如何将字符串或值转换为字节数组? 我需要它用于SOAP身份验证。我的要求是 - 在客户端,这是如何创建摘要: 1.客户端摘要数组=字节数组随机数+字节数组UTF-8字符串的UTC日期时间+字节数组UTF-8纯文本密码(连接这三个)。 2.客户端SHA-1摘要=使用SHA-1算法哈希客户端摘要数组。 3.客户端WS-Security Digest = 64位编码客户端SHA-1摘要
Password_Digest = Base64(SHA-1(nonce + timestamp +密码))
这是我用来生成nonce,timestamp和digest_password的代码。用户密码是一个字符串。在整个过程中有些错误并且我的摘要没有成功生成。我想我的数据类型正确,字节数组和UTF8令我困惑。 我添加了utf8转换,但没有区别。
def nonce
chars = ("a".."z").to_a + ("1".."9").to_a + ("A".."Z").to_a
@nonce = Array.new(20, '').collect{chars[rand(chars.size)]}.join
end
def timestamp
t = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%S.%LZ")
@timestamp = t.to_s
end
def digest_password
ic = Iconv.new('UTF-8//IGNORE', 'US-ASCII')
$time = ic.iconv( timestamp + ' ')[0..-2]
$pass = ic.iconv( password + ' ')[0..-2]
temp = (nonce.bytes.to_a + $time.bytes.to_a + $pass.bytes.to_a)
@digest_password = Base64.strict_encode64(Digest::SHA1.hexdigest(temp.to_s))
### temp = Digest::SHA1.hexdigest(nonce + timestamp + password) ##old
###@digest_password = Base64.encode64(temp) ##old
end
<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wsdl="http://xml.myserver.com/ok/service/v1_5" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header>
<wsse:Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>user</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">YWIwM2QyZWI3YTEwMTAzZmNkNmZiNmEwMjg1ODlkOTU0OTNmNmUxYQ==
</wsse:Password>
<wsse:Nonce>ZEUyQ2J6bmw5cjdDZmt1QjVqTjQ=</wsse:Nonce>
<wsu:Created>2012-03-27T11:08:35.125Z</wsu:Created>
</wsse:UsernameToken>
答案 0 :(得分:1)
最后能够解决这个问题。
Password_Digest = Base64 ( SHA-1 ( nonce + create + password) )
nonce = nonce as string。在Base64 endoce之前,例如“1234”
create =时间为字符串。没有编码
password =密码为字符串。没有编码。
Base64Nonce = Base64.encode64(nonce).strip#Base64编码“1234”
chars = ("a".."z").to_a + ("1".."9").to_a + ("A".."Z").to_a
nonce = Array.new(20, '').collect{chars[rand(chars.size)]}.join
t = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%S.%LZ")
$time = t
$pass = p
Base64Nonce = Base64.encode64(nonce).strip
$digest_pass = Base64.encode64(Digest::SHA1.digest(nonce + $time + $pass)).strip
"wsse:Username" => username,
"wsse:Password" => $digest_pass,
"wsse:Nonce" => Base64Nonce,
"wsu:Created" => $time,
答案 1 :(得分:0)
Base64.encode方法中的nonce和Base64.encode方法中的digest_password是否正确?对我来说似乎很奇怪。也许你应该做
def nonce
chars = ("a".."z").to_a + ("1".."9").to_a + ("A".."Z").to_a
@nonce = Array.new(20, '').collect{chars[rand(chars.size)]}.join
end