[OpenSIPS-Users] Stir/Shaken Certificate Failed to Load

2021-05-20 Thread Kneeoh via Users 
Hi, following the docs and blog post here:
https://opensips.org/docs/modules/3.1.x/stir_shaken.html and here:
https://blog.opensips.org/2020/01/23/shaken-not-stirred/

I'm getting an error regarding certificate parsing and loading. I'm guessing
it's got to do with how I'm loading the certs. I just want to see if I can
make it add the identity header and this is a test run so it's just a simple
hard code:

 # Do Stir/Shaken Signing
$var(cert) = "/home/homey/key.pem-public.pem";
$var(privKey) = "/home/homey/private_key.pem";
stir_shaken_auth("A", "$ci", "$var(cert)", "$var(privKey)",
"https://certs.example.org/cert.pem;);

results in no identity header and the following in the logs:
May 20 18:16:10 stir-shaken /usr/local/sbin/opensips[65744]:
ERROR:stir_shaken:load_cert: Failed to parse certificate
May 20 18:16:10 stir-shaken /usr/local/sbin/opensips[65744]:
ERROR:stir_shaken:w_stir_auth: Failed to load certificate

Any guidance would be appreciated.



--
Sent from: 
http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

[OpenSIPS-Users] STIR/Shaken payload issue.

2021-05-20 Thread Sunil More 
Hello All,  I was working to use stir shaken module. The certificates are put in place and Identity Header is also created. However the Identity when tried to put on JWT.io for validation , I can observe that the payload is not good.  Here is the identity Header Identity: eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9hcHBzLnNhbWVzcGFjZS5jb20vc2VydmVyLmNydCJ9.eyJhdHRlc3QiOCIiwiZGVzdCI6eyJ0biI6WyI5MTk1MDMzMzgyNzUiXX0sImlhdCI6MTYyMDkxMDc3Nywib3JpZyI6eyJ0biI6IjkxOTUwMzMzODI3NiJ9LCJvcmlnaWQiOiJkc2FkYXNhc2Zkcy1kc2FkYXNkLXNWRzIn0.JzYHlbStXK7gpmRWVZY_IC8VmeZfaKWBzGTOfGU82OQ3w28lctaYv-YAzBdjqjUGJKISid327KSzUGGvpXYBSg;info=;ppt="shaken"After JWT.io Header for algorithm and token type  looks ok ..{  "alg": "ES256",  "ppt": "shaken",  "typ": "passport",  "x5u": "https://apps.samespace.com/server.crt"}However payload looks like this which is probably some invalid JSON, I am not sure what could cause this."{\"attest\"8\"\"�#��'F�#��#�\u0013�S\u000�#sR%���&�\u0017B#�\u0013c#\u0003�\u0013\u0003ssr�&�&�r#��'F�#�#�\u0013�S\u000�#sb'��&�&�v�B#�\u0016F\u00176\u00176fG2�G6\u0016F\u00176B�5ds\"}"Here is the code snippet used . stir_shaken_auth("B", $var(origid),$var(cert), $var(privKey),"https://apps.samespace.com/server.crt","919503338276","919503338275"); I am using opensips version as below  version: opensips 3.1.1 (x86_64/linux)flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, HP_MALLOC, DBG_MALLOC, FAST_LOCK-ADAPTIVE_WAITADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535poll method support: poll, epoll, sigio_rt, select.git revision: 229ec0793main.c compiled on 11:50:44 Jan 15 2021 with gcc 7 Kindly let me know if there is something wrong that I could be doing. I checked the sample from https://transnexus.com/whitepapers/understanding-stir-shaken/The Identity from this example shows a good payload.   Regards,Sunil MorePhone : 919503338275Sent from Mail for Windows 10 

___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users