问题
I have been creating hash password from the formula given by my airline supplier. I have search on this site and I got the solution from below link in C# but I want in PHP. Working algorithm for PasswordDigest in WS-Security
I have tried like this in php but password digest which I am getting is wrong
function getTimestamp()
{
$microtime = floatval(substr((string)microtime(), 1, 8));
$rounded = round($microtime, 3);
return gmdate("Y-m-d\TH:i:s") . substr((string)$rounded, 1, strlen($rounded))."Z";
}
$nounce = base64_encode(mt_rand(10000000, 99999999));
$timestamp = getTimestamp();
$password = "AMADEUS"; //clear password
$final_hashed_password = base64_encode(sha1($nounce.$timestamp.sha1($password)));
My values are generating like this
Nonce: ODczNzczNzE=
Timestamp: 2014-09-21T06:36:31.328Z
password: "TEST"
password digest I got: NjQxOThmZjViNmIwOGM0NGNiNDE1YTExNWQ3MDc2OGNlYjBjZDY2MA==
but password digest should generate like this
Right password digest: zGXsP85SuUngY7FjtnQizeO6yUk=
I know the algorithm for creating the Digest is:
Password_Digest = Base64 ( SHA-1 ( nonce + created + SHA-1 ( password ) ) )
Please help me to generate right hash password in php and also please see the above link which has the solution in c#
回答1:
Got the solution!...we have to decode the nonce and then apply the formula on it and in xml we have to send the encoded nonce
回答2:
As you mentioned - the issue was in Nonce.
If I may suggest, it may be better to use for nonce a stream of bytes (random_bytes), instead of mt_rand(10000000, 99999999) without encoding it. And then, only encode it when you'll be including it in the Nonce SOAP/XML node.
来源:https://stackoverflow.com/questions/25956587/working-algorithm-for-passworddigest-in-ws-security-php