XML签名、ORACLE PLSQL、SHA1摘要值计算
XML signature, ORACLE PLSQL, SHA1 digest value calculation
我一直在为摘要值计算而苦苦挣扎,现在我没有想法了。这是 SoapUI 生成的 xml 示例和摘要值:
<ds:Reference URI="#TS-5C3C8278F62662ED251468430162870278">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="wsse soapenv xsi" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>FP+KnVZ5S8C/RW6sBvulTUYYKAA=</ds:DigestValue>
</ds:Reference>
并参考:
<wsu:Timestamp wsu:Id="TS-5C3C8278F62662ED251468430162870278">
<wsu:Created>2016-07-13T17:16:02.870Z</wsu:Created>
<wsu:Expires>2016-07-13T17:21:02.870Z</wsu:Expires>
</wsu:Timestamp>
这是我的预言机代码:
declare
l_clob clob;
l_hash raw(20);
begin
select
xmlSerialize(
document extract(
xmlType('<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="TS-5C3C8278F62662ED251468429256802268">
<wsu:Created>2016-07-13T17:00:56.802Z</wsu:Created>
<wsu:Expires>2016-07-13T17:05:56.802Z</wsu:Expires>
</wsu:Timestamp>'), '/*'))
into
l_clob
from
dual;
l_hash := dbms_crypto.Hash(
l_clob,
DBMS_CRYPTO.HASH_SH1);
dbms_output.put_line(
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
l_hash)));
end;
/
输出:5SiW/yo1nYIujurXbp5Ob9z6Mbs=
请注意,我将 WSU 命名空间添加到 xml,因为没有它我无法被规范化。
没有 WSU 命名空间和规范化:
declare
l_clob clob := '<wsu:Timestamp wsu:Id="TS-5C3C8278F62662ED251468429256802268"><wsu:Created>2016-07-13T17:00:56.802Z</wsu:Created><wsu:Expires>2016-07-13T17:05:56.802Z</wsu:Expires></wsu:Timestamp>';
l_hash raw(20);
begin
l_hash := dbms_crypto.Hash(
l_clob,
DBMS_CRYPTO.HASH_SH1);
dbms_output.put_line(
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
l_hash)));
end;
/
输出:tV9e2gUBqG9tgUXXwuc2M9/C798=
知道我做错了什么吗?
认为必须将包含名称空间添加到元素中,在此示例中 "wsse soapenv xsi" 然后必须对它们进行排序,即“<... soapenv:... wsse:... wsu:.. . xsi:... wsu:Id=...>...<.../>", 只有这样才能计算摘要值.
我一直在为摘要值计算而苦苦挣扎,现在我没有想法了。这是 SoapUI 生成的 xml 示例和摘要值:
<ds:Reference URI="#TS-5C3C8278F62662ED251468430162870278">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="wsse soapenv xsi" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>FP+KnVZ5S8C/RW6sBvulTUYYKAA=</ds:DigestValue>
</ds:Reference>
并参考:
<wsu:Timestamp wsu:Id="TS-5C3C8278F62662ED251468430162870278">
<wsu:Created>2016-07-13T17:16:02.870Z</wsu:Created>
<wsu:Expires>2016-07-13T17:21:02.870Z</wsu:Expires>
</wsu:Timestamp>
这是我的预言机代码:
declare
l_clob clob;
l_hash raw(20);
begin
select
xmlSerialize(
document extract(
xmlType('<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="TS-5C3C8278F62662ED251468429256802268">
<wsu:Created>2016-07-13T17:00:56.802Z</wsu:Created>
<wsu:Expires>2016-07-13T17:05:56.802Z</wsu:Expires>
</wsu:Timestamp>'), '/*'))
into
l_clob
from
dual;
l_hash := dbms_crypto.Hash(
l_clob,
DBMS_CRYPTO.HASH_SH1);
dbms_output.put_line(
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
l_hash)));
end;
/
输出:5SiW/yo1nYIujurXbp5Ob9z6Mbs=
请注意,我将 WSU 命名空间添加到 xml,因为没有它我无法被规范化。
没有 WSU 命名空间和规范化:
declare
l_clob clob := '<wsu:Timestamp wsu:Id="TS-5C3C8278F62662ED251468429256802268"><wsu:Created>2016-07-13T17:00:56.802Z</wsu:Created><wsu:Expires>2016-07-13T17:05:56.802Z</wsu:Expires></wsu:Timestamp>';
l_hash raw(20);
begin
l_hash := dbms_crypto.Hash(
l_clob,
DBMS_CRYPTO.HASH_SH1);
dbms_output.put_line(
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
l_hash)));
end;
/
输出:tV9e2gUBqG9tgUXXwuc2M9/C798=
知道我做错了什么吗?
认为必须将包含名称空间添加到元素中,在此示例中 "wsse soapenv xsi" 然后必须对它们进行排序,即“<... soapenv:... wsse:... wsu:.. . xsi:... wsu:Id=...>...<.../>", 只有这样才能计算摘要值.