[SR-Users] SECSIPID Identity Decode

Daniel W. Graham dan at cmsinter.net
Thu Jul 1 05:31:24 CEST 2021


Here is an example, payload taken from Identity header.

Identity was added with secsipid_add_identity

Payload test:
$var(test) = "eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6I5ODkyODkyMjgwIl19LCJpYXQiOjE2MjUxMDk2MzQsIm9yaWciOnsidG4iOiI5ODk0MDA0MjMwIn0sIm9yaWdpZCI6IjNmYmE4NTg0LTRkNzMtNGU2NC04NDc5LTQ5MjU2ZGIyMWFhYSJ9";
xlogl("L_WARN", "$(var(test){s.decode.base64t})\n");

Result is:
{"attest":"A","dest":{"tn":#���#��##�#002%���&�#027B#�#023c#S#023#003�#023sB�&�&�r#��'F�#�#���C#003#003C#3#002'��&�&�v�B#�&#026Vc�s#006f"�&6#026#022�CVCB�#023c3#022�3#0066#�#026#6#026S�r'

-dan


From: sr-users <sr-users-bounces at lists.kamailio.org> on behalf of Daniel Graham <dan at cmsinter.net>
Reply-To: "Kamailio (SER) - Users Mailing List" <sr-users at lists.kamailio.org>
Date: Wednesday, June 30, 2021 at 5:32 PM
To: David Villasmil <david.villasmil.work at gmail.com>, "miconda at gmail.com" <miconda at gmail.com>, "Kamailio (SER) - Users Mailing List" <sr-users at lists.kamailio.org>
Subject: Re: [SR-Users] SECSIPID Identity Decode

That’s the same way I am doing it, I was just trying to do a verification that the identity header/payload was correct before activating new changes.

I will do further testing and share results. Just found it odd that the header would decode but payload wouldn’t.

Daniel W. Graham, CTO
CMSInter.net LLC
DIRECT (989) 400-4230

INTERNET | TELEPHONE | MANAGED IT


From: David Villasmil <david.villasmil.work at gmail.com>
Date: Wednesday, June 30, 2021 at 4:06 PM
To: "miconda at gmail.com" <miconda at gmail.com>, "Kamailio (SER) - Users Mailing List" <sr-users at lists.kamailio.org>
Cc: Daniel Graham <dan at cmsinter.net>
Subject: Re: [SR-Users] SECSIPID Identity Decode

I DO IT WITH:

# Break JWT
            $var(jwt1) = $(hdr(Identity){s.select,0,.}{s.decode.base64t});
            $var(jwt2) = $(hdr(Identity){s.select,1,.}{s.decode.base64t});


Regards,

David Villasmil
email: david.villasmil.work at gmail.com<mailto:david.villasmil.work at gmail.com>
phone: +34669448337


On Wed, Jun 30, 2021 at 8:48 PM Daniel-Constantin Mierla <miconda at gmail.com<mailto:miconda at gmail.com>> wrote:

Hello,

not familiar with python functions, have you tried with Kamailio transformation?

https://www.kamailio.org/wiki/cookbooks/5.5.x/transformations#sdecodebase64url

Maybe you have to specify in Python that it is ASCII, I remember I had to do decoding when porting kamcli to work with Python3 -- had to change from using directly the variables received as parameter to a decoded value, something like:

prefix = tprefix.encode("ascii", "ignore").decode()

Also, if you can, share the identity header here to test with and see if can be reproduced.

Cheers,
Daniel
On 30.06.21 21:14, Daniel W. Graham wrote:
I am unable to base64url decode the json payload in identity header generated by secsipid.

(Using python for test)
decoded_payload = url64.decode(‘payload’)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc2 in position 27: invalid continuation byte

Header decodes fine this way but not payload.

Is this an issue with the payload encoding?

Kamailio 5.5

Daniel W. Graham, CTO
CMSInter.net LLC
DIRECT (989) 400-4230

INTERNET | TELEPHONE | MANAGED IT





__________________________________________________________

Kamailio - Users Mailing List - Non Commercial Discussions

  * sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>

Important: keep the mailing list in the recipients, do not reply only to the sender!

Edit mailing list options or unsubscribe:

  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

--

Daniel-Constantin Mierla -- www.asipto.com<http://www.asipto.com>

www.twitter.com/miconda<http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda<http://www.linkedin.com/in/miconda>
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210701/6054c511/attachment.htm>


More information about the sr-users mailing list