From 65a749edc8214f995d89117d86cb42e0a10b0a4e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= <karlerik@kreative.ee>
Date: Mon, 27 Jul 2020 11:47:49 +0300
Subject: [PATCH 1/3] Reference LHV branch without keystores gem

---
 Gemfile                          |   2 +-
 Gemfile.lock                     |   6 ++----
 test/fixtures/files/keystore.jks | Bin 2242 -> 0 bytes
 test/fixtures/files/keystore.p12 | Bin 0 -> 2579 bytes
 4 files changed, 3 insertions(+), 5 deletions(-)
 delete mode 100644 test/fixtures/files/keystore.jks
 create mode 100644 test/fixtures/files/keystore.p12

diff --git a/Gemfile b/Gemfile
index 99091f556..b78d2edbd 100644
--- a/Gemfile
+++ b/Gemfile
@@ -66,7 +66,7 @@ gem 'airbrake'
 
 gem 'company_register', github: 'internetee/company_register', branch: :master
 gem 'e_invoice', github: 'internetee/e_invoice', branch: :master
-gem 'lhv', github: 'internetee/lhv', branch: :master
+gem 'lhv', github: 'internetee/lhv', branch: 'remove-keystores-gem'
 gem 'domain_name'
 gem 'haml', '~> 5.0'
 gem 'wkhtmltopdf-binary', '~> 0.12.5.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index e4ad26396..8d303b602 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -45,11 +45,10 @@ GIT
 
 GIT
   remote: https://github.com/internetee/lhv.git
-  revision: c53dd82393f8a81f6e9da793ae0474294ef88762
-  branch: master
+  revision: af0d3127bed6606ac50c44696bd56b09c096ac39
+  branch: remove-keystores-gem
   specs:
     lhv (0.1.0)
-      keystores
       logger
       nokogiri
 
