Re: [OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-24 Thread Devang Dhandhalya 
Hello vlad

Thank you so much For your response , Verification Service works using
those certificates .

Regards,
Devang Dhandhalya

On Tue, Nov 23, 2021 at 10:32 PM Vlad Patrascu  wrote:

> Hello Devang,
>
> The cache_fetch() functions returns -2 when the key is not found so it's
> normal when getting the certificate the first time.
>
> STIR/SHAKEN requires that the certificates have the TnAuthList extension.
> You can check out some examples on how to generate such certificates in
> this document [1] at Appendix A or this script [2].
>
> [1]
> https://cstga.ca/wp-content/uploads/2020/07/ATIS-180.v002_SHAKEN-Governance-Model.pdf
>
> [2]
> https://github.com/OpenSIPIt/OpenSIPIt_00/blob/master/STIR_SHAKEN/Certgen/gencert.sh
>
> Regards,
>
> --
> Vlad Patrascu
> OpenSIPS Core Developerhttp://www.opensips-solutions.com
>
> On 22.11.2021 14:41, Devang Dhandhalya wrote:
>
> Hello Vlad
>
> Authentication service works fine. Now I am getting an error in the
> stir_shaken_verify function , after fetching a certificate, I am getting
> below error . I generated private keys and X509 certificates using
> prime256v1" EC.
> After fetching the certificate I am getting var(found) = -2 can you please
> tell me about this too .
>
> OpenSIPS Logs :
>
>
>
>
>
> *var(found) = [-2] INFO:stir_shaken:validate_certificate: The certificate
> is missing the TnAuthList extension INFO:stir_shaken:w_stir_verify: Invalid
> certificate return code : [-8] stir_shaken_verify() failed:437, Unsupported
> Credential *
> below opensips script snippet :
>
> $var(found) = cache_fetch("local",$identity(x5u),$var(cert));
>
>
> if (!$var(found) || !stir_shaken_check_cert("$var(cert)")) {
> rest_get("$identity(x5u)",$var(cert),$var(ctype),
> $var(http_rc));
> if ($rc<0 ) {
> send_reply(436, "Bad Identity Info");
> exit;
> }
> cache_store("local", $identity(x5u),"$var(cert)");
> }
>
>
> $var(rc_verify)= stir_shaken_verify($var(cert),
> $var(err_sip_code),$var(err_sip_reason),"$var(orig)","$var(dest)");
> if ($var(rc_verify) < 0) {
>
> send_reply(
> $var(err_sip_code),$var(err_sip_reason));
> exit;
> }
>
> Kindly inform me why I am getting this error . Please suggest a solution
> to this .
>
>
> Regards
> Devang Dhandhalya
>
>
> On Fri, Nov 19, 2021 at 3:16 PM Devang Dhandhalya <
> devang.dhandha...@ecosmob.com> wrote:
>
>> Hello Vlad
>>
>> Thanks for your response . Authentication service works .
>>
>> Regards ,
>> Devang Dhandhalya
>>
>>
>> On Wed, Nov 17, 2021 at 8:57 PM Devang Dhandhalya <
>> devang.dhandha...@ecosmob.com> wrote:
>>
>>> hello all
>>>
>>>
>>> Above E.164 Error still getting .Right now I'm getting the below error .
>>> Can anyone tell me why I am getting this error ? as far as i know this
>>> error for x5u parameter in stir_shaken_auth function , this issue coming
>>> for certificate path or certificate file format .
>>>
>>>
>>> I check the certificate file with .der and .cer format also .
>>>
>>> Here is the code snippet used .
>>> $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)", 
>>> "$var(pkey)","http://localhost/certificate.pem","$var(orig)","$var(dest)");
>>>
>>> Below Error i am getting .
>>>
>>>
>>> ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal 
>>> format
>>>
>>> ERROR:stir_shaken:w_stir_auth: Failed to add Identity header
>>>
>>> STIR_SHAKEN AUTHENTICATION SERVICE  return code : -1
>>>
>>>
>>> Kindly let me know if there is something wrong that I could be doing.
>>>
>>> Many Thanks
>>> Devang Dhandhalya
>>>
>>>
>>> On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya <
>>> devang.dhandha...@ecosmob.com> wrote:
>>>
 Hi All

 I configured the e164 strict mode module parameter as 0 (disabled) .
 but still i am getting errors related to its e164 format .While if
 orig/dest number is not in e164 format then also opensips have to accept it
 but it is not accepting .  I have a user like extension123 for this
 function I have to perform authentication service . if i have a user
 extension123 is it possible to perform authenticate service for this kind
 of user ?

