Changeset 73
- Timestamp:
- 11/12/14 15:19:33 (10 years ago)
- Location:
- trunk/bin
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bin/bletchley-clonecertchain
r72 r73 1 1 #!/usr/bin/env python3 2 2 #-*- mode: Python;-*- 3 # 3 4 # Requires Python 3+ 5 4 6 5 7 ''' … … 188 190 description="An experimental script which attempts to clone an SSL server's" 189 191 " entire certificate chain, ideally altering only the keys and signatures" 190 " along the way. The script prints results to stdout, starting with a P EM"192 " along the way. The script prints results to stdout, starting with a PKCS7 (PEM)" 191 193 " key (the fake server private key) followed by the newly forged certificate" 192 194 " chain, also in PEM format. (The new intermediate and root private keys are" 193 " not currently printed, but will likely be somehow avail ble in a future"195 " not currently printed, but will likely be somehow available in a future" 194 196 " version.)") 195 197 196 198 parser.add_argument('host', nargs=1, default=None, 197 199 help='IP address or host name of server') 198 parser.add_argument('port', nargs='?', default=443,200 parser.add_argument('port', nargs='?', type=int, default=443, 199 201 help='TCP port number of SSL service (default: 443)') 202 parser.add_argument( 203 '--p12', dest='p12_filename', type=str, required=False, default=None, 204 help='If specified, a PKCS12 file will be written with the generated certificates' 205 ' and server key (in addition to normal PKCS7 output). NOTE: the file specified' 206 ' will be overwritten without prompting if it already exists.') 207 parser.add_argument( 208 '--p12password', dest='p12_password', type=str, required=False, default='bletchley', 209 help='If specified along with the --p12 argument, the PKCS12 file will use this password' 210 ' to encrypt the server private key. (Otherwise, the password "bletchley" is used).') 200 211 options = parser.parse_args() 201 212 … … 214 225 for c in fake_chain: 215 226 print(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, c).decode('utf-8')) 227 228 if options.p12_filename: 229 p12_file = open(options.p12_filename, 'w+b') 230 231 p12 = OpenSSL.crypto.PKCS12() 232 p12.set_ca_certificates(fake_chain[1:]) 233 p12.set_privatekey(fake_key) 234 p12.set_certificate(fake_chain[0]) 235 236 p12_file.write(p12.export(passphrase=options.p12_password.encode('utf-8'))) 237 p12_file.close() -
trunk/bin/bletchley-decode
r40 r73 1 1 #!/usr/bin/env python3 2 2 #-*- mode: Python;-*- 3 # 3 4 # Requires Python 3+ 4 5 -
trunk/bin/bletchley-http2py
r71 r73 1 1 #!/usr/bin/env python3 2 2 #-*- mode: Python;-*- 3 # 3 4 # Requires Python 3+ 4 5
Note: See TracChangeset
for help on using the changeset viewer.