[sr-dev] git:master:2e8ead7e: modules: Add stirshaken module
Daniel-Constantin Mierla
miconda at gmail.com
Thu Mar 18 08:43:30 CET 2021
Module: kamailio
Branch: master
Commit: 2e8ead7ec434e27a344916ddbf092337e6a0bdb4
URL: https://github.com/kamailio/kamailio/commit/2e8ead7ec434e27a344916ddbf092337e6a0bdb4
Author: Piotr Gregor <piotr at signalwire.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2021-03-18T08:43:26+01:00
modules: Add stirshaken module
This module uses libstirshaken to implement STIR-Shaken authentication and verification functions (STI-AS/VS).
It allows for easy verification of a SIP call containing PASSporT wrapped into SIP Identity Header using a specific certificate,
or a specific key, or by performing complete check on PASSporT including downloading certificate referenced in it's x5u header,
and optionally checking it against trusted root certificates (X509 cert path check). Certificates may be cached and loaded from disk.
Example usage:
loadmodule "stirshaken"
modparam("stirshaken", "as_default_key", "/path/to/key")
modparam("stirshaken", "vs_verify_x509_cert_path", 1)
modparam("stirshaken", "vs_ca_dir", "/path/to/ca")
modparam("stirshaken", "vs_cache_certificates", 1)
modparam("stirshaken", "vs_cache_dir", "/tmp/cert_cache")
modparam("stirshaken", "vs_cache_expire_s", 90)
request_route {
(...)
stirshaken_add_identity("https://sp.com/sp.pem", "B", "+44100", "+44200", "ref");
(...)
request_route {
(...)
stirshaken_check_identity();
(...)
---
Added: src/modules/stirshaken/Makefile
Added: src/modules/stirshaken/stirshaken_mod.c
---
Diff: https://github.com/kamailio/kamailio/commit/2e8ead7ec434e27a344916ddbf092337e6a0bdb4.diff
Patch: https://github.com/kamailio/kamailio/commit/2e8ead7ec434e27a344916ddbf092337e6a0bdb4.patch
More information about the sr-dev
mailing list