 I think this is a bug for the e164 strict mode  module parameter . I am
 getting the below error .

 opensips version : 3.2.2

 ERROR :
  ERROR:stir_shaken:check_passport_phonenum: number is not in E.164
 format: extension123
  ERROR:stir_shaken:w_stir_auth: failed to validate Originator number
 (extension123)


 loadmodule "stir_shaken.so"
 modparam("stir_shaken", "auth_date_freshness", 300)
 modparam("stir_shaken", "verify_date_freshness", 300)
 modparam("stir_shaken", "require_date_hdr", 0)
 modparam("stir_shaken", "e164_strict_mode", 0)

 $var(orig) = $fU;
 $var(dest) = $tU

Re: [OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-23 Thread Vlad Patrascu 

Hello Devang,

The cache_fetch() functions returns -2 when the key is not found so it's 
normal when getting the certificate the first time.


STIR/SHAKEN requires that the certificates have the TnAuthList 
extension. You can check out some examples on how to generate such 
certificates in this document [1] at Appendix A or this script [2].


[1] 
https://cstga.ca/wp-content/uploads/2020/07/ATIS-180.v002_SHAKEN-Governance-Model.pdf


[2] 
https://github.com/OpenSIPIt/OpenSIPIt_00/blob/master/STIR_SHAKEN/Certgen/gencert.sh


Regards,

--
Vlad Patrascu
OpenSIPS Core Developer
http://www.opensips-solutions.com

On 22.11.2021 14:41, Devang Dhandhalya wrote:

Hello Vlad

Authentication service works fine. Now I am getting an error in the 
stir_shaken_verify function , after fetching a certificate, I am 
getting below error . I generated private keys and X509 certificates 
using prime256v1" EC.
After fetching the certificate I am getting var(found) = -2 can you 
please tell me about this too .


OpenSIPS Logs :
*
*
*var(found) = [-2]
INFO:stir_shaken:validate_certificate: The certificate is missing the 
TnAuthList extension

INFO:stir_shaken:w_stir_verify: Invalid certificate
return code : [-8] stir_shaken_verify() failed:437, Unsupported Credential
*
below opensips script snippet :

$var(found) = cache_fetch("local",$identity(x5u),$var(cert));


if (!$var(found) || !stir_shaken_check_cert("$var(cert)")) {
rest_get("$identity(x5u)",$var(cert),$var(ctype), $var(http_rc));
                        if ($rc<0 ) {
                                send_reply(436, "Bad Identity Info");
                                exit;
                        }
cache_store("local", $identity(x5u),"$var(cert)");
                }


$var(rc_verify)= stir_shaken_verify($var(cert), 
$var(err_sip_code),$var(err_sip_reason),"$var(orig)","$var(dest)");

                if ($var(rc_verify) < 0) {

                        send_reply( 
$var(err_sip_code),$var(err_sip_reason));

                        exit;
                }

Kindly inform me why I am getting this error . Please suggest a 
solution to this .



Regards
Devang Dhandhalya


On Fri, Nov 19, 2021 at 3:16 PM Devang Dhandhalya 
mailto:devang.dhandha...@ecosmob.com>> 
wrote:


Hello Vlad

Thanks for your response . Authentication service works .

Regards ,
Devang Dhandhalya

On Wed, Nov 17, 2021 at 8:57 PM Devang Dhandhalya
mailto:devang.dhandha...@ecosmob.com>> wrote:

hello all


Above E.164 Error still getting .Right now I'm getting the below error .
Can anyone tell me why I am getting this error ? as far as i know this
error for x5u parameter in stir_shaken_auth function , this issue coming
for certificate path or certificate file format .


I check the certificate file with .der and .cer format also .

Here is the code snippet used .


$var(rc_auth)=stir_shaken_auth("A",
"GWID-123456","$var(cert)",
"$var(pkey)","http://localhost/certificate.pem
","$var(orig)","$var(dest)");

Below Error i am getting .


ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to 
internal format

ERROR:stir_shaken:w_stir_auth: Failed to add Identity header

STIR_SHAKEN AUTHENTICATION SERVICE  return code : -1

Kindly let me know if there is something wrong that I could be
doing. Many Thanks Devang Dhandhalya


On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya
mailto:devang.dhandha...@ecosmob.com>> wrote:

Hi All

I configured the e164 strict mode module parameter as 0
(disabled) . but still i am getting errors related to its
e164 format .While if orig/dest number is not in e164
format then also opensips have to accept it but it is not
accepting .  I have a user like extension123 for this
function I have to perform authentication service . if i
have a user extension123 is it possible to perform
authenticate service for this kind of user ?

I think this is a bug for the e164 strict mode  module
parameter . I am getting the below error .

opensips version : 3.2.2

ERROR :
 ERROR:stir_shaken:check_passport_phonenum: number is not
in E.164 format: extension123
 ERROR:stir_shaken:w_stir_auth: failed to validate
Originator number (extension123)


loadmodule "stir_shaken.so"
modparam("stir_shaken", "auth_date_freshness", 300)
modparam("stir_shaken", "verify_date_freshness", 300)
modparam("stir_shaken", "require_date_hdr", 0)
modparam("stir_shaken", "e164_strict_mode", 0)

$var(orig) = $fU;
$var(dest) = $tU
 $var(rc_auth)=stir_shaken_auth("A",
"GWID-123456","$var(cert)",

Re: [OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-22 Thread Devang Dhandhalya 
Hello Vlad

Authentication service works fine. Now I am getting an error in the
stir_shaken_verify function , after fetching a certificate, I am getting
below error . I generated private keys and X509 certificates using
prime256v1" EC.
After fetching the certificate I am getting var(found) = -2 can you please
tell me about this too .

OpenSIPS Logs :





*var(found) = [-2]INFO:stir_shaken:validate_certificate: The certificate is
missing the TnAuthList extensionINFO:stir_shaken:w_stir_verify: Invalid
certificatereturn code : [-8] stir_shaken_verify() failed:437, Unsupported
Credential*
below opensips script snippet :

$var(found) = cache_fetch("local",$identity(x5u),$var(cert));


if (!$var(found) || !stir_shaken_check_cert("$var(cert)")) {
rest_get("$identity(x5u)",$var(cert),$var(ctype),
$var(http_rc));
if ($rc<0 ) {
send_reply(436, "Bad Identity Info");
exit;
}
cache_store("local", $identity(x5u),"$var(cert)");
}


$var(rc_verify)= stir_shaken_verify($var(cert),
$var(err_sip_code),$var(err_sip_reason),"$var(orig)","$var(dest)");
if ($var(rc_verify) < 0) {

send_reply(
$var(err_sip_code),$var(err_sip_reason));
exit;
}

Kindly inform me why I am getting this error . Please suggest a solution to
this .


Regards
Devang Dhandhalya


On Fri, Nov 19, 2021 at 3:16 PM Devang Dhandhalya <
devang.dhandha...@ecosmob.com> wrote:

> Hello Vlad
>
> Thanks for your response . Authentication service works .
>
> Regards ,
> Devang Dhandhalya
>
>
> On Wed, Nov 17, 2021 at 8:57 PM Devang Dhandhalya <
> devang.dhandha...@ecosmob.com> wrote:
>
>> hello all
>>
>>
>> Above E.164 Error still getting .Right now I'm getting the below error .
>> Can anyone tell me why I am getting this error ? as far as i know this
>> error for x5u parameter in stir_shaken_auth function , this issue coming
>> for certificate path or certificate file format .
>>
>>
>> I check the certificate file with .der and .cer format also .
>>
>> Here is the code snippet used .
>>
>> $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)", 
>> "$var(pkey)","http://localhost/certificate.pem","$var(orig)","$var(dest)");
>>
>>
>> Below Error i am getting .
>>
>>
>> ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal 
>> format
>>
>> ERROR:stir_shaken:w_stir_auth: Failed to add Identity header
>>
>> STIR_SHAKEN AUTHENTICATION SERVICE  return code : -1
>>
>>
>> Kindly let me know if there is something wrong that I could be doing.
>>
>> Many Thanks
>> Devang Dhandhalya
>>
>>
>> On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya <
>> devang.dhandha...@ecosmob.com> wrote:
>>
>>> Hi All
>>>
>>> I configured the e164 strict mode module parameter as 0 (disabled) . but
>>> still i am getting errors related to its e164 format .While if orig/dest
>>> number is not in e164 format then also opensips have to accept it but it is
>>> not accepting .  I have a user like extension123 for this function I have
>>> to perform authentication service . if i have a user extension123 is it
>>> possible to perform authenticate service for this kind of user ?
>>>
>>> I think this is a bug for the e164 strict mode  module parameter . I am
>>> getting the below error .
>>>
>>> opensips version : 3.2.2
>>>
>>> ERROR :
>>>  ERROR:stir_shaken:check_passport_phonenum: number is not in E.164
>>> format: extension123
>>>  ERROR:stir_shaken:w_stir_auth: failed to validate Originator number
>>> (extension123)
>>>
>>>
>>> loadmodule "stir_shaken.so"
>>> modparam("stir_shaken", "auth_date_freshness", 300)
>>> modparam("stir_shaken", "verify_date_freshness", 300)
>>> modparam("stir_shaken", "require_date_hdr", 0)
>>> modparam("stir_shaken", "e164_strict_mode", 0)
>>>
>>> $var(orig) = $fU;
>>> $var(dest) = $tU
>>>  $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
>>> "$var(pkey)","http://localhost/certificate.pem
>>> ","$var(orig)","$var(dest)");
>>>
>>> Please suggest a solution to this .
>>>
>>> Many Thanks
>>> Devang
>>>
>>

-- 
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely those of 
the originator and do not necessarily represent those of the Company or its 
sister concerns. Any liability (in negligence, contract or otherwise) 
arising from any third party taking any action, or refraining from taking 
any action on the basis of any of the information contained in this email 
is hereby excluded.



*Confidentiality*
This communication (including any 
attachment/s) is intended only for the use of the addressee(s) and contains 
information that is PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, 
dissemination, distribution, or copying of this communication is 
prohibited. Please inform originator if you have received it in error.

Re: [OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-19 Thread Devang Dhandhalya 
Hello Vlad

Thanks for your response . Authentication service works .

Regards ,
Devang Dhandhalya


On Wed, Nov 17, 2021 at 8:57 PM Devang Dhandhalya <
devang.dhandha...@ecosmob.com> wrote:

> hello all
>
>
> Above E.164 Error still getting .Right now I'm getting the below error .
> Can anyone tell me why I am getting this error ? as far as i know this
> error for x5u parameter in stir_shaken_auth function , this issue coming
> for certificate path or certificate file format .
>
>
> I check the certificate file with .der and .cer format also .
>
> Here is the code snippet used .
>
> $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)", 
> "$var(pkey)","http://localhost/certificate.pem","$var(orig)","$var(dest)");
>
>
> Below Error i am getting .
>
>
> ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal 
> format
>
> ERROR:stir_shaken:w_stir_auth: Failed to add Identity header
>
> STIR_SHAKEN AUTHENTICATION SERVICE  return code : -1
>
>
> Kindly let me know if there is something wrong that I could be doing.
>
> Many Thanks
> Devang Dhandhalya
>
>
> On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya <
> devang.dhandha...@ecosmob.com> wrote:
>
>> Hi All
>>
>> I configured the e164 strict mode module parameter as 0 (disabled) . but
>> still i am getting errors related to its e164 format .While if orig/dest
>> number is not in e164 format then also opensips have to accept it but it is
>> not accepting .  I have a user like extension123 for this function I have
>> to perform authentication service . if i have a user extension123 is it
>> possible to perform authenticate service for this kind of user ?
>>
>> I think this is a bug for the e164 strict mode  module parameter . I am
>> getting the below error .
>>
>> opensips version : 3.2.2
>>
>> ERROR :
>>  ERROR:stir_shaken:check_passport_phonenum: number is not in E.164
>> format: extension123
>>  ERROR:stir_shaken:w_stir_auth: failed to validate Originator number
>> (extension123)
>>
>>
>> loadmodule "stir_shaken.so"
>> modparam("stir_shaken", "auth_date_freshness", 300)
>> modparam("stir_shaken", "verify_date_freshness", 300)
>> modparam("stir_shaken", "require_date_hdr", 0)
>> modparam("stir_shaken", "e164_strict_mode", 0)
>>
>> $var(orig) = $fU;
>> $var(dest) = $tU
>>  $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
>> "$var(pkey)","http://localhost/certificate.pem
>> ","$var(orig)","$var(dest)");
>>
>> Please suggest a solution to this .
>>
>> Many Thanks
>> Devang
>>
>

-- 
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely those of 
the originator and do not necessarily represent those of the Company or its 
sister concerns. Any liability (in negligence, contract or otherwise) 
arising from any third party taking any action, or refraining from taking 
any action on the basis of any of the information contained in this email 
is hereby excluded.



