stoneyrh / gsoap Goto Github PK

I am trying to encrypt the soap message using the function soap_wsse_add_EncryptedKey() but it is not encrypting the soap body.

Here is the snapshot of the code.

soap_wsse_set_wsu_id((*proxy)->soap, "wsse:BinarySecurityToken SOAP-ENV:Body");

if ( soap_wsse_add_BinarySecurityTokenX509((*proxy)->soap, "X509Token", *cert1 )
|| soap_wsse_add_KeyInfo_SecurityTokenReferenceX509((*proxy)->soap, "#X509Token")
|| soap_wsse_sign_body((*proxy)->soap, SOAP_SMD_SIGN_RSA_SHA256, *pkey1, 0)
|| soap_wsse_sign_only((*proxy)->soap, "SOAP-ENV:Body") ) {
	return ( 3 );
}
    soap_wsse_add_EncryptedKey((*proxy)->soap, SOAP_MEC_AES256_CBC, "Cert", <X509> public key cert, NULL, NULL, NULL)

Document says to follow this way to encrypt. but it is failing to encrypt the data, I am using gsoap-2.8.116, same was happening with lower version of gsoap. Any help will be highly appreciated.

gsoap\uddi2 Run make and an error is reported

error: invalid initialization of reference of type ‘uddi2__bindingDetail&’ from expression of type ‘uddi2__bindingDetail*’
if (soap_call___inq2__find_USCOREbinding(soap, endpoint, NULL, this, result))

We found seperate SSL and JSON-RPC( gsoap-2.8/gsoap/samples/xml-rpc-json/ssl & xml-json-rpc) examples and they are working fine individually. We intergrated SSL server(/ssl/sslserver.c) into json-currentTimeServer.cpp and SSL client(ssl/sslclient) into json-currentTime.cpp.We can able encrypt JSON RPC request from RPC client(Seen in wireshark) and not able detect by json_recv(ctx, request) in server.

Is it JSON-RPC over SSL is strongly discouraged?

How can we approach SSL integration in JSON-RPC

Updated versions of gsoap were released on SourceForge since mid June 2017 to fix a potential vulnerability. See the advisory for details. Updating is strongly recommended.