尝试启动 OneLogin 的示例 Flask 项目并获得:
Failed to build xmlsec
ERROR: Could not build wheels for xmlsec which use PEP 517 and cannot be installed directly
在尝试安装依赖项时。我已经尝试了在这里和其他地方找到的所有内容,但没有成功:
brew install libxml2 libxmlsec1 pkg-config
brew install libxmlsec1
我尝试通过 python3-saml 安装它,尝试使用 --no-use-pep517
尽管有很多报告,但我没有找到解决办法来使其发挥作用。
MacBook Pro、英特尔、MacOS Catalina、Python 3.8.2、pip 21.0.1(从 3.8 开始)
希望某个地方有一个明确的解决方案。
我从像这样的XML开始:
myXML="""<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:mes="http://www.ercot.com/schema/2007-06/nodal/ews/message">
<soapenv:Header> </soapenv:Header>
<soapenv:Body>
<RequestMessage xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.ercot.com/schema/2007-06/nodal/ews/message">
<Header>
<Verb>get</Verb>
<Noun>BidSet</Noun>
<ReplayDetection>
<Nonce>177766768</Nonce>
<Created>2018-10-22T09:03:33.169-05:00</Created>
</ReplayDetection>
<Revision>1</Revision>
<Source>QSAMP</Source>
<UserID>USER1</UserID>
<MessageID>test</MessageID>
<Comment>test</Comment>
</Header>
<Request>
<ID>QSAMP.20181020.EB.AB_C.BID123</ID>
</Request>
</RequestMessage>
</soapenv:Body>
</soapenv:Envelope>"""
我需要签名才能看起来像这样
<soapenv:Envelope xmlns:mes="http://www.ercot.com/schema/2007-06/nodal/ews/message" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-411BAD9927582E29B715402172715641">MIIEHTCCAwWgAwIBAgIBdDANBgkqhkiG9w0BAQsFADATMREwDwYDVQQKEwhFUkNPVERFVjAeFw0xNTA1MDYxODA4MjJaFw0yNTA1MDMxODA4MjJaMIIBHDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlRYMQ8wDQYDVQQHEwZUYXlsb3IxETAPBgNVBAoTCEVSQ09UREVWMRswGQYDVQQLExJFbXBsb3llZUlEIC0gVVNFUjExFzAVBgNVBAsTDk1QIC0gMDQzMjI2ODg1MSQwIgYDVQQLExtEVU5TIE51bWJlciAtIDA0MzIyNjg4NTIwMDAxGjAYBgNVBAsTEUVSQ09UIERldmVsb3BtZW50MQ4wDAYDVQQLEwVVU0VSMTEWMBQGA1UECxMNMDQzMjI2ODg1MjAwMDEcMBoGA1UEAxMTMDQzMjI2ODg1MjAwMCBVU0VSMTEeMBwGCSqGSIb3DQEJARYPdXNlcjFAZXJjb3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBBaWstqWoqqJb+xAU6KGEMt+OkQY6ubbEEQml5SxkqDQRppo8U1kMHqKn4XhP3llZQGsMIBBMelb3nE9R3cDRmVcm3gJrj+pdeRh0ZGgPNwkASI/ev6SGGwWvDgAPNr8l+/UrrzgAMaYe9DrDEiFFZt+8Si3bbF4TEPM8F+6lJ2sNPU/5QBSv99v3QtZrqZvctSs9HCEfuoU9f2jHFCW46PWhH1dJUiyH24GPjaw+ZbVhrz1ccJH+JwZKybXgUdL5/fzcOfWveMXkTd6ai0/pSHiJRrT8oOXuaBsprDi0dKYbZTNx9d+8/HOugmP1J235Zg/mogP9h5lmjbw6lm7wIDAQABo3EwbzAdBgNVHQ4EFgQUCYkq9iXtxcS2GnQWwzBVQrefV3UwQwYDVR0jBDwwOoAUxY2QrudEPe3ldnlEenhuy/ehYUShF6QVMBMxETAPBgNVBAoTCEVSQ09UREVWggkA4jYWHOuW0D4wCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAqVrVOfUbYotkL9Qmq5C8VYae+msJt4aG5SfXeWtND58DhDhx32PbWsFcQHPvJhHR+jV9dBg5yHkYMt712DJUsm2Fec+Cgc7yiJIFq1Pbs0cpe2NQqVJEaSzPyd6KB/nbJonIRtPFE+F4w4EHM+mbhdWecx7Tk8MH9235suZX50+uWPnnlYp9uJnqtJ13Mb6KObaCw/b8wXtFD1lu4B5p2W1vfgwhRR3Zh/f5AhuqaS+ZuMrwY7eM5LM278L5mzC+uYMT4fzzszDA3koXNTEqcCYCytj/sTO/UVqIO57/kU1l/ea+yj5E+Ak9yGBBu0sjua66bC5XwNFEOVrQLBkiUg==</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-411BAD9927582E29B715402172716115">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="mes soapenv"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-411BAD9927582E29B715402172716114">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="mes"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>Vd6yUSv013P7ov8AzF2IbYv7yS4=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>SnC9RHluvHxfg3zvfmoGHrfh6zfXSGUmGv9V351uhWgTn546tTU0/5LiaPsFEcfVxyWsoouVsBV9 VwCbw++6FmtehSCPH6CAO+1NngiE+miK6QThSqKJXj/5CbHwwfeQHqWRmf45AlCwvQiWhVqGi/tq
YViFi5t0aIMrdhLJDRNUv17UNPKVjcowyIbKLKQxSqNxB/PED8tF0oHC7rRmsEr3x7NqO/VZBWZd OgCQggWiAdXiBy+SwoooAufMs6t+2+YOFQtWLOHuIx79X+hFi3Gqff1I5vfiHust7/rZdSzx1wB/
T+aeNGIeIzQDNQoC55lhomgV0xp/3tZPHSzrqA==</ds:SignatureValue>
<ds:KeyInfo Id="KI-411BAD9927582E29B715402172716112">
<wsse:SecurityTokenReference wsu:Id="STR-411BAD9927582E29B715402172716113"> …我想使用任何可用的开源库在C中编写XML签名验证代码.我正在尝试使用xmlsec.我安装了http://www.zlatkovic.com/libxml.en.html中提到的依赖库.但是当我尝试编译http://www.aleksey.com/xmlsec/api/xmlsec-notes-verify-x509.html中给出的示例代码时,我收到一个错误
"./xmlsec/crypto.h:61:2:错误:#error没有定义加密库".
我正在尝试使用gcc在ubuntu中编译它.
有人可以指出如何定义crptolibrary(在这种情况下我想使用openssl).我使用"./configure make makeinstall"命令安装了openssl.
我想使用spring-ws-security来保护我的Web服务Wss4jSecurityInterceptor和签名.但是存在依赖冲突,这使得该系统不可行.在spring-ws-security:2.1.2.RELEASE似乎是行不通的为好.
spring-ws-security : 2.1.3.RELEASE [compile]
- wss4j : 1.6.5 [compile]
- xmlsec : 1.5.1 [compile]
- opensaml : 2.5.1-1 [compile]
- openws : 1.4.2-1 [compile]
- xmltooling : 1.3.2-1 [compile]
- xmlsec : 1.4.4 [compile] (omitted for conflict with 1.5.1)
有什么方法可以解决这个问题吗?
提前谢谢了.