*Confidentiality*
This communication (including any 
attachment/s) is intended only for the use of the addressee(s) and contains 
information that is PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, 
dissemination, distribution, or copying of this communication is 
prohibited. Please inform originator if you have received it in error.


*Caution for viruses, malware etc.*
This communication, including any 
attachments, may not be free of viruses, trojans, similar or new 
contaminants/malware, interceptions or interference, and may not be 
compatible with your systems. You shall carry out virus/malware scanning on 
your own before opening any attachment to this e-mail. The sender of this 
e-mail and Company including its sister concerns shall not be liable for 
any damage that may incur to you as a result of viruses, incompleteness of 
this message, a delay in receipt of this message or any other computer 
problems. 
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-18 Thread Vlad Patrascu 

Hi Devang,

The error:

ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal format

may be a bit misleading as the private key and certificate must be 
provided in PEM format to the stir_shaken_auth() function. The DER 
format that the error refers to is used only internally, for an 
intermediary step. On the other hand, you may get the same error if the 
private key is not generated as an "prime256v1" EC key.


Regarding the e164_strict_mode module parameter, the orig/dest number 
should still be in E.164 format, except the leading '+' sign, which is 
not required when the parameter is turned off. The parameter is also 
related to the type of URI required (tel URI / sip URI with the 
"user=phone" parameter).


Regards,

Vlad

--
Vlad Patrascu
OpenSIPS Core Developer
http://www.opensips-solutions.com

On 17.11.2021 17:27, Devang Dhandhalya wrote:

hello all


Above E.164 Error still getting .Right now I'm getting the below error .
Can anyone tell me why I am getting this error ? as far as i know this
error for x5u parameter in stir_shaken_auth function , this issue coming
for certificate path or certificate file format .


I check the certificate file with .der and .cer format also .

Here is the code snippet used .


$var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)", 
"$var(pkey)","http://localhost/certificate.pem 
","$var(orig)","$var(dest)");


Below Error i am getting .


ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal format

ERROR:stir_shaken:w_stir_auth: Failed to add Identity header

STIR_SHAKEN AUTHENTICATION SERVICE  return code : -1

Kindly let me know if there is something wrong that I could be doing. 
Many Thanks Devang Dhandhalya



On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya 
mailto:devang.dhandha...@ecosmob.com>> 
wrote:


Hi All

I configured the e164 strict mode module parameter as 0 (disabled)
. but still i am getting errors related to its e164 format .While
if orig/dest number is not in e164 format then also opensips have
to accept it but it is not accepting .  I have a user like
extension123 for this function I have to perform authentication
service . if i have a user extension123 is it possible to perform
authenticate service for this kind of user ?

I think this is a bug for the e164 strict mode  module parameter .
I am getting the below error .

opensips version : 3.2.2

ERROR :
 ERROR:stir_shaken:check_passport_phonenum: number is not in E.164
format: extension123
 ERROR:stir_shaken:w_stir_auth: failed to validate Originator
number (extension123)


loadmodule "stir_shaken.so"
modparam("stir_shaken", "auth_date_freshness", 300)
modparam("stir_shaken", "verify_date_freshness", 300)
modparam("stir_shaken", "require_date_hdr", 0)
modparam("stir_shaken", "e164_strict_mode", 0)

$var(orig) = $fU;
$var(dest) = $tU
 $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
"$var(pkey)","http://localhost/certificate.pem
","$var(orig)","$var(dest)");

Please suggest a solution to this .

Many Thanks
Devang


*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely 
those of the originator and do not necessarily represent those of the 
Company or its sister concerns. Any liability (in negligence, contract 
or otherwise) arising from any third party taking any action, or 
refraining from taking any action on the basis of any of the 
information contained in this email is hereby excluded.


