2016年4月10日 星期日

Online Password Digest of WSS v1.1 Username Token Profile

The WSS 1.1 Username Token Profile allows digest passwords to be sent in a wsse:UsernameToken of a SOAP message. The formula is
Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) )
Below list 2 test vector
Test Vector 1
Nonce : juVKtZ22NkCZfPadWjVAs2UAAAAAAA==
created: 2016-03-24T06:16:28.732Z
password = 1234
PasswordDigest: oXq1ma7BR1vYdHBW01Hn1Aa1ppQ=
Test Vector 2
Nonce : Mdr8Vh3rBzmt1s+3b+nvNJWIlKk=
created: 2016-03-12T11:54:16Z
password = 1234
PasswordDigest: s/bk3KbayLIJb4mK95+g+Feu7+Y=

You can use this form to check the correctness of your password digest.
nonce:       
created:     
password:
Reference:
  1. https://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-UsernameTokenProfile.pdf
  2. http://www.esqsoft.com/javascript_examples/date-to-epoch.htm
  3. https://blogs.oracle.com/ashutosh/entry/hash_password_support_and_token