[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Help
Jose,
For me the following value looks like a Base64 encoded value:
<ds:DigestValue>NuGOmMaLjpJvLQgR8pILOcXYsBI=</ds:DigestValue>
That is why I first calculated the SHA-1 hash which I then encoded to
Base64. Did you encode your value to Base64? Then there should not be any
hex values. A Base64 value only constists of a-z, A-Z, 0-9 and + and /.
Thomas.
Am 13.01.2012 21:42, schrieb Jose Fondeur:
> Hi Tomas,
> Thanks so much for the program and the sample; couple of things:
> The resulting SHA1 value from the example below contains hex values
> which causes the server to reject the request. Am I missing something?
> Is there an implementation of the Digital Signature (c14n#) in RPG
> (Native or Java) that you know of? I have search all over and I'm yet
> to find anything.
> Best Regards
> Jose E. Fondeur
> To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
> Subject: Re: Help
> From: thomas.raddatz@xxxxxx
> Date: Thu, 12 Jan 2012 13:28:38 +0100
>
> I do not know what data is used to generate the SHA-1 fingerprint but this
> is how you can generate the SHA-1 hash and encode it to Base64:
>
> D body S 4096A varying inz
> D sha1 S 20A inz
> D base64 S 100A inz
> D size S 10I 0 inz
>
> sha1 = generateSHA1(%addr(body)+2: %len(body));
>
> size = base64_encode(%addr(sha1): %size(sha1)
> : %addr(base64): %len(base64));
>
>
>
>
>
> The 'base64_encodee()' procedure is part of the Scott's Base64
> encoder/decoder which is available at [1]http://www.scottklement.com/base64/.
>
> Thomas.
>
> ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx schrieb am 11.01.2012 16:33:28:
>
>> Von: josefondeur@xxxxxxxxxxx
>> An: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
>> Datum: 11.01.2012 19:11
>> Betreff: Help
>> Gesendet von: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
>>
>>
>>
>>
>>
>>
>>
>>
>> Hi,
>>
>> New to Web Services in need of help. I'm using HTTPAPI to create a
>> process in to consume Web Services.
>>
>> Few highlights on the process:
>> a) Requires SSL validation (working fine)
>> b) Using http_url_post_xml
>> c) Below request works fine using SoapUi tool.
>> d) I get a 500 error, as you well know, a generic error that does
>> not says much.
>>
>> Here is the issue as far I can understand it and more important,
>> explain or ask the correct question.
>>
>> 1)The SOAP request must contain some dynamic information derived
>> from the values included in the<Body>, using the total length of
>> the information, this function
>> (ds:DigestMethod Algorithm=) returns a pseudo key value
>> (<ds:DigestValue>) to properly work (please see RED below). As
>> mentioned, this is dynamic value and the key
>> value, it changes every time the request is sent (even when using
> SoapUi)
>> Question: Is there a function in HTTPAPI that would execute
>> DigestMethod Algorithm and return key value?
>>
>> 2) In SoapUi there are some parameters or settings I needed to
>> modify for the request to work;
>> a) I need respecify the "Outgoing WSS"
>> b) Strip whitespaces (set to "true")
>>
>> Here is the SOAP variable
>>
>> Soap =
>>
>> '<soapenv:Envelope xmlns:amer="[2]http://www.xxxxxxxxxxx.com"; '+
>>
>> 'xmlns:soapenv="[3]http://schemas.xmlsoap.org/soap/envelope/";>'+
>>
>> '<soapenv:Header><wsse:Security '+
>>
>> 'xmlns:wsse="[4]http://docs.oasis-open.org/wss/2004/01/'+