*Confidentiality*
This communication (including any attachment/s) is intended only for 
the use of the addressee(s) and contains information that is 
PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, dissemination, 
distribution, or copying of this communication is prohibited. Please 
inform originator if you have received it in error.


*Caution for viruses, malware etc.*
This communication, including any attachments, may not be free of 
viruses, trojans, similar or new contaminants/malware, interceptions 
or interference, and may not be compatible with your systems. You 
shall carry out virus/malware scanning on your own before opening any 
attachment to this e-mail. The sender of this e-mail and Company 
including its sister concerns shall not be liable for any damage that 
may incur to you as a result of viruses, incompleteness of this 
message, a delay in receipt of this message or any other computer 
problems.


___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-17 Thread David Villasmil 
Hello,

What does the orig/dest look like in the payload?

On Wed, 17 Nov 2021 at 15:28, Devang Dhandhalya <
devang.dhandha...@ecosmob.com> wrote:

> hello all
>
>
> Above E.164 Error still getting .Right now I'm getting the below error .
> Can anyone tell me why I am getting this error ? as far as i know this
> error for x5u parameter in stir_shaken_auth function , this issue coming
> for certificate path or certificate file format .
>
>
> I check the certificate file with .der and .cer format also .
>
> Here is the code snippet used .
>
> $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)", 
> "$var(pkey)","http://localhost/certificate.pem","$var(orig)","$var(dest)");
>
>
> Below Error i am getting .
>
>
> ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal 
> format
>
> ERROR:stir_shaken:w_stir_auth: Failed to add Identity header
>
> STIR_SHAKEN AUTHENTICATION SERVICE  return code : -1
>
>
> Kindly let me know if there is something wrong that I could be doing.
>
> Many Thanks
>
>
> Devang Dhandhalya
>
>
> On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya <
> devang.dhandha...@ecosmob.com> wrote:
>
>> Hi All
>>
>> I configured the e164 strict mode module parameter as 0 (disabled) . but
>> still i am getting errors related to its e164 format .While if orig/dest
>> number is not in e164 format then also opensips have to accept it but it is
>> not accepting .  I have a user like extension123 for this function I have
>> to perform authentication service . if i have a user extension123 is it
>> possible to perform authenticate service for this kind of user ?
>>
>> I think this is a bug for the e164 strict mode  module parameter . I am
>> getting the below error .
>>
>> opensips version : 3.2.2
>>
>> ERROR :
>>  ERROR:stir_shaken:check_passport_phonenum: number is not in E.164
>> format: extension123
>>  ERROR:stir_shaken:w_stir_auth: failed to validate Originator number
>> (extension123)
>>
>>
>> loadmodule "stir_shaken.so"
>> modparam("stir_shaken", "auth_date_freshness", 300)
>> modparam("stir_shaken", "verify_date_freshness", 300)
>> modparam("stir_shaken", "require_date_hdr", 0)
>> modparam("stir_shaken", "e164_strict_mode", 0)
>>
>> $var(orig) = $fU;
>> $var(dest) = $tU
>>  $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
>> "$var(pkey)","http://localhost/certificate.pem
>> ","$var(orig)","$var(dest)");
>>
>> Please suggest a solution to this .
>>
>> Many Thanks
>> Devang
>>
>
> *Disclaimer*
> In addition to generic Disclaimer which you have agreed on our website,
> any views or opinions presented in this email are solely those of the
> originator and do not necessarily represent those of the Company or its
> sister concerns. Any liability (in negligence, contract or otherwise)
> arising from any third party taking any action, or refraining from taking
> any action on the basis of any of the information contained in this email
> is hereby excluded.
>
> *Confidentiality*
> This communication (including any attachment/s) is intended only for the
> use of the addressee(s) and contains information that is PRIVILEGED AND
> CONFIDENTIAL. Unauthorized reading, dissemination, distribution, or copying
> of this communication is prohibited. Please inform originator if you have
> received it in error.
>
> *Caution for viruses, malware etc.*
> This communication, including any attachments, may not be free of viruses,
> trojans, similar or new contaminants/malware, interceptions or
> interference, and may not be compatible with your systems. You shall carry
> out virus/malware scanning on your own before opening any attachment to
> this e-mail. The sender of this e-mail and Company including its sister
> concerns shall not be liable for any damage that may incur to you as a
> result of viruses, incompleteness of this message, a delay in receipt of
> this message or any other computer problems.
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-- 
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-17 Thread Devang Dhandhalya 
hello all


Above E.164 Error still getting .Right now I'm getting the below error .
Can anyone tell me why I am getting this error ? as far as i know this
error for x5u parameter in stir_shaken_auth function , this issue coming
for certificate path or certificate file format .


I check the certificate file with .der and .cer format also .

Here is the code snippet used .

$var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
"$var(pkey)","http://localhost/certificate.pem","$var(orig)","$var(dest)");


Below Error i am getting .


ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal format

ERROR:stir_shaken:w_stir_auth: Failed to add Identity header

STIR_SHAKEN AUTHENTICATION SERVICE  return code : -1


Kindly let me know if there is something wrong that I could be doing.

Many Thanks
Devang Dhandhalya


On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya <
devang.dhandha...@ecosmob.com> wrote:

> Hi All
>
> I configured the e164 strict mode module parameter as 0 (disabled) . but
> still i am getting errors related to its e164 format .While if orig/dest
> number is not in e164 format then also opensips have to accept it but it is
> not accepting .  I have a user like extension123 for this function I have
> to perform authentication service . if i have a user extension123 is it
> possible to perform authenticate service for this kind of user ?
>
> I think this is a bug for the e164 strict mode  module parameter . I am
> getting the below error .
>
> opensips version : 3.2.2
>
> ERROR :
>  ERROR:stir_shaken:check_passport_phonenum: number is not in E.164 format:
> extension123
>  ERROR:stir_shaken:w_stir_auth: failed to validate Originator number
> (extension123)
>
>
> loadmodule "stir_shaken.so"
> modparam("stir_shaken", "auth_date_freshness", 300)
> modparam("stir_shaken", "verify_date_freshness", 300)
> modparam("stir_shaken", "require_date_hdr", 0)
> modparam("stir_shaken", "e164_strict_mode", 0)
>
> $var(orig) = $fU;
> $var(dest) = $tU
>  $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
> "$var(pkey)","http://localhost/certificate.pem
> ","$var(orig)","$var(dest)");
>
> Please suggest a solution to this .
>
> Many Thanks
> Devang
>

-- 
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely those of 
the originator and do not necessarily represent those of the Company or its 
sister concerns. Any liability (in negligence, contract or otherwise) 
arising from any third party taking any action, or refraining from taking 
any action on the basis of any of the information contained in this email 
is hereby excluded.



*Confidentiality*
This communication (including any 
attachment/s) is intended only for the use of the addressee(s) and contains 
information that is PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, 
dissemination, distribution, or copying of this communication is 
prohibited. Please inform originator if you have received it in error.


*Caution for viruses, malware etc.*
This communication, including any 
attachments, may not be free of viruses, trojans, similar or new 
contaminants/malware, interceptions or interference, and may not be 
compatible with your systems. You shall carry out virus/malware scanning on 
your own before opening any attachment to this e-mail. The sender of this 
e-mail and Company including its sister concerns shall not be liable for 
any damage that may incur to you as a result of viruses, incompleteness of 
this message, a delay in receipt of this message or any other computer 
problems. 
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Re: [OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-17 Thread Devang Dhandhalya 
hello all


Above E.164 Error still getting .Right now I'm getting the below error .
Can anyone tell me why I am getting this error ? as far as i know this
error for x5u parameter in stir_shaken_auth function , this issue coming
for certificate path or certificate file format .


I check the certificate file with .der and .cer format also .



ERROR:stir_shaken:add_identity_hf: Failed to convert from DER to internal
format

ERROR:stir_shaken:w_stir_auth: Failed to add Identity header

STIR_SHAKEN AUTHENTICATION SERVICE  return code : -1


On Wed, Nov 17, 2021 at 11:37 AM Devang Dhandhalya <
devang.dhandha...@ecosmob.com> wrote:

> Hi All
>
> I configured the e164 strict mode module parameter as 0 (disabled) . but
> still i am getting errors related to its e164 format .While if orig/dest
> number is not in e164 format then also opensips have to accept it but it is
> not accepting .  I have a user like extension123 for this function I have
> to perform authentication service . if i have a user extension123 is it
> possible to perform authenticate service for this kind of user ?
>
> I think this is a bug for the e164 strict mode  module parameter . I am
> getting the below error .
>
> opensips version : 3.2.2
>
> ERROR :
>  ERROR:stir_shaken:check_passport_phonenum: number is not in E.164 format:
> extension123
>  ERROR:stir_shaken:w_stir_auth: failed to validate Originator number
> (extension123)
>
>
> loadmodule "stir_shaken.so"
> modparam("stir_shaken", "auth_date_freshness", 300)
> modparam("stir_shaken", "verify_date_freshness", 300)
> modparam("stir_shaken", "require_date_hdr", 0)
> modparam("stir_shaken", "e164_strict_mode", 0)
>
> $var(orig) = $fU;
> $var(dest) = $tU
>  $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
> "$var(pkey)","http://localhost/certificate.pem
> ","$var(orig)","$var(dest)");
>
> Please suggest a solution to this .
>
> Many Thanks
> Devang
>

-- 
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely those of 
the originator and do not necessarily represent those of the Company or its 
sister concerns. Any liability (in negligence, contract or otherwise) 
arising from any third party taking any action, or refraining from taking 
any action on the basis of any of the information contained in this email 
is hereby excluded.



*Confidentiality*
This communication (including any 
attachment/s) is intended only for the use of the addressee(s) and contains 
information that is PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, 
dissemination, distribution, or copying of this communication is 
prohibited. Please inform originator if you have received it in error.


*Caution for viruses, malware etc.*
This communication, including any 
attachments, may not be free of viruses, trojans, similar or new 
contaminants/malware, interceptions or interference, and may not be 
compatible with your systems. You shall carry out virus/malware scanning on 
your own before opening any attachment to this e-mail. The sender of this 
e-mail and Company including its sister concerns shall not be liable for 
any damage that may incur to you as a result of viruses, incompleteness of 
this message, a delay in receipt of this message or any other computer 
problems. 
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

[OpenSIPS-Users] STIR/SHAKEN E.164 strict mode module parameter not working .

2021-11-16 Thread Devang Dhandhalya 
Hi All

I configured the e164 strict mode module parameter as 0 (disabled) . but
still i am getting errors related to its e164 format .While if orig/dest
number is not in e164 format then also opensips have to accept it but it is
not accepting .  I have a user like extension123 for this function I have
to perform authentication service . if i have a user extension123 is it
possible to perform authenticate service for this kind of user ?

I think this is a bug for the e164 strict mode  module parameter . I am
getting the below error .

opensips version : 3.2.2

ERROR :
 ERROR:stir_shaken:check_passport_phonenum: number is not in E.164 format:
extension123
 ERROR:stir_shaken:w_stir_auth: failed to validate Originator number
(extension123)


loadmodule "stir_shaken.so"
modparam("stir_shaken", "auth_date_freshness", 300)
modparam("stir_shaken", "verify_date_freshness", 300)
modparam("stir_shaken", "require_date_hdr", 0)
modparam("stir_shaken", "e164_strict_mode", 0)

$var(orig) = $fU;
$var(dest) = $tU
 $var(rc_auth)=stir_shaken_auth("A", "GWID-123456","$var(cert)",
"$var(pkey)","http://localhost/certificate.pem","$var(orig)","$var(dest)");

Please suggest a solution to this .

Many Thanks
Devang

-- 
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely those of 
the originator and do not necessarily represent those of the Company or its 
sister concerns. Any liability (in negligence, contract or otherwise) 
arising from any third party taking any action, or refraining from taking 
any action on the basis of any of the information contained in this email 
is hereby excluded.



*Confidentiality*
This communication (including any 
attachment/s) is intended only for the use of the addressee(s) and contains 
information that is PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, 
dissemination, distribution, or copying of this communication is 
prohibited. Please inform originator if you have received it in error.


*Caution for viruses, malware etc.*
This communication, including any 
attachments, may not be free of viruses, trojans, similar or new 
contaminants/malware, interceptions or interference, and may not be 
compatible with your systems. You shall carry out virus/malware scanning on 
your own before opening any attachment to this e-mail. The sender of this 
e-mail and Company including its sister concerns shall not be liable for 
any damage that may incur to you as a result of viruses, incompleteness of 
this message, a delay in receipt of this message or any other computer 
problems. 
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users