EldoS | Feel safer!

Software components for data protection, secure storage and transfer

About The TElXMLWSUTimestamp Prefix

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#32734
Posted: 03/24/2015 18:52:37
by İsmail Kocacan (Basic support level)
Joined: 03/07/2015
Posts: 10

I'm trying the your SecureSoap demo.

I added following code lines to your SecureSOAP test project.

Code
int x = _SOAPMessage.AddSecurityHeader();
TElXMLWSSESecurity header = _SOAPMessage.get_SecurityHeaders(x);
TElXMLWSUTimestamp timestamp = new TElXMLWSUTimestamp();
header.AddToken(timestamp);
timestamp.CreatedUTC = DateTime.UtcNow;
timestamp.ExpiresUTC = DateTime.UtcNow.AddMinutes(5);
timestamp.ID = "id-1000";


I added signed request xml document.

Code
<?xml version="1.0" encoding="UTF-8"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
   <s:Header>
      <Action xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none" xmlns:a="http://schemas.xmlsoap.org/soap/envelope/" a:mustUnderstand="1">urn:GetBatchStatus</Action>
      <VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDP...CQAA</VsDebuggerCausalityData>
      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <Timestamp xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-1000">
            <Created>2015-03-24T23:29:33.772Z</Created>
            <Expires>2015-03-24T23:34:33.772Z</Expires>
         </Timestamp>
         <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="id-1937847221">MIIFhzCCBG+gAwI...Idrn/nxOb...8GmE/lRUMy+/soDb...lWXm+B8dVhyERzHYIrm3rSkc/mQB0v+1YYzJ4muK6mm/NQ8kE7d+eofMYz1eK/azMytZ8FfFDGSUPafcwMs3bGeT1pV/jhrSbWnSJAgMBAAGjggJ5MIICdTAfBgNVHSMEGDAWgBRGIKlTGygMHK7yKFGDsx6+8lMUfDAdBgNVHQ4EFgQUXJnPNR7eXrl0bm9O+y3+5lgIB5YwDgYDVR0PAQH/BAQD...TAQH/BAIw...pGdl+joAPJ4smn+A43tiDp5+aTKMlWyBkqou1SZBUb0xS7GuI9HFYMyE7jzn+zdHyzZg41rc8u25+ezZPU6W6RMID4lJtR22M11Ff2aJNRUHiWmTmqZJr1/j84/gZlzwevu+1ZN4dYJGwjudYuzQuFQugX8muQm+kCxo...R0pP+yUfPz0rmkXYw2prCTzNiDf1p46hJiJ9S1AbtqD+6a+C8605UVSQ/4E2TAsXwLEdf</wsse:BinarySecurityToken>
         <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-1">
            <ds:SignedInfo>
               <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
               <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
               <ds:Reference URI="#id-1733011348">
                  <ds:Transforms>
                     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="web" />
                     </ds:Transform>
                  </ds:Transforms>
                  <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
                  <ds:DigestValue>y16Ee4N5O3YkxzrWdrFTScD1ThCtrJqFlsksQJ+NrL4=</ds:DigestValue>
               </ds:Reference>
               <ds:Reference URI="#id-1000">
                  <ds:Transforms>
                     <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                        <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse soap web" />
                     </ds:Transform>
                  </ds:Transforms>
                  <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
                  <ds:DigestValue>AiYW4GGSVnk8RiAaHY3nX3DwDxk=</ds:DigestValue>
               </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>bfG5...rlnD+RbSa3gHV3e5K8gbkhRM+RGsKSoO1oj9INkyqtVJCJDyUNapCDlvdgqUn/zEmlHXyjBX5gMWUH40O6B7U/m2mjfFf2X3R+t0y5...VUpc+02w+0K9nT9RF54hq+nc4f...C9Px+up13GKPw==</ds:SignatureValue>
            <ds:KeyInfo Id="KI-2B1CE5D5CD4A26CDE514228880100312">
               <wsse:SecurityTokenReference>
                  <wsse:Reference URI="#id-1937847221" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
               </wsse:SecurityTokenReference>
            </ds:KeyInfo>
         </ds:Signature>
      </wsse:Security>
   </s:Header>
   <s:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" wsu:Id="id-1733011348">
      <getBatchStatus xmlns="http://webservice.edefter.gib.gov.tr/">
         <paketID xmlns="">adasdaas</paketID>
      </getBatchStatus>
   </s:Body>
</s:Envelope>


why don't generate wsu prefix for Timestamp element ?
when I verify the signature,showing "signature contains and invalid references" message.

