search

knowark / facturark

Facturación Electrónica en Python
GNU Lesser General Public License v3.0
3 stars 4 forks source link

Imp work with unencrypted pem certificates #25

Open blaggacao opened 5 years ago

blaggacao commented 5 years ago

Instead transform the p12 files into passwordless PEM data, eg: openssl pkcs12 -in persona_juridica_pruebas_vigente.p12 -out newfile.pem --passin pass:persona_juridica_pruebas -nokeys -clcerts

-nokeys           Don't output private keys
-clcerts          Only output client certificates

That's exactly the certificate as needed and consumed by

It seems that p12 does not work properly. It gives an OpenSSL lib error.

blaggacao commented 5 years ago

As it seems Andes pkcs12 certificates are latin-1 encoded, wtf?

blaggacao commented 5 years ago

Generating pem cert and key is exactly 2 commands away, for using a better supported standard and dropping OpenSSL, I guess it's worth it.

openssl pkcs12 -in certificate.p12 -out cert.pem -nokeys -clcerts
openssl pkcs12 -in certificate.p12 -out key.pem -nodes -nocerts
blaggacao commented 5 years ago

If there really is a need to support PKCS12 out of this library, let's rather do a wrapper? I feel handling such old format within the interiors of the library does cry for problems...

blaggacao commented 5 years ago

Why all this? Because someone like Andes has obscure latin-1 encoding as their .p12 encoding which I guess is not handled gracefully by Odoo Binary fields. With PEM, we handle plain text instead.

codecov[bot] commented 5 years ago

Codecov Report

Merging #25 into master will decrease coverage by 0.2%. The diff coverage is 91.66%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master      #25      +/-   ##
==========================================
- Coverage     100%   99.79%   -0.21%     
==========================================
  Files          94       94              
  Lines        1954     1978      +24     
  Branches       96       99       +3     
==========================================
+ Hits         1954     1974      +20     
- Misses          0        2       +2     
- Partials        0        2       +2
Impacted Files Coverage Δ
facturark/signer/encrypter.py 100% <100%> (ø) :arrow_up:
facturark/api.py 100% <100%> (ø) :arrow_up:
facturark/__main__.py 100% <100%> (ø) :arrow_up:
facturark/signer/resolver.py 100% <100%> (ø) :arrow_up:
facturark/signer/signer.py 97.64% <90%> (-2.36%) :arrow_down:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 50cbf98...5a806ec. Read the comment docs.

blaggacao commented 5 years ago

@tebanep I guess the test diff is due to the back port from cryptography==2.5, there is no sense at all in covering it with unit tests. It can be just removed after cryptography==2.5 will be released.