@@ -266,7 +265,6 @@ GEM
       activerecord
       kaminari-core (= 1.2.1)
     kaminari-core (1.2.1)
-    keystores (0.4.0)
     libxml-ruby (3.2.0)
     listen (3.2.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
diff --git a/test/fixtures/files/keystore.jks b/test/fixtures/files/keystore.jks
deleted file mode 100644
index 7ce34f308d5df462a90842275cecdb54f6fef5ac..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2242
zcmchYS5VW58pZQZLP(@ZS%UNuFrY|6LRG4iD1wq0dJ}1yEU+NLg0$c!2ulf|$fAgV
zFiLMqk!I*62uKqaM2Sj?2rMAg%iX#6&d&ILAI`)1J$-ZL%=r$u2V4*c1U?k-x1cw?
zgKr!f>P<rZRS<{=jG;jfFoLinCtv^+Py-7C01pUCgD#SvM}8%5rdEn+y~BHq9Ty+E
zp8gZP^w#uU@%a3Q)FcT@I$S?FJkySV_5K+rAg|dW#ISs6dH<@rU=I2dZZI!BVZr`&
zFIVY!75iG11aVXaAFpI0Vi}g{*i#gluTV7p$YIIVf@9pBKi4MpXhvB0hBDpw+ZPZ2
zF=QKIdXg=eOr6^_#{?yK#RN<!XqK>yl0L^j;iLMA?U<o}>*BE~Ic;{x7h$jG9xLQl
zEzf4?w3~P(#%`%9y4NkX&Mmv5{cwiOwEjUOHgSO4@3);~;NGbBGcU~}j@`!hx%C;>
z=RhHW5n>z~0A}&`?W}|<U&I>?aOro0F8hM%aw*mO6hCGxHwe`gy-A`;+SEp=m7W^p
zbwahjtHdIDE=fzybMOsN7cJ<mmkyurHT-sVZ&c!0%8o%=2-N053kPPZU59n6W3*f7
zd*2xxtWntM<d^52lilUSSWe#0L+fT~MO5cG<$J$KO@8`xq3I^O#@Antudvp54OOi)
z0)X%+oEB<~QIWLPt28rVvZpKDsMww1T8e}zy;;bsGZ+6>?#7Ahwg=NX{5}TD6;Lvy
z7Os_>s#^6z?aT-am7w(*K1nm1EY8X0CYVp6wErEKuT@fJe+o3m`a<62c_s<7)pXwT
zkLJp6Gf;gZI={L0Oe?p@Q1`E-9_TKH2G$(AQBfz(-@+B<6{&YxJ&$Ycx}>`*qSNTU
zRD1%e_y+kzaA!DY#D@fC$)93*31Nd7vb4(Pa1)1L=2NSlpVj|fp{ID;48bxOEGJc#
z<ZJiGl(WfA>&|w6c$g`V6u$at-0hNeeLHwB9lkr<TJ(z`C+Dlfi)Hf}2zX^f$Pk@>
zEa~?<uqOQF9FeO=kH(bUn4_!r+rA~A4*&3RyF=znqGXfE3yqQu@MP}z9YfiLy!CDa
zUhYom-p=!bZo5d=r4{AbhS<L}+|1u^w48|uH*q<^g2c&Bs9NjYo5)n3)~%OfYQR%C
zvkEJ>_p9ZuGhZeY#BYuGw&}L}d*WLpPJc~IBs(Y458frZRhq6Sw`os7CzE3=$G5j_
z)lPm;YTDN0PFu`&246nEva<SSm{knkdI%JeI`+sDj;!di!B~k;+Pd;<%F)Ia0fDvO
zNmsqOJ*Dac*TzSLF2Kc#JMU_|wb&Y6PXV3_38KWpw<gB$d}WvY2^zx1?lE$GdOXoX
z6usz0luF1eX#wLX*)?tur5;5!KPBq4$Ue!8z)7znS`oo$GdPAQ)p3R=BqN>Z>JsYE
z$-JO@&KBOSoD=3EKA%?TNiiDzBrbUEcBXt>BMviGdwQYJY9f8Fq~q7gSJX2Qjbzyv
zza<}rbuyx1v3S_>Sxj`ey~#VtO;jtks30`l@TT$BL>tN7*#=row+$)ru7x_66I><p
z&9W0uk$u@t)3P`%uNtrtw#YkwHT{(ptT*KTY;TruBZ?zN-ckrn&0Q0VR{dyUZ})&e
zs!5F~)r^&V=C)};9ei{DI8z@|zNON9wo?X8&B&;fD^L%dw`wJ4I;Tu6N37il8MxbW
z@Z|c({$@nQs@-|G=63EVQ{$;mMdXDdF87aI&*$e9TBLU^ZNlFMAyeU^h#?tPr>#;q
z{e!G#eTxM{)FBS`<aK}G5iin7sXWJi`nTjTd5_=?aHm_xTYFa4^xwP4<8Vp~qXz;(
zA}};aD24`h&xL>iFc>N-=rDy5fFacA1p1Z$0PyjEFjVZ(!^wn@p)gTivOmQ?Ak_cA
z1pWiz{ec|$f$;r6Apav6S)>3~52K6G!)jvma5$%bTPzl%^B?<vzJ>-U{xgolZvmkJ
zLLdwcI0B{t0H`<|noSsbGSgf^RB(R3ahG2w6`Hmn|2<n19f&Pj^4xDs3VZ8RhU_!l
zeffoyo{K^t%TgZPiE}i)w#{d_-ABC%j~a}kfKv4wyV!pjrw#j<^lP^{@fku``*}qO
z(|so5o<S#U;Y^(azVLC)QGUilhIjBm2(i<&s}P2mHof?L`*CfUmW_4TPQeMG3+v8x
z9S0G|3?Az`YrN2)W)RLJnm#KSO|Hlbwn)esrcKE9(KUnn{52h8=JlCQ&2wGDVxC{k
zf<xQuqKKzUklZYua~s4i{H)_eIHjKJz_u41+Es`0w>y68+Il3ab<3>Yx)r=C*2Lc;
zSJe|}4Tb<9AYTC^hmkpKh>Rdq94bbTugp$HuJtr#9gmW^IaO_Iq+jyS5Dz<b7$N|&
z6<UhYE~qJMMX8i&3G|za8zP-{J-qPfUX2z-l1hM?=oPD>8RpAbE^Tlwo<d6VY_cgB
za^z-TrX*ydYj=zTaa|OSFP?_dg)B7i<{i0W*s!}%q1`MZ3H-k6YWVDeYCMd*T(92%
zmps<1E*yG1KKp?c1zK{TKBa<@avfL}=nIg=^}MzHR3JT3TUKYA&nzSksiA$bUL4-+
z#x&&j6U<jxsz~GD)il`DsMTrJv&-uN9{U59?Yq_DN6`e|5oYcOekL&P-zCfv>4qKM
zVb9M-4#zpJ8Vt>jf?S#-QX|O;3$3c_Dgo&P?W>!NK4XM+j*FLhFcByWm9spjPK?JZ
Q*B=|e+<ue!sIP9|UzZrpl>h($

diff --git a/test/fixtures/files/keystore.p12 b/test/fixtures/files/keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..962ddede2ae754b1ca56a2967b800799ba2d0194
GIT binary patch
literal 2579
zcmY+Ec{CJ`7RMQ58Ai4-!p|6cjbz52vP8<3q^3w&nru_ZzK!KKw)!!)W>Uh)7G)X6
zJ|af4CHqcxLd3`<+w;zQ@Ao_J+;h)8=kvYy{`o=Tx%mLBY)Cw)jRS;;F^*yKvU0L!
z;X$=PJgD**mm%@&PX8CN-vZ*<t&Xw9ahr1R{PzmX%?ilE1NV@4AQO3-gZqE@__;U`
z@>ONJ(O}!@qZPL7@w63`^X-Vp9)OL7ZVAK#+dN1+$eH-Rv?tShC3VObC0_#wK)6oG
z05xa);Y?08NEEvILIU&f!(h{?14S>ofTCWPX<N#6uxA!>zPu4eBek<o>%KA83<Erq
z0=)G$ng!!K;~4R6to`eI!_tC~ZuV`Yl*$ZOC+O~`lEHeJPGX)H;pZ8?H@CjDi-kj>
zA)gq(M(bv)%ElA;`@NInjKI3ri;djWHtDJi!AdMNGPy=f<r^z%-5O^A(yy9I!Mjy6
zRx$H311Ikt9H^D`RM2{o9@e}wOIeMdno_%E?-@DaRbtJYdv6(So>tG7B*)xu4y7*7
zxl2<CIN2KYJKK{MyPq18+r&i*w8sdEg8ob**IlRk@+T_kwa}pr`eS$Os1QB@ZiIj%
z-#43wBpbE@sBN=QG958ednKa}<0k7cs$8^X?6F%3iZj}foJ)+kAe%mOZs%7u=j=%S
z)xP9pCx<4DOg2YcB8zqF!snZEBhfteyHM%*$|>$?ee3S5$9Ih`npw-GB&ZF(5T{&f
zg(J@Sot7DTpK)X6OTT3^BdkYyx2S6J`sOWXSQ#XABDsA;HQMp_H|tT8E%Ih=)Uxr0
zw3^La&-RSPqQ`#eMM2w?C<#{@xh~hXmfQ$+eHV>dy%c#6E)rZ=6^_CZd#EnqB*`gP
zqSX$G#5D2g69B=V-RnJlizCP8t7cj^x^vw<Yb{Of<JR}LSh-m+owU-FQTV*R;FML;
zMINUNv8y_V?V>@CT#=VMO=Vc7_aS3;zz68ySEH*{qr5lFDv$#Us;`D*u1)*ffa_Qo
zTo%u69Bms61C5Qhuw7m9ja2LVnw|0B7^@xU*mUD>v?s5g8a|ZY|4r(r<Rzw`TlI)i
z@KU~?$1%KV<e>G<N8yjFdz1S3Ly)HW8=u&_`Wd*}C$b<R?>TG_n+_c?io-G&Lvp9o
z^{X~!9jYwE_{T5?W_w*-7=cJwb6;08Cdcc>Qf0M`W&aJmg>>h6w>8zgz37;2qV><~
zYmD{wmlipfeJ>Xj7^gVil(!Yj1_+J_<XtP*k6kBor8o{fos<#jBO!A;XozI8RP4la
z=qkEA4AC0n`ZS+nXfG*4Q%gEsBdS9i`;jeQh>I;KRPedF)>?;+;R4pMah^=%b8z`C
zR>fQMr?SQbv4dLR3EHnAgr|_w13DL;f%uF4159#ALEYL09fPoJL9VAA_kRuv@DnBt
z#UIsVqbQ+uMry)xJ^Ni0|D-kcB05o1m)yrZwHOc(uF&EmmkW{>NtNPfo>C+XG!ALk
zovFqNFTb0Qr}B7f*xS7&^3ZIB1+HKDEhSQ-^d9A}her0m5E5mGZmNQV4U8Az$Dd%Y
