Question

我正在尝试从wsdl创建一个http客户端并发送加密请求。但是，我已经在npm（soap，soap-x509-http，xml-crypto等）中尝试了大多数加密安全包来实现我的目标，但我无法发送正确的请求。

您可以在下面查看要求和示例请求。

提前致谢。

应使用以下算法执行加密：
一个。密钥加密算法： rsa-1_5
湾对称加密算法：＃aes128-cb c
C。 Encription规范化： xml-exc-c14n
d。令牌引用类型： keyIdentifier（SKI）
签名应使用以下算法执行：
一个。签名算法： rsa-sha1
湾CanonicalizationMethod算法： xml-exc-c14n
SOAP消息可以包含Timestamp

示例请求（缩短密码值）

<?xml version="1.0"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <env:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" env:mustUnderstand="1">
      <wsu:Timestamp wsu:Id="timestamp">
        <wsu:Created>2017-01-25T10:53:55.572Z</wsu:Created>
        <wsu:Expires>2017-01-25T10:58:55.572Z</wsu:Expires>
      </wsu:Timestamp>
      <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="token-47-1485341635575-1612376233">MIICXjCCAcegAwIBQ==</wsse:BinarySecurityToken>
      <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
        <xenc:EncryptionMethod xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <wsse:SecurityTokenReference wsu:Id="reference-50-1485341635576-76405248">
            <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary7f9" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">MZBUluEDgIrFJrntxdBEI9Cr2A0=</wsse:KeyIdentifier>
          </wsse:SecurityTokenReference>
        </ds:KeyInfo>
        <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
          <xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">m5xNzosqhCIll4rMOH97zwKNprCC15w0LDta+NL81yIcPuLftJNZeI/RiPmJY7d3y2bdMV5Y=</xenc:CipherValue>
        </xenc:CipherData>
        <xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
          <xenc:DataReference xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" URI="#encrypted-49-1485341635575-737511276"/>
        </xenc:ReferenceList>
      </xenc:EncryptedKey>
      <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <ds:CanonicalizationMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          <ds:SignatureMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
          <ds:Reference xmlns:ds="http://www.w3.org/2000/09/xmldsig#" URI="#element-46-1485341635572-1313338421">
            <ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
              <ds:Transform xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </ds:Transforms>
            <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
            <ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">koftV3puKxIgrkVHHxwSJYxsUhA=</ds:DigestValue>
          </ds:Reference>
          <ds:Reference xmlns:ds="http://www.w3.org/2000/09/xmldsig#" URI="#timestamp">
            <ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
              <ds:Transform xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </ds:Transforms>
            <ds:DigestMethod xmlns:ds="http://www.4dbw3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
            <ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">Q0nZM95JuHF2nveehBU6wjUsoY4=</ds:DigestValue>
          </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">BvlJMHJNrfI=</ds:SignatureValue>
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <wsse:SecurityTokenReference wsu:Id="reference-48-1485341635575-111206538">
            <wsse:Reference URI="#token-47-1485341635575-1612376233" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
          </wsse:SecurityTokenReference>
        </ds:KeyInfo>
      </ds:Signature>
    </wsse:Security>
  </env:Header>
  <env:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="element-46-1485341635572-1313338421">
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="encrypted-49-1485341635575-737511276" Type="http://www.w3.org/2001/04/xmlenc#Content">
      <xenc:EncryptionMethod xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
        <xenc:CipherValue xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">XoH4ROAG+6v0A28z1YeGeUfl4Im1q/jEJO+uDtAejU=13</xenc:CipherValue>
      </xenc:CipherData>
    </xenc:EncryptedData>
  </env:Body>
</env:Envelope>

使用WS-Security，node.js中的RSA加密准备SOAP请求

0 个答案: