diff options
| author | stephanchrst <stephanchrst@gmail.com> | 2022-05-10 21:51:50 +0700 |
|---|---|---|
| committer | stephanchrst <stephanchrst@gmail.com> | 2022-05-10 21:51:50 +0700 |
| commit | 3751379f1e9a4c215fb6eb898b4ccc67659b9ace (patch) | |
| tree | a44932296ef4a9b71d5f010906253d8c53727726 /addons/l10n_it_edi/tools | |
| parent | 0a15094050bfde69a06d6eff798e9a8ddf2b8c21 (diff) | |
initial commit 2
Diffstat (limited to 'addons/l10n_it_edi/tools')
| -rw-r--r-- | addons/l10n_it_edi/tools/__init__.py | 4 | ||||
| -rw-r--r-- | addons/l10n_it_edi/tools/remove_signature.py | 47 |
2 files changed, 51 insertions, 0 deletions
diff --git a/addons/l10n_it_edi/tools/__init__.py b/addons/l10n_it_edi/tools/__init__.py new file mode 100644 index 00000000..8fee2c73 --- /dev/null +++ b/addons/l10n_it_edi/tools/__init__.py @@ -0,0 +1,4 @@ +# -*- coding: utf-8 -*- +# Part of Odoo. See LICENSE file for full copyright and licensing details. + +from . import remove_signature diff --git a/addons/l10n_it_edi/tools/remove_signature.py b/addons/l10n_it_edi/tools/remove_signature.py new file mode 100644 index 00000000..1816b7fd --- /dev/null +++ b/addons/l10n_it_edi/tools/remove_signature.py @@ -0,0 +1,47 @@ +# -*- coding:utf-8 -*- +# Part of Odoo. See LICENSE file for full copyright and licensing details. + +import logging +import warnings + +_logger = logging.getLogger(__name__) + +try: + from OpenSSL import crypto as ssl_crypto + import OpenSSL._util as ssl_util +except ImportError: + ssl_crypto = None + _logger.warning("Cannot import library 'OpenSSL' for PKCS#7 envelope extraction.") + + +def remove_signature(content): + """ Remove the PKCS#7 envelope from given content, making a '.xml.p7m' file content readable as it was '.xml'. + As OpenSSL may not be installed, in that case a warning is issued and None is returned. """ + + # Prevent using the library if it had import errors + if not ssl_crypto: + _logger.warning("Error reading the content, check if the OpenSSL library is installed for for PKCS#7 envelope extraction.") + return None + + # Load some tools from the library + null = ssl_util.ffi.NULL + verify = ssl_util.lib.PKCS7_verify + + # By default ignore the validity of the certificates, just validate the structure + flags = ssl_util.lib.PKCS7_NOVERIFY | ssl_util.lib.PKCS7_NOSIGS + + # Read the signed data fron the content + out_buffer = ssl_crypto._new_mem_buf() + + # This method is deprecated, but there are actually no alternatives + with warnings.catch_warnings(): + warnings.filterwarnings("ignore", category=DeprecationWarning) + loaded_data = ssl_crypto.load_pkcs7_data(ssl_crypto.FILETYPE_ASN1, content) + + # Verify the signature + if verify(loaded_data._pkcs7, null, null, null, out_buffer, flags) != 1: + ssl_crypto._raise_current_error() + + # Get the content as a byte-string + decoded_content = ssl_crypto._bio_to_string(out_buffer) + return decoded_content |