From 02df5b5eed8b0f9f79b85eea8e9e4d6be291e98b Mon Sep 17 00:00:00 2001
From: Junior Tada <junior_xaxim@yahoo.com.br>
Date: Wed, 29 Jul 2015 16:24:49 -0300
Subject: [PATCH] teste assinatura via xmlsec1

---
 pynfe/processamento/assinatura.py   | 39 +++++++++++++++++++++++--------------
 pynfe/processamento/serializacao.py |  9 +++++++--
 2 files changed, 31 insertions(+), 17 deletions(-)

diff --git a/pynfe/processamento/assinatura.py b/pynfe/processamento/assinatura.py
index 28f5d49..d75ddde 100644
--- a/pynfe/processamento/assinatura.py
+++ b/pynfe/processamento/assinatura.py
@@ -5,6 +5,7 @@ from OpenSSL import crypto
 from pynfe.utils import etree
 from pynfe.entidades.certificado import CertificadoA1
 from pynfe.utils.flags import NAMESPACE_NFE, NAMESPACE_SIG
+import subprocess
 
 
 class Assinatura(object):
@@ -24,26 +25,34 @@ class Assinatura(object):
 
 class AssinaturaA1(Assinatura):
     """Classe responsavel por efetuar a assinatura do certificado
-    digital no XML informado. Passar XML como string."""
+    digital no XML informado."""
 
     def assinar(self, xml, retorna_string=False):
         try:
-            arquivo_cert = CertificadoA1(self.certificado)
-            chave, cert = arquivo_cert.separar_arquivo(self.senha, caminho=False)
-            
-            signer = signxml.xmldsig(xml, digest_algorithm="sha1")
-            signer.sign(method=signxml.methods.enveloped, key=chave, cert=cert,
-                        algorithm="rsa-sha1", c14n_algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315')
-            #signer.verify()
-            # reference_uri nao funciona
-            #verified_data = signer.verify(require_x509=True, ca_pem_file="cert.pem")
-
-            ##chave_id = xml.find('.//infNFe[@Id]').attrib['Id']
-            xml.findall('.//{http://www.w3.org/2000/09/xmldsig#}Reference')[0] \
-                .attrib['URI'] = '#'+xml.findall('infNFe')[0].attrib['Id']
+            # No raiz do XML de saida
+            raiz = etree.Element('Signature', xmlns='http://www.w3.org/2000/09/xmldsig#')
+            siginfo = etree.SubElement(raiz, 'SignedInfo')
+            etree.SubElement(siginfo, 'CanonicalizationMethod', Algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315')
+            etree.SubElement(siginfo, 'SignatureMethod', Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1')
+            ref = etree.SubElement(siginfo, 'Reference', URI='#'+xml.findall('infNFe')[0].attrib['Id'])
+            trans = etree.SubElement(ref, 'Transforms')
+            etree.SubElement(trans, 'Transform', Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature')
+            etree.SubElement(trans, 'Transform', Algorithm='http://www.w3.org/TR/2001/REC-xml-c14n-20010315')
+            etree.SubElement(ref, 'DigestMethod', Algorithm='http://www.w3.org/2000/09/xmldsig#sha1')
+            etree.SubElement(ref, 'DigestValue')
+            etree.SubElement(raiz, 'SignatureValue')
+            keyinfo = etree.SubElement(raiz, 'KeyInfo')
+            etree.SubElement(keyinfo, 'X509Data')
+
+            xml.append(raiz)
+
+            with open('testes.xml', 'w') as arquivo:
+                arquivo.write(etree.tostring(xml, encoding="unicode", pretty_print=False))
+
+            subprocess.check_call('xmlsec1 --sign --pkcs12 '+self.certificado+' --pwd '+self.senha+' --crypto openssl --output funciona.xml --id-attr:Id infNFe testes.xml')
 
             if retorna_string:
-                return etree.tostring(xml, encoding="unicode", pretty_print=True)
+                return etree.tostring(xml, encoding="unicode", pretty_print=False)
             else:
                 return xml
         except Exception as e:
diff --git a/pynfe/processamento/serializacao.py b/pynfe/processamento/serializacao.py
index df33779..4e2870f 100644
--- a/pynfe/processamento/serializacao.py
+++ b/pynfe/processamento/serializacao.py
@@ -57,8 +57,13 @@ class SerializacaoXML(Serializacao):
         for nf in notas_fiscais:
             raiz.append(self._serializar_nota_fiscal(nf, retorna_string=False))
 
+        # Tag Signature
+        #sig = etree.SubElement(raiz, 'Signature')
+        #sig_info = etree.SubElement(sig, 'SignedInfo')
+        #etree.SubElement(sig_info, 'Reference', URI='#'+raiz.findall('infNFe')[0].attrib['Id'])
+
         if retorna_string:
-            return etree.tostring(raiz, encoding="unicode", pretty_print=True)
+            return etree.tostring(raiz, encoding="unicode", pretty_print=False)
         else:
             return raiz
 
@@ -79,7 +84,7 @@ class SerializacaoXML(Serializacao):
         endereco = etree.SubElement(raiz, 'enderEmit')
         etree.SubElement(endereco, 'xLgr').text = emitente.endereco_logradouro
         etree.SubElement(endereco, 'nro').text = emitente.endereco_numero
-        etree.SubElement(endereco, 'xCpl').text = emitente.endereco_complemento
+        #etree.SubElement(endereco, 'xCpl').text = emitente.endereco_complemento
         etree.SubElement(endereco, 'xBairro').text = emitente.endereco_bairro
         etree.SubElement(endereco, 'cMun').text = obter_codigo_por_municipio(
             emitente.endereco_municipio, emitente.endereco_uf)