Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Need help creating a valid nonce

Tags:

java

soap

web-services

digest

wsse

I am trying to consume a web service that uses Password Digest mode, and I have these functions in my Java application to generate a random nonce, creation date and password digest. I can't get past the Authentication Failed error, and the documentation isn't overly clear on whether they want SHA-1 or MD5, as it mentions both in passing. I've tried MD5 instead of SHA-1 and I am getting the same result. I managed to get the requests to work via a test on SoapUI, but I have no idea how that application is generating the digest / nonce. Any help is appreciated.

Here's the code I am using to generate the nonce and the password digest:

    private static SOAPMessage createSOAPRequest() throws Exception 
    {
        String password = "FakePassword";

        String nonce = generateNonce(); 
        System.out.println("Nonce = " + nonce);

        DateFormat dateFormatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
        dateFormatter.setTimeZone(TimeZone.getTimeZone("UTC"));
        Date today = Calendar.getInstance().getTime();
        String created = dateFormatter.format(today);
        System.out.println("Created = " + created);

        String passwordDigest = buildPasswordDigest(nonce, created, password);
        System.out.println("Password Digest = " + passwordDigest);
    }

    private static String buildPasswordDigest(String nonce, String created, String password) throws NoSuchAlgorithmException, UnsupportedEncodingException
    {
        MessageDigest sha1;
        String passwordDigest = null;

        try
        {
            sha1 = MessageDigest.getInstance("SHA-1");
            sha1.update(Base64.decodeBase64(nonce));
            sha1.update(created.getBytes("UTF-8"));
            passwordDigest = new String(Base64.encodeBase64(sha1.digest(password.getBytes("UTF-8"))));
            sha1.reset();
        }
        catch (NoSuchAlgorithmException e) 
        {
            e.printStackTrace();
        }

        return passwordDigest;
    }

    private static String generateNonce() throws NoSuchAlgorithmException, NoSuchProviderException, UnsupportedEncodingException
    {
        String dateTimeString = Long.toString(new Date().getTime());
        byte[] nonceByte = dateTimeString.getBytes();
        return Base64.encodeBase64String(nonceByte);
    }
like image 842
Amy Avatar asked Oct 19 '22 03:10

Amy

1 Answers

The solution was to replace the line sha1.update(nonce.getBytes("UTF-8")); with sha1.update(Base64.decodeBase64(nonce));

like image 200
F. Stephen Q Avatar answered Nov 02 '22 23:11

F. Stephen Q
Sign in to Comment

Related questions

Thread safety with RSA Cipher
NullPointerException when sending ISO8583 request
Java Websockets on JVM Cluster
Jersey custom Context injection
GWT 2.7.0 Super Dev Mode, don't recompile server side code after change
exception in thread main - java.util.InputMismatchException
Dagger - Accessing Singleton object from other class
Programmatically delete SMS doesn't work
Why doesn't the JavaScript method execute when inserted into the DOM from JavaFX?
Why FilterInputStream and FilterOutputStream have different access modifiers in their constructors?
How to get Container Managed DataSource Object in Structs Action
No EjbContext available
Disable automatic Wadl Generation for OPTIONS request
FitsSystemWindows not working
What is the best way to implement custom validation in spring application?
Adding methods to a class using Groovy in Java
Spring Batch Admin, could not replace placeholder 'batch.business.schema.script'
Get Default Element Value from Annotation in Java
Assign a unique id to every request in a spring-based web application
How to see the compiler output when running javac through an Ant task?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!