nsCertType", b"nsCertType",
False, False,
"sslCA" b"sslCA"
), ),
OpenSSL.crypto.X509Extension( OpenSSL.crypto.X509Extension(
"extendedKeyUsage", b"extendedKeyUsage",
False, False,
"serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC" b"serverAuth,clientAuth,emailProtection,timeStamping,msCodeInd,msCodeCom,msCTLSign,msSGC,msEFS,nsSGC"
), ),
OpenSSL.crypto.X509Extension( OpenSSL.crypto.X509Extension(
"keyUsage", b"keyUsage",
True, True,
"keyCertSign, cRLSign" b"keyCertSign, cRLSign"
), ),
OpenSSL.crypto.X509Extension( OpenSSL.crypto.X509Extension(
"subjectKeyIdentifier", b"subjectKeyIdentifier",
False, False,
"hash", b"hash",
subject=cert subject=cert
), ),
]) ])
@ -103,7 +103,7 @@ def dummy_cert(privkey, cacert, commonname, sans):
if ss: if ss:
cert.set_version(2) cert.set_version(2)
cert.add_extensions( cert.add_extensions(
[OpenSSL.crypto.X509Extension("subjectAltName", False, ss)]) [OpenSSL.crypto.X509Extension(b"subjectAltName", False, ss)])
cert.set_pubkey(cacert.get_pubkey()) cert.set_pubkey(cacert.get_pubkey())
cert.sign(privkey, "sha256") cert.sign(privkey, "sha256")
return SSLCert(cert) return SSLCert(cert)
@ -291,14 +291,14 @@ class CertStore(object):
@staticmethod @staticmethod
def asterisk_forms(dn): def asterisk_forms(dn):
parts = dn.split(".") parts = dn.split(b".")
parts.reverse() parts.reverse()
curr_dn = "" curr_dn = b""
dn_forms = ["*"] dn_forms = [b"*"]
for part in parts[:-1]: for part in parts[:-1]:
curr_dn = "." + part + curr_dn # .example.com curr_dn = b"." + part + curr_dn # .example.com
dn_forms.append("*" + curr_dn) # *.example.com dn_forms.append(b"*" + curr_dn) # *.example.com
if parts[-1] != "*": if parts[-1] != b"*":
dn_forms.append(parts[-1] + curr_dn) dn_forms.append(parts[-1] + curr_dn)
return dn_forms return dn_forms
@ -430,7 +430,7 @@ class SSLCert(object):
def cn(self): def cn(self):
c = None c = None
for i in self.subject: for i in self.subject:
if i[0] == "CN": if i[0] == b"CN":
c = i[1] c = i[1]
return c return c
@ -439,7 +439,7 @@ class SSLCert(object):
altnames = [] altnames = []
for i in range(self.x509.get_extension_count()): for i in range(self.x509.get_extension_count()):
ext = self.x509.get_extension(i) ext = self.x509.get_extension(i)
if ext.get_short_name() == "subjectAltName": if ext.get_short_name() == b"subjectAltName":
try: try:
dec = decode(ext.get_data(), asn1Spec=_GeneralNames()) dec = decode(ext.get_data(), asn1Spec=_GeneralNames())
except PyAsn1Error: except PyAsn1Error: