Module: kamailio Branch: master Commit: 2e8ead7ec434e27a344916ddbf092337e6a0bdb4 URL: https://github.com/kamailio/kamailio/commit/2e8ead7ec434e27a344916ddbf092337...
Author: Piotr Gregor piotr@signalwire.com Committer: Daniel-Constantin Mierla miconda@gmail.com Date: 2021-03-18T08:43:26+01:00
modules: Add stirshaken module
This module uses libstirshaken to implement STIR-Shaken authentication and verification functions (STI-AS/VS). It allows for easy verification of a SIP call containing PASSporT wrapped into SIP Identity Header using a specific certificate, or a specific key, or by performing complete check on PASSporT including downloading certificate referenced in it's x5u header, and optionally checking it against trusted root certificates (X509 cert path check). Certificates may be cached and loaded from disk.
Example usage:
loadmodule "stirshaken" modparam("stirshaken", "as_default_key", "/path/to/key")
modparam("stirshaken", "vs_verify_x509_cert_path", 1) modparam("stirshaken", "vs_ca_dir", "/path/to/ca") modparam("stirshaken", "vs_cache_certificates", 1) modparam("stirshaken", "vs_cache_dir", "/tmp/cert_cache") modparam("stirshaken", "vs_cache_expire_s", 90)
request_route { (...) stirshaken_add_identity("https://sp.com/sp.pem", "B", "+44100", "+44200", "ref"); (...)
request_route { (...) stirshaken_check_identity(); (...)
---
Added: src/modules/stirshaken/Makefile Added: src/modules/stirshaken/stirshaken_mod.c
---
Diff: https://github.com/kamailio/kamailio/commit/2e8ead7ec434e27a344916ddbf092337... Patch: https://github.com/kamailio/kamailio/commit/2e8ead7ec434e27a344916ddbf092337...
-
Daniel-Constantin Mierla