【发布时间】:2014-11-25 04:03:29
【问题描述】:
我正在努力实现 WS-Security in Progress ABL。
似乎有可能,这个知识库:http://knowledgebase.progress.com/articles/Article/P88147 状态:
- 对于传出 WS-Security,请使用 OpenEdge Web Service 客户端手动创建包含 WS-Security 内容的 SOAP 标头。
首先,我正在努力创建一个 base64 编码和 SHA1 消化的密码哈希。
根据 WS-Security 规范的密码摘要。 Source.
Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) )
Nonce 是一个特定长度的随机字符串,基本上可以是一个 UUID。 nonce 是 Base64 编码的(它在 soap 标头中编码发送)。
Created 是格式为“YYYY-MM-DDTHH:MM:SS.SSSZ”的日期。毫秒是可选的。应始终设置 GMT 的 Z。
密码是网络服务商提供的密码。
试图在 SO 上模仿这个答案: Working algorithm for PasswordDigest in WS-Security
PROCEDURE generatePassHash:
DEFINE INPUT PARAMETER pcNonce AS CHARACTER NO-UNDO.
DEFINE INPUT PARAMETER pcCreated AS CHARACTER NO-UNDO.
DEFINE INPUT PARAMETER pcPassword AS CHARACTER NO-UNDO.
DEFINE OUTPUT PARAMETER pcHash AS CHARACTER NO-UNDO.
DEFINE VARIABLE mBytes AS MEMPTR NO-UNDO.
DEFINE VARIABLE cNonceDecoded AS CHARACTER NO-UNDO.
/* Base64-decode the nonce since it's in encoded format */
ASSIGN
cNonceDecoded = STRING(BASE64-DECODE(pcNonce)).
/* Set size of mempointer */
SET-SIZE(mBytes) = LENGTH(cNonceDecoded) + LENGTH(pcCreated) + LENGTH(pcPassword) + 1.
/* Put the decoded nonce first */
PUT-STRING(mBytes, 1) = cNonceDecoded.
/* Add create time */
PUT-STRING(mBytes, 1 + LENGTH(cNonceDecoded)) = pcCreated.
/* Add password */
PUT-STRING(mBytes, 1 + LENGTH(cNonceDecoded) + LENGTH(pcCreated)) = pcPassword.
/* Create out-data */
pcHash = STRING(BASE64-ENCODE(SHA1-DIGEST(mBytes))).
/* Clean up mempointer */
SET-SIZE(mBytes) = 0.
END PROCEDURE.
DEFINE VARIABLE cNonce AS CHARACTER NO-UNDO.
DEFINE VARIABLE cTimeStamp AS CHARACTER NO-UNDO.
DEFINE VARIABLE cClearPass AS CHARACTER NO-UNDO.
DEFINE VARIABLE cRightAnswer AS CHARACTER NO-UNDO.
ASSIGN
cNonce = "UIYifr1SPoNlrmmKGSVOug=="
cTimeStamp = "2009-12-03T16:14:49Z"
cClearPass = "test8"
cRightAnswer = "yf2yatQzoaNaC8BflCMatVch/B8=".
RUN generatePassHash(cNonce, cTimeStamp, cClearPass, OUTPUT cHash).
MESSAGE "Is:" SKIP cHash SKIP(2)
"Should be:" SKIP
cRightAnswer
VIEW-AS ALERT-BOX INFORMATION TITLE "OK?".
我猜这可能与我搞砸了 mempointer 处理或一切都应该是 UTF-8 的事实有关?
注意
使用这个简单的代码,我可以很容易地产生与上面引用的问题中提到的相同的错误哈希:
MESSAGE STRING(BASE64-ENCODE(SHA1-DIGEST("UIYifr1SPoNlrmmKGSVOug==" + "2009-12-03T16:14:49Z" + "test8"))) VIEW-AS ALERT-BOX
【问题讨论】:
标签: soap ws-security progress-4gl openedge