堆栈内存溢出
  简体   繁体   English

WS-Security php 中 PasswordDigest 的工作算法

[英]Working algorithm for PasswordDigest in WS-Security php

 原文  2014-09-21 06:45:50       php/ encoding/ base64/ sha1/ amadeus

问题描述

I have been creating hash password from the formula given by my airline supplier.我一直在根据我的航空公司供应商提供的公式创建哈希密码。 I have search on this site and I got the solution from below link in C# but I want in PHP.我在这个网站上搜索过,我从下面的 C# 链接中得到了解决方案,但我想要 PHP。 Working algorithm for PasswordDigest in WS-Security WS-Security 中 PasswordDigest 的工作算法

I have tried like this in php but password digest which I am getting is wrong我在 php 中尝试过这样的操作,但是我得到的密码摘要是错误的

function getTimestamp()
{
$microtime = floatval(substr((string)microtime(), 1, 8));
$rounded = round($microtime, 3);
return gmdate("Y-m-d\TH:i:s") . substr((string)$rounded, 1, strlen($rounded))."Z";
}
$nounce = base64_encode(mt_rand(10000000, 99999999)); 
$timestamp = getTimestamp(); 
$password = "AMADEUS"; //clear password
$final_hashed_password = base64_encode(sha1($nounce.$timestamp.sha1($password)));

My values are generating like this我的价值观是这样产生的

Nonce: ODczNzczNzE=
Timestamp: 2014-09-21T06:36:31.328Z
password: "TEST"
password digest I got: NjQxOThmZjViNmIwOGM0NGNiNDE1YTExNWQ3MDc2OGNlYjBjZDY2MA==

but password digest should generate like this但是密码摘要应该像这样生成

Right password digest: zGXsP85SuUngY7FjtnQizeO6yUk=

I know the algorithm for creating the Digest is:我知道创建摘要的算法是:

Password_Digest = Base64 ( SHA-1 ( nonce + created + SHA-1 ( password ) ) )

Please help me to generate right hash password in php and also please see the above link which has the solution in c#请帮助我在 php 中生成正确的哈希密码,并请参阅上面的链接,其中包含 c# 中的解决方案

3 个解决方案

解决方案1
 3  2014-09-22 13:40:43

得到了解决方案!...我们必须解码nonce,然后在其上应用公式,在xml中我们必须发送编码的nonce

解决方案2
 0  2016-08-24 13:09:06

As you mentioned - the issue was in Nonce. 正如你所提到的 - 问题出在Nonce中。

If I may suggest, it may be better to use for nonce a stream of bytes ( random_bytes ), instead of mt_rand(10000000, 99999999) without encoding it. 如果我可以建议,最好使用nonce一个字节流( random_bytes ),而不是mt_rand(10000000, 99999999)而不编码它。 And then, only encode it when you'll be including it in the Nonce SOAP/XML node. 然后,只有在将它包含在Nonce SOAP / XML节点中时才对其进行编码。

解决方案3
 0  2022-01-07 07:53:14

you can use this php code to generate Digest password

<?php
    date_default_timezone_set('UTC');
    $t = microtime(true);
    $micro = sprintf("%03d",($t - floor($t)) * 1000);
    $date = new DateTime( date('Y-m-d H:i:s.'.$micro) );
    echo $timestamp = $date->format("Y-m-d\TH:i:s").$micro . 'Z';
    $nonce = mt_rand(10000000, 99999999);
    echo $nounce = base64_encode($nonce);//we have to decode the nonce and then apply the formula on it and in xml we have to send the encoded nonce
    $password = "AMADEUS"; //clear password
    echo $passSHA = base64_encode(sha1($nonce . $timestamp . sha1($password, true), true));   
 ?>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 ws-security 和 nusoap 不起作用 - ws-security and nusoap not working PHP SOAP ws-security - PHP SOAP ws-security 具有Sows-security的PHP Soap客户端 - PHP Soap client with ws-security 如何在php5中实现ws-security 1.1 - how to implement ws-security 1.1 in php5 如何使用php实现ws-security到soap对象 - how to implement ws-security using php to soap object 验证 PHP SOAP SERVER 中的 WS-security 密码摘要 - Verify WS-security password digest in PHP SOAP SERVER 使用PHP连接到受WS-Security保护的Web服务 - Connecting to WS-Security protected Web Service with PHP WS-Security,以及如何进行身份验证 - WS-Security, and how to Authenticate 使用SimpleXML创建WS-Security标头? - Create a WS-Security header using SimpleXML? 无法使用PHP SOAP扩展使用WS-Security连接到SSL Web服务-证书,复杂的WSDL - Can't connect to SSL web service with WS-Security using PHP SOAP extension - certificate, complex WSDL
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM