Hi, an example of a PHP Client WSSE generator with Symfony
function hashPassword($password, $salt) { $salted = $password . '{' . $salt . '}'; $digest = hash('sha512', $salted, true); //5000 iterations: the sysmfony default iterations for ($i = 1; $i < 5000; $i++) { $digest = hash('sha512', $digest . $salted, true); } return base64_encode($digest); } function wsse_header($username, $hashedPassword) { $nonce = hash_hmac('sha512', uniqid(null, true), uniqid(), true); $created = new DateTime('now', new DateTimezone('UTC')); $created = $created->format(DateTime::ISO8601); $digest = hash('sha512', $nonce . $created . $hashedPassword, true); return sprintf( 'X-WSSE: UsernameToken Username="%s", PasswordDigest="%s", Nonce="%s", Created="%s"', $username, base64_encode($digest), base64_encode($nonce), $created ); } echo wsse_header('someUsername', hashPassword('somePassword', 'someSalt'));
You can adapt this example to other clients (Android, Ios, Javascript, ...)