[SR-Users] SECSIPID Identity Decode

Daniel-Constantin Mierla miconda at gmail.com
Fri Jul 2 08:07:42 CEST 2021


Good to know that sngrep is truncating long headers when it displays
them. Maybe it should be reported.

What I noticed with sngrep is that sometimes it does not display the
traffic in the pcap file while ngrep shows the packets. I didn't get the
time yet to dig in further and report back to the project -- mentioning
it here, might be useful for other to know about.

Cheers,
Daniel

On 02.07.21 00:11, Daniel W. Graham wrote:
>
> Confirmed it was due to the sngrep copy. Thanks for mentioning it!
>
>  
>
> -dan
>
>  
>
>  
>
> *From: *sr-users <sr-users-bounces at lists.kamailio.org> on behalf of
> Ben Kaufman <bkaufman at nexvortex.com>
> *Reply-To: *"Kamailio (SER) - Users Mailing List"
> <sr-users at lists.kamailio.org>
> *Date: *Thursday, July 1, 2021 at 12:49 PM
> *To: *"Kamailio (SER) - Users Mailing List" <sr-users at lists.kamailio.org>
> *Subject: *Re: [SR-Users] SECSIPID Identity Decode
>
>  
>
> Dump the header to your log file, and copy it from there.  I don’t
> know what happens with the ncurses in sngrep, but I finally looked
> them side by side and …. “Hey!  This one’s missing bytes!”
>
>  
>
> *Ben Kaufman*
>
> /Sr. VoIP Engineer/
>
>
> P:
>
> E: bkaufman at nexvortex.com <mailto:bkaufman at nexvortex.com>
>
> 24 hour client support: 855.639.6300 <tel:+18556396300>
>
>
>  
>
> *From:* sr-users <sr-users-bounces at lists.kamailio.org> *On Behalf Of
> *Daniel W. Graham
> *Sent:* Thursday, July 1, 2021 10:25 AM
> *To:* Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
> *Subject:* Re: [SR-Users] SECSIPID Identity Decode
>
>  
>
> Haha, yep :) I wondered if that was biting me.
>
>  
>
> -dan
>
>
>
>
>     On Jul 1, 2021, at 11:07 AM, Ben Kaufman <bkaufman at nexvortex.com
>     <mailto:bkaufman at nexvortex.com>> wrote:
>
>     I observed a similar behavior, but it was the result of my cutting
>     and pasting the identity header from sngrep, which looks to have
>     dropped a few bytes on the line break.  Any chance that’s what
>     you’re doing, too?
>
>      
>
>     *Ben Kaufman*
>
>     /Sr. VoIP Engineer/
>
>
>     P:
>
>     E: bkaufman at nexvortex.com <mailto:bkaufman at nexvortex.com>
>
>     24 hour client support: 855.639.6300 <tel:+18556396300>
>
>
>      
>
>     *From:* sr-users <sr-users-bounces at lists.kamailio.org
>     <mailto:sr-users-bounces at lists.kamailio.org>> *On Behalf Of
>     *Daniel W. Graham
>     *Sent:* Wednesday, June 30, 2021 10:31 PM
>     *To:* Kamailio (SER) - Users Mailing List
>     <sr-users at lists.kamailio.org
>     <mailto:sr-users at lists.kamailio.org>>; David Villasmil
>     <david.villasmil.work at gmail.com
>     <mailto:david.villasmil.work at gmail.com>>; Daniel-Constantin Mierla
>     <miconda at gmail.com <mailto:miconda at gmail.com>>
>     *Subject:* Re: [SR-Users] SECSIPID Identity Decode
>
>      
>
>     Here is an example, payload taken from Identity header.
>
>      
>
>     Identity was added with secsipid_add_identity
>
>      
>
>     Payload test:
>
>     $var(test) =
>     "eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6I5ODkyODkyMjgwIl19LCJpYXQiOjE2MjUxMDk2MzQsIm9yaWciOnsidG4iOiI5ODk0MDA0MjMwIn0sIm9yaWdpZCI6IjNmYmE4NTg0LTRkNzMtNGU2NC04NDc5LTQ5MjU2ZGIyMWFhYSJ9";
>
>     xlogl("L_WARN", "$(var(test){s.decode.base64t})\n");
>
>      
>
>     Result is:
>
>     {"attest":"A","dest":{"tn":#���#��##�#002%���&�#027B#�#023c#S#023#003�#023sB�&�&�r#��'F�#�#���C#003#003C#3#002'��&�&�v�B#�&#026Vc�s#006f"�&6#026#022�CVCB�#023c3#022�3#0066#�#026#6#026S�r'
>
>      
>
>     -dan
>
>      
>
>      
>
>     *From: *sr-users <sr-users-bounces at lists.kamailio.org
>     <mailto:sr-users-bounces at lists.kamailio.org>> on behalf of Daniel
>     Graham <dan at cmsinter.net <mailto:dan at cmsinter.net>>
>     *Reply-To: *"Kamailio (SER) - Users Mailing List"
>     <sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>>
>     *Date: *Wednesday, June 30, 2021 at 5:32 PM
>     *To: *David Villasmil <david.villasmil.work at gmail.com
>     <mailto:david.villasmil.work at gmail.com>>, "miconda at gmail.com
>     <mailto:miconda at gmail.com>" <miconda at gmail.com
>     <mailto:miconda at gmail.com>>, "Kamailio (SER) - Users Mailing List"
>     <sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>>
>     *Subject: *Re: [SR-Users] SECSIPID Identity Decode
>
>      
>
>     That’s the same way I am doing it, I was just trying to do a
>     verification that the identity header/payload was correct before
>     activating new changes.
>
>      
>
>     I will do further testing and share results. Just found it odd
