diff --git a/l10n_br_fiscal/__manifest__.py b/l10n_br_fiscal/__manifest__.py index a17caf5d81e8..02c72e638818 100644 --- a/l10n_br_fiscal/__manifest__.py +++ b/l10n_br_fiscal/__manifest__.py @@ -110,7 +110,7 @@ "python": [ "erpbrasil.base", "erpbrasil.assinatura", - "OpenSSL", + "cryptography", ] }, } diff --git a/l10n_br_fiscal/tools/misc.py b/l10n_br_fiscal/tools/misc.py index 59c76b65b0bd..d728f38f9387 100644 --- a/l10n_br_fiscal/tools/misc.py +++ b/l10n_br_fiscal/tools/misc.py @@ -2,12 +2,20 @@ # Copyright (C) 2014 KMEE - www.kmee.com.br # License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html +import datetime import logging import os from base64 import b64encode +from cryptography import x509 +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric import rsa +from cryptography.hazmat.primitives.serialization import BestAvailableEncryption +from cryptography.hazmat.primitives.serialization.pkcs12 import ( + serialize_key_and_certificates, +) +from cryptography.x509.oid import NameOID from erpbrasil.base.misc import punctuation_rm -from OpenSSL import crypto from odoo.tools import config @@ -74,36 +82,63 @@ def create_fake_certificate_file(valid, passwd, issuer, country, subject): :param subject: Some string: CERTIFICADO VALIDO TESTE :return: base64 file """ - key = crypto.PKey() - key.generate_key(crypto.TYPE_RSA, 2048) + private_key = rsa.generate_private_key( + public_exponent=65537, + key_size=2048, + ) + + public_key = private_key.public_key() + builder = x509.CertificateBuilder() + + builder = builder.subject_name( + x509.Name( + [ + x509.NameAttribute(NameOID.COMMON_NAME, subject), + x509.NameAttribute(NameOID.COUNTRY_NAME, country), + ] + ) + ) + + builder = builder.issuer_name( + x509.Name( + [ + x509.NameAttribute(NameOID.COMMON_NAME, issuer), + x509.NameAttribute(NameOID.COUNTRY_NAME, country), + ] + ) + ) + + one_year = datetime.timedelta(365, 0, 0) + today = datetime.datetime.today() - cert = crypto.X509() - - cert.get_issuer().C = country - cert.get_issuer().CN = issuer + if valid: + time_before = today + time_after = today + one_year + else: + time_before = today - one_year + time_after = today - cert.get_subject().C = country - cert.get_subject().CN = subject + builder = builder.not_valid_before(time_before) + builder = builder.not_valid_after(time_after) - cert.set_serial_number(2009) + builder = builder.serial_number(2009) - if valid: - time_before = 0 - time_after = 365 * 24 * 60 * 60 - else: - time_before = -1 * (365 * 24 * 60 * 60) - time_after = 0 + builder = builder.public_key(public_key) - cert.gmtime_adj_notBefore(time_before) - cert.gmtime_adj_notAfter(time_after) - cert.set_pubkey(key) - cert.sign(key, "md5") + certificate = builder.sign( + private_key=private_key, + algorithm=hashes.MD5(), + ) - p12 = crypto.PKCS12() - p12.set_privatekey(key) - p12.set_certificate(cert) + p12 = serialize_key_and_certificates( + name=subject.encode(), + key=private_key, + cert=certificate, + cas=None, + encryption_algorithm=BestAvailableEncryption(passwd.encode()), + ) - return b64encode(p12.export(passwd)) + return b64encode(p12) def path_edoc_company(company_id): diff --git a/requirements.txt b/requirements.txt index db8bf59a3b5c..606ab43477a2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,7 +1,7 @@ # generated from manifests external_dependencies +cryptography erpbrasil.assinatura erpbrasil.base nfelib num2words odoo_test_helper -pyOpenSSL