zL@CNl^A?SXDpVia;cGRd5OA|KKB+Ar#X}QJ(Xy_)&9^YP9n`ASNDb|m6rU=y9Jy~}
zDq(%tJgP2@p197?rP%0f9Sw1md+zl&OH2#pRHLq4bDnzg%oOv0bE^dXq5&1l$IIO$
zbGG{c1YR-O#mbs@4s8gfVQCEwu?rvFz<?{rY=_%Ldhjz)eS6#$p{I)x?(WjwFN-&+
zdYK+OrBIXz>s&{^u0#V>x%lOCH&Z7^e<}L!7RXrhfGbJm?3aS;n5m_@FW@3Mu{vMW
z1*FK|ssuq$+%PT{Ulu189~NJv)IWhR3IY_o>E`YPN2#Av*HS$$q^2tBSe%#sUgG39
zcB%R?LIGG=jtAnOg!TXI%JFZz){=iw7!RZ?vp0W;Cgaot6Tv$Fv1<gL?MF3^`T0(F
zoU{1PUpo6^gX~<QfBxnX`;=SHc0<evR&!^tT|6t1avrktS~lX&uA1JGR^-{Wnw+n;
z`5Ln0{-^f6N(l3fmhW8JD=jns*z=Y`2n{MZ|1opKYsYNlYj%Buv<+wfy3c4D3_FkZ
zr{!htjIRsbapI!4Wkp3X2)GDtq9H=53R*Xe`SQqTn^I7?O5~pAxobU~K4u`_7=rB7
zm`n4hM86T_VW`I1T(IN6^Hm)efcOCPtKE1bUFi>GpFFx5=qb)C{}gIMD+t@E!2ZS_
zK7PS-h7AK-50;5^w&?Jjs7p6`^=7ihZc(x%Kgmqp|D;z#zPg#VoWQdjFfb3z)sbe*
z6yBE`flC#G+CPs*uNj`zj#ygh_;t^AwIo+1u1z%b5}Vpn-9CYGeGPHoBgFtuzh*DE
zw0mi?LeG$_aBnuRLFEYL2xiq~0^4=UvlNM4938K4$XECF-pAKYUoiE;3w(byqX}ER
zO!C-fV7RS0IqUe-S7H&(0+?>C$7L%mU=dlD{MX!1-aw;+Af6hmQj$otPv%&B5$@D1
z7-fENWjy6#=)(>DBV}FYCXuXuV(B5KJWLDTe#v-4PP-&E`F$DQRzf1qaZfpe-4*wM
zyfV`Bu$N}H!XGN0t$DLNI3Pupe)p<&bY&HOd|9Ew$lpBrJ1e0&Ph;uP0+!t`d;C*`
z@nL&Od8u{i6#BA=y}7R(j7|gC+)UmO`>NYRo^1FK9(gt93~g={;PPiZafour^o@f4
zm7jP{ChF~53aJu4lzLEFQLbq(Pq{rxdbG|_&tu%gGxfHLdx03D8U2Xk4m|J#3x9U9
zjKbUzw`6Cfu@a$vS0iv2((SHgPS`uTzD*46_UZWewvIeEY)PCcObm;NFW1o~4*#$Y
zmbBQfs!sT^Jk4nii*yS7FtPDuX3=oUw7Z+DH&sxHyiyh+cdtZZ?m#l6xMEw>B?Q0V
zDTYn&nU=hb#(|by0$Oft$X__`oKfJ=8)e&i+UE28sW8C6^Rfo{OUS-K-3RBTqtvJg
zpVlPA&KEGcDi#q176u_L>B`~3I~?!pZx&@Oc=xG@9~zxr65m?QDbkh2o+VZ+T^P_y
zt2vv%gFHCg>}DniPte_Be}h|>4Y6B^PBzX?qrxc*LQ&vnBbF0k9x2}gvaY0vD|tjm
zZfO-yPO}GXaUEidedQ24uU!ZueMnBn0s6@x<)9OZ1As-0qi#<>bv_~^(0^VfIHsj(
zQm1V3`I5UC{RIrm%bGCo@!jyjT<U9#mgG<E4->tFg9x-8oR_<>empPer9e^b%hIi`
z(KzJ<J}_Lgnt8cBFcqnbltO|y*cDH(0mRr@fDqfo@B0nEqNsXUkLMqFtB4oTf02QZ
dZiwHkOWq7%YvNXBG=yglM+;X5u(8Hu{R_Lo(dGaE