>>
>> 'oasis-200401-wss-wssecurity-secext-1.0.xsd">'+
>>
>> '<wsse:BinarySecurityToken '+
>>
>> 'EncodingType="[5]http://docs.oasis-open.org/wss/2004/01/'+
>>
>> 'oasis-200401-wss-soap-message-security-1.0#Base64Binary" '+
>>
>> 'ValueType="[6]http://docs.oasis-open.org/wss/2004/01/oasis-'+
>>
>> '200401-wss-x509-token-profile-1.0#X509v3" '+
>>
>> 'wsu:Id="CertId-EBB39D8FA1A2268132132623127725710" '+
>>
>> 'xmlns:wsu="[7]http://docs.oasis-open.org/wss/2004/01/'+
>>
>> 'oasis-200401-wss-wssecurity-utility-1.0.xsd">'+
>>
>> 'MIIDxzCCAq+gAwIBAgIETrmoejANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEB'+
>>
>> 'hMCVVMxEDAOBgNVBAgMB0FyaXpvbmExEDAOBgNVBAcMB1Bob2VuaXgxGTAXBg'+
>>
>> 'NVBAoMEEFtZXJpY2FuIEV4cHJlc3MxIzAhBgNVBAsMGk1lbWJlcnNoaXAgVHJ'+
>>
>> 'hdmVsIFNlcnZpY2VzMRQwEgYDVQQDDAtHbG9iYWxNYXhFMTAeFw0xMTExMDgy'+
>>
>> 'MjA4NThaFw0xNDExMDcyMjA4NThaMIGHMQswCQYDVQQGEwJVUzEQMA4GA1UEC'+
>>
>> 'AwHQXJpem9uYTEQMA4GA1UEBwwHUGhvZW5peDEZMBcGA1UECgwQQW1lcmljYW'+
>>
>> '4gRXhwcmVzczEjMCEGA1UECwwaTWVtYmVyc2hpcCBUcmF2ZWwgU2VydmljZXM'+
>>
>> 'xFDASBgNVBAMMC0dsb2JhbE1heEUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A'+
>>
>> 'MIIBCgKCAQEA5mdcg+iD8fnkoQlqfx7TncVV+zAZNtkwmTfEbJz2WeX9HxpA/'+
>>
>> '5n76dHU/P+X8BJcHrswYum0CoMImgUgZMoidWYjv1IJMcf+2cDfumfZZkroqK'+
>>
>> 'epaJWOPV98Fm8oH+gL7MrEZz/w4Zk9bnaOu1U/RiixjP9zf13OZRyOl+HofXZ'+
>>
>> 'LE5wyatJhOtp5AqEqi8sGKLKjQVp4ZiNNDytv4Wj/Fl5UMbmDBONRTWNfm6fX'+
>>
>> 'r8A/o5Io8SQ70NdsHMtqwZM8zIgR3MXJtC4wU31jrNfAYOSsy+CYHyf64DyAO'+
>>
>> 'wpyhxMqqz8ZlV1Xcz1tiQMCMYWX8zMVqVzjkbncuxsYOpzXbQIDAQABozkwNz'+
>>
>> 'AoBgNVHSUEITAfBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEATALBgN'+
>>
>> 'VHQ8EBAMCBPAwDQYJKoZIhvcNAQEFBQADggEBAOFNQn/EADvzXbSFnzno/zT2'+
>>
>> 'pX05oD27ephtI2CwnkDC53WAu3FC3vHu4KjWylu7BvYAPeJwaZK2qzvEHx2AG'+
>>
>> 'Nq0rwEbu12Alu+8IGJ0+qqLqrH4JHetjv/J3RfkbwtCcxCMNVN1BGHS6GpQxe'+
>>
>> 'ToUJTcTj++lmGxp1xyN3U3DiEOytKZnPyPmc2fcj9MZ06jInE0MGajTsKcX90'+
>>
>> 'fDBBubm2u79LbBy45cD8Eh9nVL3GunEEoa/wCfITQaBVSDtzZN3x0A4Amo94w'+
>>
>> 'G4FS7ZOWRWJXkx4x8qL4c8+nxwoholEuzQZCr/fem2KzI/hl1XXHiJIhP20u1'+
>>
>> 'VQhgtgx3iwz8zg=</wsse:BinarySecurityToken>'+
>>
>> '<ds:Signature Id="Signature-7" '+
>>
>> 'xmlns:ds="[8]http://www.w3.org/2000/09/xmldsig#";> '+
>>
>> '<ds:SignedInfo> '+
>>
>> '<ds:CanonicalizationMethod '+
>>
>> 'Algorithm="[9]http://www.w3.org/2001/10/xml-exc-c14n#"/> '+
>>
>> '<ds:SignatureMethod '+
>>
>> 'Algorithm="[10]http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> '+
>>
>> '<ds:Reference URI="#id-8"> '+
>>
>> '<ds:Transforms> '+
>>
>> '<ds:Transform Algorithm='+
>>
>> '"[11]http://www.w3.org/2001/10/xml-exc-c14n#"/> '+
>>
>> '</ds:Transforms> '+
>>
>> '<ds:DigestMethod '+
>>
>> 'Algorithm="[12]http://www.w3.org/2000/09/xmldsig#sha1"/> '+
>>
>> '<ds:DigestValue>NuGOmMaLjpJvLQgR8pILOcXYsBI=</ds:DigestValue>'+
>>
>> '</ds:Reference> '+
>>
>> '</ds:SignedInfo> '+
>>
>> '<ds:SignatureValue> '+
>>
>> 'Q55oV4O9v72ej1zAhEb3nWH6pmrOL3XgY2vZargw47oUCCqRdsm0tmz/wrn1Qc'+
>>
>> 'sUznZJvAhrDqG7jRfaFZFZt2/xFDJl4vneXBc91pcxbJ1HvKZHujQk81zzRI+v'+
>>
>> '4rwnQNmKHrRn2VBgqomx9EG2hbbWHwQLgg1VZTcLt26dqCJGQN0v0CbaA15Zj5'+
>>
>> 'DY+FScrJTSxL81wJ7OitbepLJpDnep4PlB+dU8HsUch85TfQakTkpJJF8wpaZH'+
>>
>> 'GnPL7R58FUOB/cQkTzhUwoI440V2itwi95xh/D7uscto6Ii/6R5qaD+5o93A3Q'+
>>
>> 'npltMJCr8bCCykqU2fsvr4Y0mEb8/zQw== '+
>>
>> '</ds:SignatureValue> '+
>>
