From 38c9c676afc16248b3bd9faffd277d0a2851754c Mon Sep 17 00:00:00 2001
From: Mauricio Baeza <elmau@correolibre.net>
Date: Thu, 31 Dec 2020 00:06:50 -0600
Subject: [PATCH] Remove old class cert

---
 source/app/controllers/util.py | 151 ---------------------------------
 1 file changed, 151 deletions(-)

diff --git a/source/app/controllers/util.py b/source/app/controllers/util.py
index 4465cfa..e6d4505 100644
--- a/source/app/controllers/util.py
+++ b/source/app/controllers/util.py
@@ -395,157 +395,6 @@ def to_slug(string):
     return value.replace(' ', '_')
 
 
-class Certificado(object):
-
-    def __init__(self, paths):
-        self._path_key = paths['path_key']
-        self._path_cer = paths['path_cer']
-        self._modulus = ''
-        self.error = ''
-
-    def _kill(self, path):
-        try:
-            os.remove(path)
-        except:
-            pass
-        return
-
-    def _get_info_cer(self, session_rfc):
-        data = {}
-        args = 'openssl x509 -inform DER -in {}'
-        try:
-            cer_pem = _call(args.format(self._path_cer))
-        except Exception as e:
-            self.error = 'No se pudo convertir el CER en PEM'
-            return data
-
-        args = 'openssl enc -base64 -in {}'
-        try:
-            cer_txt = _call(args.format(self._path_cer))
-        except Exception as e:
-            self.error = 'No se pudo convertir el CER en TXT'
-            return data
-
-        args = 'openssl x509 -inform DER -in {} -noout -{}'
-        try:
-            result = _call(args.format(self._path_cer, 'purpose')).split('\n')[3]
-        except Exception as e:
-            self.error = 'No se puede saber si es FIEL'
-            return data
-
-        if result == 'SSL server : No':
-            self.error = 'El certificado es FIEL'
-            return data
-
-        result = _call(args.format(self._path_cer, 'serial'))
-        serie = result.split('=')[1].split('\n')[0][1::2]
-        result = _call(args.format(self._path_cer, 'subject'))
-        #~ Verificar si es por la version de OpenSSL
-        t1 = 'x500UniqueIdentifier = '
-        t2 = 'x500UniqueIdentifier='
-        if t1 in result:
-            rfc = result.split(t1)[1][:13].strip()
-        elif t2 in result:
-            rfc = result.split(t2)[1][:13].strip()
-        else:
-            self.error = 'No se pudo obtener el RFC del certificado'
-            print ('\n', result)
-            return data
-
-        if not DEBUG:
-            if not rfc == session_rfc:
-                self.error = 'El RFC del certificado no corresponde.'
-                return data
-
-        dates = _call(args.format(self._path_cer, 'dates')).split('\n')
-        desde  = parser.parse(dates[0].split('=')[1])
-        hasta  = parser.parse(dates[1].split('=')[1])
-        self._modulus = _call(args.format(self._path_cer, 'modulus'))
-
-        data['cer'] = read_file(self._path_cer)
-        data['cer_pem'] = cer_pem
-        data['cer_txt'] = cer_txt.replace('\n', '')
-        data['serie'] = serie
-        data['rfc'] = rfc
-        data['desde'] = desde.replace(tzinfo=None)
-        data['hasta'] = hasta.replace(tzinfo=None)
-        return data
-
-    def _get_p12(self, password, rfc, token):
-        tmp_cer = tempfile.mkstemp()[1]
-        tmp_key = tempfile.mkstemp()[1]
-        tmp_p12 = tempfile.mkstemp()[1]
-
-        args = 'openssl x509 -inform DER -in "{}" -out "{}"'
-        _call(args.format(self._path_cer, tmp_cer))
-        args = 'openssl pkcs8 -inform DER -in "{}" -passin pass:"{}" -out "{}"'
-        _call(args.format(self._path_key, password, tmp_key))
-
-        args = 'openssl pkcs12 -export -in "{}" -inkey "{}" -name "{}" ' \
-            '-passout pass:"{}" -out "{}"'
-        _call(args.format(tmp_cer, tmp_key, rfc, token, tmp_p12))
-        data = read_file(tmp_p12)
-
-        self._kill(tmp_cer)
-        self._kill(tmp_key)
-        self._kill(tmp_p12)
-
-        return data
-
-    def _get_info_key(self, password, rfc, token):
-        data = {}
-
-        args = 'openssl pkcs8 -inform DER -in "{}" -passin pass:"{}"'
-        try:
-            result = _call(args.format(self._path_key, password))
-        except Exception as e:
-            self.error = 'Contraseña incorrecta'
-            return data
-
-        args = 'openssl pkcs8 -inform DER -in "{}" -passin pass:"{}" | ' \
-            'openssl rsa -noout -modulus'
-        mod_key = _call(args.format(self._path_key, password))
-
-        if self._modulus != mod_key:
-            self.error = 'Los archivos no son pareja'
-            return data
-
-        args = "openssl pkcs8 -inform DER -in '{}' -passin pass:'{}' | " \
-            "openssl rsa -des3 -passout pass:'{}'".format(
-            self._path_key, password, token)
-        key_enc = _call(args)
-
-        data['key'] = read_file(self._path_key)
-        data['key_enc'] = key_enc
-        data['p12'] = self._get_p12(password, rfc, token)
-        return data
-
-    def validate(self, password, rfc, auth):
-        token =  _get_md5(rfc)
-        if USAR_TOKEN:
-            token = auth['PASS']
-            if AUTH['DEBUG']:
-                token = AUTH['PASS']
-
-        if not self._path_key or not self._path_cer:
-            self.error = 'Error en las rutas temporales del certificado'
-            return {}
-
-        data = self._get_info_cer(rfc)
-        if not data:
-            return {}
-
-        llave = self._get_info_key(password, rfc, token)
-        if not llave:
-            return {}
-
-        data.update(llave)
-
-        self._kill(self._path_key)
-        self._kill(self._path_cer)
-        return data
-
-
 def make_xml(data, certificado):
     from .cfdi_xml import CFDI