2

如何将字符串或值转换为字节数组?我需要它来进行 SOAP 身份验证。我的要求是 - 在客户端,这是创建摘要的方法: 1. 客户端摘要数组 = 字节数组随机数 + 字节数组 UTF-8 字符串的 UTC 日期时间 + 字节数组 UTF-8 纯文本密码(连接这三个)。2. 客户端 SHA-1 摘要 = 使用 SHA-1 算法的哈希客户端摘要数组。3. 客户端 WS-Security 摘要 = 64 位编码客户端 SHA-1 摘要

Password_Digest = Base64 (SHA-1 (nonce + timestamp + password))

这是我用来生成随机数、时间戳和摘要密码的代码。用户密码是一个字符串。整个过程中出现了一些问题,我的摘要没有成功生成。我想我有这些数据类型是正确的,字节数组和 UTF8 让我感到困惑。我添加了 utf8 转换但没有区别。

def nonce
   chars = ("a".."z").to_a + ("1".."9").to_a + ("A".."Z").to_a
   @nonce = Array.new(20, '').collect{chars[rand(chars.size)]}.join
end

def timestamp
    t = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%S.%LZ")
    @timestamp = t.to_s
end

def digest_password

ic = Iconv.new('UTF-8//IGNORE', 'US-ASCII')
$time =  ic.iconv( timestamp + ' ')[0..-2]
$pass =  ic.iconv( password + ' ')[0..-2]
temp = (nonce.bytes.to_a + $time.bytes.to_a + $pass.bytes.to_a)
@digest_password = Base64.strict_encode64(Digest::SHA1.hexdigest(temp.to_s))

###  temp =  Digest::SHA1.hexdigest(nonce + timestamp + password) ##old    
###@digest_password = Base64.encode64(temp) ##old

end


    <env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wsdl="http://xml.myserver.com/ok/service/v1_5" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <env:Header>
       <wsse:Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
       <wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>user</wsse:Username>
       <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">YWIwM2QyZWI3YTEwMTAzZmNkNmZiNmEwMjg1ODlkOTU0OTNmNmUxYQ==
       </wsse:Password> 
       <wsse:Nonce>ZEUyQ2J6bmw5cjdDZmt1QjVqTjQ=</wsse:Nonce>
       <wsu:Created>2012-03-27T11:08:35.125Z</wsu:Created>
</wsse:UsernameToken>
4

2 回答 2

1

终于可以解决这个问题了。

Password_Digest = Base64 ( SHA-1 ( nonce + create + password) )

nonce= nonce 作为字符串。在Base64 endoce之前,例如“1234”

create= 时间作为字符串。无编码

password=密码作为字符串。没有编码。

Base64Nonce= Base64.encode64(nonce).strip#Base64 编码“1234”

chars = ("a".."z").to_a + ("1".."9").to_a + ("A".."Z").to_a
nonce = Array.new(20, '').collect{chars[rand(chars.size)]}.join

t = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%S.%LZ")

$time = t
$pass = p
Base64Nonce = Base64.encode64(nonce).strip 

$digest_pass = Base64.encode64(Digest::SHA1.digest(nonce + $time + $pass)).strip



          "wsse:Username" => username,
          "wsse:Password" => $digest_pass,
          "wsse:Nonce" => Base64Nonce,
          "wsu:Created" => $time,
于 2012-03-28T10:45:19.160 回答
0

Base64.encodenonce方法中然后Base64.encode在方法中是否正确digest_password?对我来说似乎很奇怪。也许你应该做

def nonce
   chars = ("a".."z").to_a + ("1".."9").to_a + ("A".."Z").to_a
   @nonce = Array.new(20, '').collect{chars[rand(chars.size)]}.join
end
于 2012-03-27T13:36:41.940 回答