literal 0
HcmV?d00001


From 64def385b0540c7fe8fa7252aaafdd50daf6a6dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= <karlerik@kreative.ee>
Date: Mon, 27 Jul 2020 11:48:51 +0300
Subject: [PATCH 2/3] Replace LHV JKS store with P12

---
 config/application.yml.sample                         |  6 ++----
 .../create_bank_transactions.rake                     | 11 ++++-------
 lib/tasks/invoices/process_payments.rake              | 11 ++++-------
 test/tasks/invoices/process_payments_test.rb          |  6 ++++++
 4 files changed, 16 insertions(+), 18 deletions(-)

diff --git a/config/application.yml.sample b/config/application.yml.sample
index 691740b2a..7fd92d092 100644
--- a/config/application.yml.sample
+++ b/config/application.yml.sample
@@ -148,9 +148,8 @@ action_mailer_default_port: # default: no port (80)
 action_mailer_default_from: # no-reply@example.com
 action_mailer_force_delete_from: # `From` header for `DomainDeleteMailer#forced` email
 
-lhv_keystore:
+lhv_p12_keystore:
 lhv_keystore_password:
-lhv_keystore_alias:
 lhv_ca_file: # Needed only in dev mode
 lhv_dev_mode: 'false'
 
@@ -163,9 +162,8 @@ test:
   action_mailer_default_host: 'registry.test'
   action_mailer_default_from: 'no-reply@registry.test'
   action_mailer_force_delete_from: 'legal@registry.test'
-  lhv_keystore: 'test/fixtures/files/keystore.jks'
+  lhv_p12_keystore: 'test/fixtures/files/keystore.p12'
   lhv_keystore_password: 'testtest'
-  lhv_keystore_alias: 'testtest'
 
 # Airbrake // Errbit:
 airbrake_host: "https://your-errbit-host.ee"
diff --git a/lib/tasks/dev/create_bank_transactions/create_bank_transactions.rake b/lib/tasks/dev/create_bank_transactions/create_bank_transactions.rake
index 33614d049..17b7586e2 100644
--- a/lib/tasks/dev/create_bank_transactions/create_bank_transactions.rake
+++ b/lib/tasks/dev/create_bank_transactions/create_bank_transactions.rake
@@ -3,12 +3,9 @@ namespace :dev do
     remitter_iban = ENV['remitter_iban']
     beneficiary_iban = Setting.registry_iban
 
-    keystore_password = ENV['lhv_keystore_password']
-    keystore_alias = ENV['lhv_keystore_alias']
-    keystore = Keystores::JavaKeystore.new
-    keystore.load(ENV['lhv_keystore'], keystore_password)
-    cert = keystore.get_certificate(keystore_alias)
-    key = keystore.get_key(keystore_alias, keystore_password)
+    keystore = OpenSSL::PKCS12.new(File.read(ENV['lhv_p12_keystore']), ENV['lhv_keystore_password'])
+    key = keystore.key
+    cert = keystore.certificate
 
     api_base_uri = URI.parse('https://testconnect.lhv.eu/connect-prelive')
     request_headers = { 'content-type' => 'application/xml' }
@@ -38,4 +35,4 @@ namespace :dev do
       end
     end
   end
-end
\ No newline at end of file
+end
diff --git a/lib/tasks/invoices/process_payments.rake b/lib/tasks/invoices/process_payments.rake
index 6e4c57213..340aba187 100644
--- a/lib/tasks/invoices/process_payments.rake
+++ b/lib/tasks/invoices/process_payments.rake
@@ -2,12 +2,9 @@ namespace :invoices do
   task process_payments: :environment do
     registry_bank_account_iban = Setting.registry_iban
 
-    keystore_password = ENV['lhv_keystore_password']
-    keystore_alias = ENV['lhv_keystore_alias']
-    keystore = Keystores::JavaKeystore.new
-    keystore.load(ENV['lhv_keystore'], keystore_password)
-    cert = keystore.get_certificate(keystore_alias)
-    key = keystore.get_key(keystore_alias, keystore_password)
+    keystore = OpenSSL::PKCS12.new(File.read(ENV['lhv_p12_keystore']), ENV['lhv_keystore_password'])
+    key = keystore.key
+    cert = keystore.certificate
 
     api = Lhv::ConnectApi.new
     api.cert = cert
@@ -46,4 +43,4 @@ namespace :invoices do
 
     puts "Transactions processed: #{incoming_transactions.size}"
   end
-end
\ No newline at end of file
+end
diff --git a/test/tasks/invoices/process_payments_test.rb b/test/tasks/invoices/process_payments_test.rb
index 02855e9fa..bd447be29 100644
--- a/test/tasks/invoices/process_payments_test.rb
+++ b/test/tasks/invoices/process_payments_test.rb
@@ -88,6 +88,12 @@ class ProcessPaymentsTaskTest < ActiveSupport::TestCase
     end
   end
 
+  def test_parses_keystore_properly
+    assert_nothing_raised do
+      run_task
+    end
+  end
+
   private
 
   def run_task

From ca1f3a9a48dbf928bc7f83a5c8e7242f2e4f8448 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karl=20Erik=20=C3=95unapuu?= <karlerik@kreative.ee>
Date: Thu, 13 Aug 2020 13:14:03 +0300
Subject: [PATCH 3/3] Reference newer version of LHV gem

---
 Gemfile      | 2 +-
 Gemfile.lock | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Gemfile b/Gemfile
index c20e18f26..7ad72f5fa 100644
--- a/Gemfile
+++ b/Gemfile
@@ -66,7 +66,7 @@ gem 'airbrake'
 
 gem 'company_register', github: 'internetee/company_register', branch: :master
 gem 'e_invoice', github: 'internetee/e_invoice', branch: :master
-gem 'lhv', github: 'internetee/lhv', branch: 'remove-keystores-gem'
+gem 'lhv', github: 'internetee/lhv', branch: 'master'
 gem 'domain_name'
 gem 'haml', '~> 5.0'
 gem 'wkhtmltopdf-binary', '~> 0.12.5.1'
diff --git a/Gemfile.lock b/Gemfile.lock
index 698d8ca1d..7b18612e0 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -45,8 +45,8 @@ GIT
 
 GIT
   remote: https://github.com/internetee/lhv.git
-  revision: af0d3127bed6606ac50c44696bd56b09c096ac39
-  branch: remove-keystores-gem
+  revision: 1825240b3bf8b262418cc6c8ef7ed1aba386dd7d
+  branch: master
   specs:
     lhv (0.1.0)
       logger