When I check signature references,signed body reference "verified ok",
but signed timestamp reference is "BAD digest or data" message.

When I send the signed soap xml with soap ui,then return response

Code
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <soap:Body>
      <soap:Fault>
         <faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:FailedCheck</faultcode>
         <faultstring>The signature or decryption was invalid</faultstring>
      </soap:Fault>
   </soap:Body>
</soap:Envelope>


Best regards


life is a journey,not a destination
#32748
Posted: 03/25/2015 05:32:27
by Dmytro Bogatskyy (EldoS Corp.)

Thank you for contacting us.

Quote
I added following code lines to your SecureSOAP test project.

Where did you add this code?

I have added your code to SecureSOAP sample and it produced a correct result (valid reference).
I have modified SecureSOAP sample in the following way: in MainForm.cs file in btnAddSignature_Click() method before a line:
Code
((TElXMLWSSSignatureHandler)handler).Sign(Cert, SignatureHandlerFinalOptionsForm.Instance.EmbedCertificate);

I have added the following code:
Code
int x = _SOAPMessage.AddSecurityHeader();
TElXMLWSSESecurity header = _SOAPMessage.get_SecurityHeaders(x);
header.XMLElement.SetAttributeNS("", "xmlns:wsu", SBXMLDefs.Unit.xmlWSUNamespace); // add this line to define wsu namespace
TElXMLWSUTimestamp timestamp = new TElXMLWSUTimestamp();
header.AddToken(timestamp);
timestamp.CreatedUTC = DateTime.UtcNow;
timestamp.ExpiresUTC = DateTime.UtcNow.AddMinutes(5);
timestamp.ID = "id-1000";

x = handler.AddReference(timestamp);
TElXMLReference Ref = handler.References[x];
if (Ref.TransformChain.Count == 1)
  (Ref.TransformChain.get_Transforms(0) as TElXMLC14NTransform).InclusiveNamespacesPrefixList = "wsse soap web";

((TElXMLWSSSignatureHandler)handler).SecurityHeader = header;
#32753
Posted: 03/25/2015 06:24:26
by İsmail Kocacan (Basic support level)
Joined: 03/07/2015
Posts: 10

Thank you so much.

I will try your code lines.

I'm trying to understand events


life is a journey,not a destination
#32754
Posted: 03/25/2015 06:40:07
by İsmail Kocacan (Basic support level)
Joined: 03/07/2015
Posts: 10

I added the following line of code.

Code
header.XMLElement.SetAttributeNS("", "xmlns:wsu", SBXMLDefs.Unit.xmlWSUNamespace); // add this line to define wsu namespace



Which are you applying steps in SecureSOAP GUI test project ?


life is a journey,not a destination
#32757
Posted: 03/25/2015 07:54:46
by Dmytro Bogatskyy (EldoS Corp.)

Hello,
Quote

Which are you applying steps in SecureSOAP GUI test project ?

Sorry, it is unclear what you are trying to do. Could you please rephrase the question.
Quote
header.XMLElement.SetAttributeNS("", "xmlns:wsu", SBXMLDefs.Unit.xmlWSUNamespace);

This code line defines "wsu" prefix (the "xmlns:wsu" attribute specifies the namespace for the current element), so the newly created element (Timestamp) will automatically use "wsu" prefix based on its Namespace URI. If there is no prefix defined then a default Namespace URI would be set and used.
Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.

Reply

Statistics

Topic viewed 804 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!