>     that the header would decode but payload wouldn’t.
>
>      
>
>     Daniel W. Graham, CTO
>
>     CMSInter.net LLC
>
>     DIRECT (989) 400-4230
>
>      
>
>     INTERNET | TELEPHONE | MANAGED IT
>
>      
>
>      
>
>     *From: *David Villasmil <david.villasmil.work at gmail.com
>     <mailto:david.villasmil.work at gmail.com>>
>     *Date: *Wednesday, June 30, 2021 at 4:06 PM
>     *To: *"miconda at gmail.com <mailto:miconda at gmail.com>"
>     <miconda at gmail.com <mailto:miconda at gmail.com>>, "Kamailio (SER) -
>     Users Mailing List" <sr-users at lists.kamailio.org
>     <mailto:sr-users at lists.kamailio.org>>
>     *Cc: *Daniel Graham <dan at cmsinter.net <mailto:dan at cmsinter.net>>
>     *Subject: *Re: [SR-Users] SECSIPID Identity Decode
>
>      
>
>     I DO IT WITH:
>
>      
>
>     # Break JWT
>                 $var(jwt1) =
>     $(hdr(Identity){s.select,0,.}{s.decode.base64t});
>                 $var(jwt2) =
>     $(hdr(Identity){s.select,1,.}{s.decode.base64t});
>
>      
>
>
>     Regards,
>
>      
>
>     David Villasmil
>
>     email: david.villasmil.work at gmail.com
>     <mailto:david.villasmil.work at gmail.com>
>
>     phone: +34669448337
>
>      
>
>      
>
>     On Wed, Jun 30, 2021 at 8:48 PM Daniel-Constantin Mierla
>     <miconda at gmail.com <mailto:miconda at gmail.com>> wrote:
>
>         Hello,
>
>         not familiar with python functions, have you tried with
>         Kamailio transformation?
>
>         https://www.kamailio.org/wiki/cookbooks/5.5.x/transformations#sdecodebase64url
>         <https://www.kamailio.org/wiki/cookbooks/5.5.x/transformations#sdecodebase64url>
>
>         Maybe you have to specify in Python that it is ASCII, I
>         remember I had to do decoding when porting kamcli to work with
>         Python3 -- had to change from using directly the variables
>         received as parameter to a decoded value, something like:
>
>         prefix = tprefix.encode("ascii", "ignore").decode()
>
>         Also, if you can, share the identity header here to test with
>         and see if can be reproduced.
>
>         Cheers,
>         Daniel
>
>         On 30.06.21 21:14, Daniel W. Graham wrote:
>
>             I am unable to base64url decode the json payload in
>             identity header generated by secsipid.
>
>              
>
>             (Using python for test)
>
>             decoded_payload = url64.decode(‘payload’)
>
>             UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc2
>             in position 27: invalid continuation byte
>
>              
>
>             Header decodes fine this way but not payload.
>
>              
>
>             Is this an issue with the payload encoding?
>
>              
>
>             Kamailio 5.5
>
>              
>
>             Daniel W. Graham, CTO
>
>             CMSInter.net LLC
>
>             DIRECT (989) 400-4230
>
>              
>
>             INTERNET | TELEPHONE | MANAGED IT
>
>              
>
>
>
>
>
>             __________________________________________________________
>
>             Kamailio - Users Mailing List - Non Commercial Discussions
>
>               * sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>
>             Important: keep the mailing list in the recipients, do not reply only to the sender!
>
>             Edit mailing list options or unsubscribe:
>
>               * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>
>         -- 
>
>         Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com>
>
>         www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
>
>         __________________________________________________________
>         Kamailio - Users Mailing List - Non Commercial Discussions
>           * sr-users at lists.kamailio.org
>         <mailto:sr-users at lists.kamailio.org>
>         Important: keep the mailing list in the recipients, do not
>         reply only to the sender!
>         Edit mailing list options or unsubscribe:
>           *
>         https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>         <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>
>     __________________________________________________________
>     Kamailio - Users Mailing List - Non Commercial Discussions
>      * sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>     Important: keep the mailing list in the recipients, do not reply
>     only to the sender!
>     Edit mailing list options or unsubscribe:
>      * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>     <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210702/264b8ac7/attachment.htm>


More information about the sr-users mailing list