WCF 서명 비누 메시지 확인

StackOverflow https://stackoverflow.com/questions/1724558

문제

비누 메시지 타임 스탬프와 본체를 확인하는 데 문제가 있습니다.

코드를 작성하기 전에 직접 확인하려고하는 코드를 작성하려고합니다. 타임 스탬프를 확인하기위한 단계입니다.

1) 타임 스탬프 태그를 추출하고 중고 네임 스페이스를 추가하여 파일에 씁니다.

<u:Timestamp u:Id="uuid-cd1febd3-a76a-4148-8a3e-367aee62293d-1" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
 <u:Created>2009-11-11T17:37:49.000Z</u:Created>
 <u:Expires>2009-11-11T17:42:49.000Z</u:Expires>
</u:Timestamp>

2) xmllint를 사용하여 정식화하십시오

xmllint --exc-c14n timestamp.xml > timestamp.ext-c14n.xml

3) OpensSL을 사용하여 파일의 SHA-1 다이제스트를 얻으십시오.

openssl sha1 timestamp.ext-c14n.xml

4) uudecode베이스 64 DigestValue TimeStamp Reference (jgzkqcnltnufbdpofn19lsykhts =)의 HEX 편집기와 함께 열립니다.

5) 이진의 이진 값 DigestValue 표준화 된 XML 조각의 SHA1과 다릅니다.

내가 뭘 잘못하고 있죠?

다음은 전체 비누 요청입니다.

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <s:Header>
        <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
            <u:Timestamp u:Id="uuid-cd1febd3-a76a-4148-8a3e-367aee62293d-1">
                <u:Created>2009-11-11T17:37:49.000Z</u:Created>
                <u:Expires>2009-11-11T17:42:49.000Z</u:Expires>
            </u:Timestamp>
            <o:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" u:Id="uuid-ff111e4e-b184-493f-a3a7-1cb85013440a-2">MIIB/TCCAWagAwIBAgIQx9PrVMJZiohOMYoubtFJ4jANBgkqhkiG9w0BAQQFADAVMRMwEQYDVQQDEwpSb290Q0FUZXN0MB4XDTA5MTEwNTE1NTAzN1oXDTM5MTIzMTIzNTk1OVowGTEXMBUGA1UEAxMOdGVtcENlcnRDbGllbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPXXm8nHsKY7jDaAJ2MVtgj0vd15D4kAFCVrflAGCBDGxku1zVGgTppv8n7i2nJLoXkMpi4HSj9+ci78YMQOKeRq0uIN3AV39hQbjjf5RkV7QY0PYprKYcVKZrWa/LYesI4jYz+ULDnpF7Q2Euk2XFYVLTWPaWU/Zys9K1wNT/n/AgMBAAGjSjBIMEYGA1UdAQQ/MD2AEHNg0Im3hcyQVTxOx1KtRZmhFzAVMRMwEQYDVQQDEwpSb290Q0FUZXN0ghDPzOoIMA8Rkkur9od1bScFMA0GCSqGSIb3DQEBBAUAA4GBAHeTK0GedKo51ZplEfAL+7+NqU5YL9yPhyGqeMUtNBJBJUdbXfvKMZNN+wMHG72boM0HV9jiSKgdjdFDaQ5cLrpLMc48wPs+PPK4KCZynQ/qBCj91w8Vvsprk4EwjGKROGeFhq8FOO8nwukKj1dMCZWELqOPutHjAKgtKpYu4zyt</o:BinarySecurityToken>
            <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                <SignedInfo>
                    <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod>
                    <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></SignatureMethod>
                    <Reference URI="#_1">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></Transform>
                        </Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod>
                        <DigestValue>GFOHIzFb+GV4fj8/sGWx2J5U7ag=</DigestValue>
                    </Reference>
                    <Reference URI="#uuid-cd1febd3-a76a-4148-8a3e-367aee62293d-1">
                        <Transforms>
                            <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></Transform>
                        </Transforms>
                        <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></DigestMethod>
                        <DigestValue>jGZkqCNLTnUfbdpoFn19LSYkhts=</DigestValue>
                    </Reference>
                </SignedInfo>
                <SignatureValue>Q6TsGUPlgzfvoh4obnpwTIM5+rG/MynC4Pr8DDkpsClkUBM4+VrR0i7bHdM51779lbLzqj01W1H3GfNehVKxwAi0c0aAKlcVUm0i3PeA2NzmdTPRHy6tHmX2yyLC5TDjhA+jmqRoU/VlWhShD7Komm/9zsyDhQKF4M92rPUo0To=</SignatureValue>
                <KeyInfo>
                    <o:SecurityTokenReference>
                        <o:Reference URI="#uuid-ff111e4e-b184-493f-a3a7-1cb85013440a-2" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></o:Reference>
                    </o:SecurityTokenReference>
                </KeyInfo>
            </Signature>
        </o:Security>
    </s:Header>
    <s:Body u:Id="_1">
        <sayHello xmlns="urn:iPhone.Server"></sayHello>
    </s:Body>
</s:Envelope>
도움이 되었습니까?

해결책

태그와 다이제스트 사이의 모든 선 파단과 공백을 제거했습니다. 사용하기에 올바른 XML은 다음과 같습니다.

<u:Timestamp u:Id="uuid-cd1febd3-a76a-4148-8a3e-367aee62293d-1" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><u:Created>2009-11-11T17:37:49.000Z</u:Created><u:Expires>2009-11-11T17:42:49.000Z</u:Expires></u:Timestamp>
라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top