假设我有这样的xml:
<?xml version="1.0" encoding="UTF-8"?>
<CATALOG>
<CD>
<TITLE>Empire Burlesque</TITLE>
<ARTIST>Bob Dylan</ARTIST>
<COUNTRY id="123">USA</COUNTRY>
<COMPANY>Columbia</COMPANY>
<PRICE>10.90</PRICE>
<YEAR>1985</YEAR>
</CD>
<CD>
<TITLE>Hide your heart</TITLE>
<ARTIST>Bonnie Tyler</ARTIST>
<COUNTRY>UK</COUNTRY>
<COMPANY>CBS Records</COMPANY>
<PRICE>9.90</PRICE>
<YEAR>1988</YEAR>
</CD>
<CD>
<TITLE>Greatest Hits</TITLE>
<ARTIST>Dolly Parton</ARTIST>
<COUNTRY>USA</COUNTRY>
<COMPANY>RCA</COMPANY>
<PRICE>9.90</PRICE>
<YEAR>1982</YEAR>
</CD>
</CATALOG>
签字后我得到:
<?xml version="1.0" encoding="UTF-8"?>
<CATALOG>
<CD>
<TITLE>Empire Burlesque</TITLE>
<ARTIST>Bob Dylan</ARTIST>
<COUNTRY id="123">USA</COUNTRY>
<COMPANY>Columbia</COMPANY>
<PRICE>10.90</PRICE>
<YEAR>1985</YEAR>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5"/>
<ds:DigestValue>C6i9GSNZ8seoXxfuFc482Q==</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
d/ufAnYK35PKUdi+O6DUytV+36OGAr5meHXq2qoOUp+zO1Q5HbJvIs01qlPT9oKiBEi2QiAF3Sya
ZVwi4hEI9xHkLiewmOxPo1KgVfJ1Ir2RPpkdegFYFx9QCMR4Z1M7zTkijCKv9ncWR4MYjOAfDrKf
fbvUX3AbRHlUYJj6M4QcrQUuBPhSqo4TcxtfblNqmKUT+141+sLSsuM2xy24YeyF7NUff9tirCiP
KgBHpFGtiJAdxugAlzqHaR9CP2kRA2Sg046NBo2yO/nTDfUKqquZm4aaZsLWbvKJYvrgqD4YgH4M
FFpK5ChgYa4oi7f9BAYxOFcY9f1OCHsvpdCbpw== …我正在尝试xmlsec在El Capitan 上安装,但我无法这样做.
我正按照此页面上的说明操作:
https://github.com/concordusapps/python-xmlsec
我什么时候pip install xmlsec得到:
Downloading xmlsec-0.3.1.tar.gz
Complete output from command python setup.py egg_info:
no previously-included directories found matching 'doc/.build'
Installed /private/tmp/easy_install-kotwF5/pkgconfig-1.1.0/.eggs/nose-1.3.7-py2.7.egg
zip_safe flag not set; analyzing archive contents...
Installed /private/tmp/pip-build-my91LX/xmlsec/.eggs/pkgconfig-1.1.0-py2.7.egg
Searching for setuptools-cython
Reading https://pypi.python.org/simple/setuptools_cython/
Best match: setuptools-cython 0.2.1
Downloading https://pypi.python.org/packages/source/s/setuptools_cython/setuptools_cython-0.2.1.tar.gz#md5=c29fc5bf2894e69cbd98e3800cef4707
Processing setuptools_cython-0.2.1.tar.gz
Writing /tmp/easy_install-xnAHIU/setuptools_cython-0.2.1/setup.cfg
Running setuptools_cython-0.2.1/setup.py -q bdist_egg --dist-dir /tmp/easy_install-xnAHIU/setuptools_cython-0.2.1/egg-dist-tmp-zk1125
zip_safe flag not set; analyzing archive contents...
Copying setuptools_cython-0.2.1-py2.7.egg to /private/tmp/pip-build-my91LX/xmlsec/.eggs
Installed /private/tmp/pip-build-my91LX/xmlsec/.eggs/setuptools_cython-0.2.1-py2.7.egg
Searching for Cython
Reading https://pypi.python.org/simple/Cython/
Traceback (most recent …