Python wsse:Security SoapHeader implementation

Question

I should develop, in python, a client to connect to a web server. The connection is ok, but I get the exception that the wsse:Security is missing.

There is a python library that done it?

I need add, in my request this soapheader:

<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
                  xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-9B2722E6478D7D65FA16867406586991">---CERT---
</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-9B2722E6478D7D65FA16867406587194">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soapenv"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#Id-1959239586">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>---HOW?---</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>---HOW?---</ds:SignatureValue>
<ds:KeyInfo Id="KI-9B2722E6478D7D65FA16867406587042">
<wsse:SecurityTokenReference wsu:Id="STR-9B2722E6478D7D65FA16867406587063">
<wsse:Reference URI="#X509-9B2722E6478D7D65FA16867406586991" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>

wsu:Id="X509-9B2722E6478D7D65FA16867406586991">---CERT---

Where ---CERT--- is:

file = open(cerfile, mode="rb")
fileStr = file.read()
cert = crypto.load_certificate(crypto.FILETYPE_PEM, fileStr)
certB64 = base64.b64encode(crypto.dump_certificate(crypto.FILETYPE_ASN1, cert))

is correct?

About:

<ds:DigestValue>---HOW?---</ds:DigestValue>

How it is calculate?

About

<ds:SignatureValue>---HOW?---</ds:SignatureValue>

How it is calculate?

About

<ds:Reference URI="#Id-1959239586">

How it is calculate?

Last question, about all id (wsu:Id="X509-, Id="SIG-, wsu:Id="STR-, Id="KI-, wsu:Id="STR-), can I use the same dynamic ID? My code:

def genKey():
    x = ''.join(random.choices(string.ascii_letters + string.digits, k=32))
    return x

Python wsse:Security SoapHeader implementation

0 Answers0