douhuike3199 2016-09-15 16:55
浏览 74
已采纳

PHP字符串到XML独占C14N

I have an xml document (soap message) , wish i need to sign a part of it (the body). the Algorithm in the server require a sha256 of the body in the exclusive C14n format.

The problem that i hadn't built the document using the DOMDocument, I am just using strings and curl to send, so i can't use the ->C14N(true) method.

any alternatives?

PS: i tried to hash the raw string in sha256, but it doesn't give the same output as a hashed exclusive c14n canocalized string.

example of body : 

<soap:Body xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-samplebody">
<node1 data="x"/>
</soap:Body>
  • 写回答

1条回答 默认 最新

  • dongyoudi1342 2016-09-15 17:33
    关注

    thanks to Paul Crovella i had to retest the loadXML and C14N() and the result is awsome, it has the same fingerprint. so in order to calculate the hash of the body via XML exclusive C14N, do this : 

    $doc = new DOMDocument();
$doc->loadXML($string_to_be_signed);
echo base64_encode(sha1($doc->C14N(true)));
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?