From 999428de519227d0c129ee1887c42196e017ead7 Mon Sep 17 00:00:00 2001 From: Danimar Ribeiro Date: Mon, 8 Aug 2016 09:47:46 -0300 Subject: [PATCH] Change nfse to use signxml 2.0 --- pytrustnfe/certificado.py | 1 - pytrustnfe/nfe/assinatura.py | 12 +++++++----- pytrustnfe/nfse/paulistana/__init__.py | 18 ++++++++++-------- 3 files changed, 17 insertions(+), 14 deletions(-) diff --git a/pytrustnfe/certificado.py b/pytrustnfe/certificado.py index 724912d..a4f0241 100644 --- a/pytrustnfe/certificado.py +++ b/pytrustnfe/certificado.py @@ -25,7 +25,6 @@ def extract_cert_and_key_from_pfx(pfx, password): return cert, key - def save_cert_key(cert, key): cert_temp = '/tmp/' + uuid4().hex key_temp = '/tmp/' + uuid4().hex diff --git a/pytrustnfe/nfe/assinatura.py b/pytrustnfe/nfe/assinatura.py index 7754ab2..2b4a53f 100644 --- a/pytrustnfe/nfe/assinatura.py +++ b/pytrustnfe/nfe/assinatura.py @@ -39,13 +39,15 @@ def assinar(xml, cert, key, reference): parent.remove(elem) element = xml.find('{' + xml.nsmap[None] + '}NFe') - signer = XMLSigner(digest_algorithm=u'sha1',signature_algorithm="rsa-sha1", - method=methods.enveloped, - c14n_algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315') + signer = XMLSigner( + digest_algorithm=u'sha1', signature_algorithm="rsa-sha1", + method=methods.enveloped, + c14n_algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315') ns = {} ns[None] = signer.namespaces['ds'] signer.namespaces = ns - signed_root = signer.sign(element, key=str(key), cert=cert, reference_uri=reference) + signed_root = signer.sign(element, key=str(key), cert=cert, + reference_uri=reference) xml.remove(element) xml.append(signed_root) @@ -96,7 +98,7 @@ class Assinatura(object): keyInfoNode = signNode.ensureKeyInfo() keyInfoNode.addX509Data() - dsig_ctx = xmlsec.DSigCtx() + dsig_ctx = xmlsec.DSigCtx() chave = xmlsec.cryptoAppKeyLoad(filename=str(self.arquivo), format=xmlsec.KeyDataFormatPkcs12, pwd=str(self.senha), diff --git a/pytrustnfe/nfse/paulistana/__init__.py b/pytrustnfe/nfse/paulistana/__init__.py index 7bc1a87..6675605 100644 --- a/pytrustnfe/nfse/paulistana/__init__.py +++ b/pytrustnfe/nfse/paulistana/__init__.py @@ -5,10 +5,10 @@ from uuid import uuid4 from lxml import etree from pytrustnfe.xml import render_xml, valida_schema, sanitize_response from pytrustnfe.client import get_authenticated_client -from pytrustnfe.certificado import converte_pfx_pem, save_cert_key +from pytrustnfe.certificado import extract_cert_and_key_from_pfx, save_cert_key -from signxml import xmldsig +from signxml import XMLSigner from signxml import methods @@ -19,17 +19,18 @@ def sign_xml(xml, cert, key): root = etree.Element('root') rps = elem.find('RPS') - signer = xmldsig(rps, digest_algorithm=u'sha1') + signer = XMLSigner( + digest_algorithm=u'sha1', signature_algorithm="rsa-sha1", + method=methods.enveloped, + c14n_algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315') ns = {} ns[None] = signer.namespaces['ds'] signer.namespaces = ns - signed_root = signer.sign( - key=str(key), cert=cert, - algorithm="rsa-sha1", method=methods.enveloped, - c14n_algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315') + signed_root = signer.sign(rps, key=str(key), cert=cert) root.append( signed_root.find('{http://www.w3.org/2000/09/xmldsig#}Signature')) + elem.remove(rps) elem.append(signed_root) elem.append(root.find('{http://www.w3.org/2000/09/xmldsig#}Signature')) return etree.tostring(elem) @@ -44,7 +45,8 @@ def _send(certificado, method, **kwargs): xml = render_xml(path, '%s.xml' % method, **kwargs) base_url = 'https://nfe.prefeitura.sp.gov.br/ws/lotenfe.asmx?wsdl' - cert, key = converte_pfx_pem(certificado.pfx, certificado.password) + cert, key = extract_cert_and_key_from_pfx( + certificado.pfx, certificado.password) cert_path, key_path = save_cert_key(cert, key) client = get_authenticated_client(base_url, cert_path, key_path)