我正在尝试使用 Signature API (JSON) 对一个微型缓冲区进行签名,作为集成到我的项目中的 POC。我正在使用 CoSign 试用开发者帐户服务器。签名已成功创建,但在尝试验证缓冲区时,响应包含以下(不是很有用)错误:
{u'ErrData': {u'Code': -24,
u'InnerCode': -1878850959,
u'Message': u'Failed to verify buffer.',
u'Module': u'VerifyBuffer'},
u'Success': False}
我已遵循此页面中的文档:
http://docs.arx.com/CoSign_APIs/doc_v7.1/Default.htm#doc_7.1/Verify Buffer.htm#_Toc398808255%3FTocPath%3DCoSign%2520Signature%7CAPI%7CSigning%2520and%2520Verifying%7C_____4
我在 python 中附加了我的代码(删除了用户名和密码)
import urllib2
import hashlib
import xml.dom.minidom
import base64
import pprint
import json
class Client:
SIGN_URL = 'https://prime.cosigntrial.com:8081/sapiws/SignBuffer'
VERIFY_URL = 'https://prime.cosigntrial.com:8081/sapiws/VerifyBuffer'
GET_CERTS_URL = 'https://prime.cosigntrial.com:8081/sapiws/UserCertificatesGet'
HEADERS = {'Content-Type': 'application/json; charset=utf-8'}
def __init__(self, username, password):
self._username = username
self._password = password
def signBytes(self, bytes):
obj = dict(
Username=self._username, Password=self._password,
BufferToSign=base64.b64encode(bytes))
return self._transaction(obj)
def verifyBytes(self, bytes, signature):
obj = dict(
BufferToSign=base64.b64encode(bytes), Signature=signature)
return self._transaction(obj, url=self.VERIFY_URL)
def getCertificates(self):
return self._transaction(dict(Username=self._username, Password=self._password), url=self.GET_CERTS_URL)
def signUsingHash(self, bytes):
digest = hashlib.sha512(bytes).digest()
obj = dict(
Username=self._username, Password=self._password,
BufferToSign=base64.b64encode(digest),
BufferHash=True, HashAlg="Sha512")
return self._transaction(obj)
def verifyUsingHash(self, bytes, signature):
digest = hashlib.sha512(bytes).digest()
obj = dict(
BufferToSign=base64.b64encode(digest), Signature=signature,
BufferHash=True)
return self._transaction(obj, url=self.VERIFY_URL)
def _transaction(self, message, url=SIGN_URL):
print "Y"*100
pprint.pprint(message)
request = urllib2.Request(url, json.dumps(message))
connection = urllib2.urlopen(request)
try:
return json.loads(connection.read())
finally:
connection.close()
client = Client(username="", password="")
value = "ABCDEFG"
response1 = client.signBytes(value)
print "X"*100
print response1
verified1 = client.verifyBytes(value, response1[u'Data'] [u'Signature'])
print "Z"*100
pprint.pprint(verified1)
我也尝试过使用 BufferHash 参数并自己计算哈希值,但出现了同样的错误。
最佳答案
要使代码正常运行,您需要做的就是:
将您预定义的请求 header 传递给请求本身-
urllib2.Request(url, json.dumps(message), self.HEADERS)请注意,返回的签名 base64 编码数据包含冗余的\r\n 字符(这是一个已知问题,将在以后的版本中修复)。在将数据传递给验证操作之前,只需删除这些字符。例如-
client.verifyBytes(value, response1[u'Data'][u'Signature'].replace("\r\n", ""))
关于cosign-api - Cosign Signature API (json, not SOAP) 不验证自己创建的签名,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28563531/