>> '<ds:KeyInfo Id="KeyId-EBB39D8FA1A2268132132623127725711"> '+
>>
>> '<wsse:SecurityTokenReference '+
>>
>> 'wsu:Id="STRId-EBB39D8FA1A2268132132623127725712" '+
>>
>> 'xmlns:wsu="[13]http://docs.oasis-open.org/wss/2004/01/'+
>>
>> 'oasis-200401-wss-wssecurity-utility-1.0.xsd">'+
>>
>> '<wsse:Reference URI="#CertId-EBB39D8FA1A2268132132623127725710" '+
>>
>> 'ValueType="[14]http://docs.oasis-open.org/wss/'+
>>
>> '2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>'+
>>
>> '</wsse:SecurityTokenReference> '+
>>
>> '</ds:KeyInfo> '+
>>
>> '</ds:Signature>'+
>>
>> '</wsse:Security>'+
>>
>> '</soapenv:Header>'+
>>
>> '<soapenv:Body wsu:Id="id-8" '+
>>
>> 'xmlns:wsu="[15]http://docs.oasis-open.org/wss/2004/01/'+
>>
>> 'oasis-200401-wss-wssecurity-utility-1.0.xsd">'+
>>
>> '<amer:ConsultarDocumento>'+
>>
>> '<amer:RFCEmisor>?</amer:RFCEmisor>'+
>>
>> '<amer:RFCReceptor>RAS910208GP3</amer:RFCReceptor>'+
>>
>> '<amer:FolioReferencia>938477584</amer:FolioReferencia>'+
>>
>> '<amer:TipoDocumento>Factura</amer:TipoDocumento>'+
>>
>> '</amer:ConsultarDocumento></soapenv:Body></soapenv:Envelope> ';
>>
>>
>> Question on http_url_post_xml, please explain parameter(s) in BLUE
> below.
>>
>>
>>
>> Rc = http_url_post_xml(
>>
>>
>>
>> '[16]https://WPDMW589.nac.ad.aexp.com/CFDWS/OnLiveIFService.svc'
>>
>>
>> :%Addr(Soap) + 2
>>
>>
>> :%Len(Soap)
>>
>>
>> :*Null
>>
>>
>> :%Paddr(Incoming)
>>
>>
>> :%Addr(String)
>>
>>
>> :Http_TimeOut
>>
>>
>> :Http_UserAgent
>>
>>
>> :'text/xml'
>>
>>
>> :'"[17]https://WPDMW589.nac.ad.aexp.com/CFDWS/OnLiveIFService.wsdl
>> "');
>>
>> I hope my lack of experience doing this does not annoy any one, and
>> my apologies in advance if I did not ask the correct question or
>> presented my issue clearly.
>>
>> Best Regards
>>
>>
>>
>>
>> -----------------------------------------------------------------------
>> This is the FTPAPI mailing list. To unsubscribe, please go to:
>> [18]http://www.scottklement.com/mailman/listinfo/ftpapi
>> -----------------------------------------------------------------------
>
>
> --
> IMPORTANT NOTICE:
> This email is confidential, may be legally privileged, and is for the
> intended recipient only. Access, disclosure, copying, distribution, or
> reliance on any of it by anyone else is prohibited and may be a criminal
> offence. Please delete if obtained in error and email confirmation to the sender
> .
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
> References
>
> 1. http://www.scottklement.com/base64/
> 2. http://www.xxxxxxxxxxx.com/
> 3. http://schemas.xmlsoap.org/soap/envelope/
> 4. http://docs.oasis-open.org/wss/2004/01/
> 5. http://docs.oasis-open.org/wss/2004/01/
> 6. http://docs.oasis-open.org/wss/2004/01/oasis-
> 7. http://docs.oasis-open.org/wss/2004/01/
> 8. http://www.w3.org/2000/09/xmldsig
> 9. http://www.w3.org/2001/10/xml-exc-c14n
> 10. http://www.w3.org/2000/09/xmldsig#rsa-sha1
> 11. http://www.w3.org/2001/10/xml-exc-c14n
> 12. http://www.w3.org/2000/09/xmldsig#sha1
> 13. http://docs.oasis-open.org/wss/2004/01/
> 14. http://docs.oasis-open.org/wss/
> 15. http://docs.oasis-open.org/wss/2004/01/
> 16. https://WPDMW589.nac.ad.aexp.com/CFDWS/OnLiveIFService.svc
> 17. https://WPDMW589.nac.ad.aexp.com/CFDWS/OnLiveIFService.wsdl
> 18. http://www.scottklement.com/mailman/listinfo/ftpapi
>
>
>
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------