I have a Sony SNC-CH110 camera. The default user is "admin" and the password is "admin". My biggest problem is authentication.
<SOAP-ENV:Fault> <SOAP-ENV:Code> <SOAP-ENV:Value>SOAP-ENV:Sender</SOAP-ENV:Value> <SOAP-ENV:Subcode> <SOAP-ENV:Value>ter:NotAuthorized</SOAP-ENV:Value> </SOAP-ENV:Subcode> </SOAP-ENV:Code> <SOAP-ENV:Reason> <SOAP-ENV:Text xml:lang="en">Sender not Authorized</SOAP-ENV:Text> </SOAP-ENV:Reason> <SOAP-ENV:Detail> <SOAP-ENV:Text xml:lang="en">The action requested requires authorization and the sender is not authorized </SOAP-ENV:Text> </SOAP-ENV:Detail> </SOAP-ENV:Fault>
According to the ONVIF specification 1.02, I use the "username token profile" for authentication, which is described in the specification http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile -1.0.pdf or at http://www.onvif.org/Portals/0/documents/WhitePapers/ONVIF_WG-APG-Application_Programmer%27s_Guide.pdf
The following is the Script that I use to generate a soap request:
<?xml version="1.0" encoding="utf-8"?> <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:tds="http://www.onvif.org/ver10/device/wsdl"> <SOAP-ENV:Header> <Security SOAP-ENV:mustUnderstand="1" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <UsernameToken> <Username>admin</Username> <wsse:Password Type=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wssusername-token-profile-1.0#PasswordDigest"">" + hashBase64 + @"</wsse:Password> <wsse:Nonce >" + Convert.ToBase64String(_nonce) + @"</wsse:Nonce> <Created>" + dt + @"</Created> </UsernameToken> </Security> </SOAP-ENV:Header> <SOAP-ENV:Body> <tds:GetCapabilities> <tds:Category>All</tds:Category> </tds:GetCapabilities> </SOAP-ENV:Body> </SOAP-ENV:Envelope>"
Here is my code to send the request:
byte[] _nonce = new byte[16]; RandomNumberGenerator rndGenerator = new RNGCryptoServiceProvider(); rndGenerator.GetBytes(_nonce); // get other operands to the right format string dt = DateTime.UtcNow.ToString("yyyy-MM-ddThh:mm:ss.fffZ"); byte[] time = Encoding.UTF8.GetBytes(dt); byte[] pwd = Encoding.UTF8.GetBytes("admin"); byte[] operand = new byte[_nonce.Length + time.Length + pwd.Length]; Array.Copy(_nonce, operand, _nonce.Length); Array.Copy(time, 0, operand, _nonce.Length, time.Length); Array.Copy(pwd, 0, operand, _nonce.Length + time.Length, pwd.Length); // create the hash SHA1 sha1 = SHA1.Create(); string hashBase64 = Convert.ToBase64String(sha1.ComputeHash(operand)); XmlDocument xml = new XmlDocument(); xml.Load("../../../xml/GetCapabilities.xml"); Communication.SendTcpXml(xml.InnerXml, new Uri("http://192.168.1.25/onvif/device_service"));
I am really confused because I cannot find a mistake. It is very interesting that when I use the date, password, nonce and username from the ONVIF Device Manager program (I took it through Wireshark), I will succeed. BUT, I donβt understand how this password is a hash program, because I do it exactly according to the specification, and when I use the same date, note and password, I canβt get the same hashed password as this program. I would be grateful for any help, thanks.