我一直在用摘要值计算,现在我已经没有想法了。这是SoapUI生成的xml示例和摘要值:
<ds:Reference URI="#TS-5C3C8278F62662ED251468430162870278">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="wsse soapenv xsi" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>FP+KnVZ5S8C/RW6sBvulTUYYKAA=</ds:DigestValue>
</ds:Reference>
参考:
<wsu:Timestamp wsu:Id="TS-5C3C8278F62662ED251468430162870278">
<wsu:Created>2016-07-13T17:16:02.870Z</wsu:Created>
<wsu:Expires>2016-07-13T17:21:02.870Z</wsu:Expires>
</wsu:Timestamp>
这是我的oracle代码:
declare
l_clob clob;
l_hash raw(20);
begin
select
xmlSerialize(
document extract(
xmlType('<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="TS-5C3C8278F62662ED251468429256802268">
<wsu:Created>2016-07-13T17:00:56.802Z</wsu:Created>
<wsu:Expires>2016-07-13T17:05:56.802Z</wsu:Expires>
</wsu:Timestamp>'), '/*'))
into
l_clob
from
dual;
l_hash := dbms_crypto.Hash(
l_clob,
DBMS_CRYPTO.HASH_SH1);
dbms_output.put_line(
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
l_hash)));
end;
/
输出:5SiW / yo1nYIujurXbp5Ob9z6Mbs =
请注意,我将WSU名称空间添加到xml,因为没有它我无法进行单元化。
没有WSU名称空间和canonilization:
declare
l_clob clob := '<wsu:Timestamp wsu:Id="TS-5C3C8278F62662ED251468429256802268"><wsu:Created>2016-07-13T17:00:56.802Z</wsu:Created><wsu:Expires>2016-07-13T17:05:56.802Z</wsu:Expires></wsu:Timestamp>';
l_hash raw(20);
begin
l_hash := dbms_crypto.Hash(
l_clob,
DBMS_CRYPTO.HASH_SH1);
dbms_output.put_line(
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
l_hash)));
end;
/
输出:tV9e2gUBqG9tgUXXwuc2M9 / C798 =
任何想法我做错了什么?
答案 0 :(得分:0)
认为必须将包含名称空间添加到元素中,在此示例中为“wsse soapenv xsi”,然后必须对它们进行排序,即“&lt; ... soapenv:... wsse:... wsu:... xsi:... wsu:Id = ...&gt; ...&lt; ... /&gt;“,只有这样才能计算摘要值。