[SR-Users] STIR/SHAKEN tests

Fri May 28 10:27:11 CEST 2021

Correct.
That’s a log with debug 3, absolutely nothing is coming out. :(

On Thu, 27 May 2021 at 20:54, Daniel-Constantin Mierla <miconda at gmail.com>
wrote:

> Same logs like with before with previous certificate? Can you attach log
> messages with debug=3?
>
> Cheers,
> Daniel
> On 27.05.21 20:13, David Villasmil wrote:
>
> Yep i just tried that :)
>
> I don't get an error on the CLI:
>
> # secsipidx -sign-full -orig-tn 493044448888 -dest-tn 493055559999 -attest
> A -x5u http://asipto.lab/stir/cert.pem -k ec256-private.pem
>
> eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cDovL2FzaXB0by5sYWIvc3Rpci9jZXJ0LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyI0OTMwNTU1NTk5OTkiXX0sImlhdCI6MTYyMjEzOTE1Nywib3JpZyI6eyJ0biI6IjQ5MzA0NDQ0ODg4OCJ9LCJvcmlnaWQiOiIxOWE5OWY2ZS1mZWE5LTQyYmEtYmU2ZC1lNDZkNjZkMGIzNjcifQ.64Z_uNPA5frA20nqurHxOD8qLtuvcGeMxmx0ZhBmSWFoeEU53nHSmEWOsAJC5eiJLuIWfVI9HFhJIKyK6PMrcA;info=<
> http://asipto.lab/stir/cert.pem>;alg=ES256;ppt=shaken
>
> But still failing in kamailio...
>
> Regards,
>
> David Villasmil
> email: david.villasmil.work at gmail.com
> phone: +34669448337
>
>
> On Thu, May 27, 2021 at 7:09 PM Daniel-Constantin Mierla <
> miconda at gmail.com> wrote:
>
>> Hello,
>> On 27.05.21 19:58, David Villasmil wrote:
>>
>> Hello guys,
>>
>> I want to test secsipid, but i don't yet have the certificate. So i
>> thought i'd create a cert like:
>>
>> openssl req -new -newkey rsa:4096 -nodes -keyout snakeoil.key -out
>> snakeoil.csr
>> openssl x509 -req -sha256 -days 365 -in snakeoil.csr -signkey
>> snakeoil.key -out snakeoil.pem
>>
>> Then i'm simply doing:
>>
>> $var(rc) = secsipid_add_identity("$fU", "$rU", "A", "", "
>> https://somedomain.com/stir/$rd/cert.pem
>> <https://kamailio.org/stir/$rd/cert.pem>", "/etc/kamailio/snakeoil.pem");
>> if ( $var(rc) ) {
>>     xlog("L_ERR", "[STIR/SHAKEN][$ci] Shaken authentication added (SIP
>> Identity Header created)\n");
>> } else {
>>     xlog("L_ERR", "[STIR/SHAKEN][$ci] Failed\n");
>> }
>>
>> But no matter what i do it silently fails:
>>
>> INVITE d54c2919-39b6-123a-95a7-0e29a5289b8d} <script>:
>> [STIR/SHAKEN][d54c2919-39b6-123a-95a7-0e29a5289b8d] Failed
>>
>> I have debug on 6, but i don't get more info regarding the error.
>>
>> Any ideas?
>>
>> based on the specs, it should not be the usual ssl/tls certificate, try
>> to generate them using the guidelines at:
>>
>>   * https://github.com/asipto/secsipidx#keys-generation
>>
>> Cheers,
>> Daniel
>>
>> --
>> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
>> Kamailio Advanced Training - Online - June 7-10, 2021 (America Timezone)
>>   * https://www.asipto.com/sw/kamailio-advanced-training-online/
>>
>> --
> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
> Kamailio Advanced Training - Online - June 7-10, 2021 (America Timezone)
>   * https://www.asipto.com/sw/kamailio-advanced-training-online/
>
> --
Regards,

David Villasmil
email: david.villasmil.work at gmail.com
phone: +34669448337
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210528/7558216c/attachment.htm>