I see, so I need to update my Opensips to 3.1, and then how does it work? the module grabs my certificate and generates the signature? Is there a command line tool that can do that meanwhile? We can always add the signature like any other header. Can somebody paste a sample code here so I my try?
On Mon, Apr 13, 2020 at 11:34 AM Vlad Patrascu <[email protected]> wrote: > Hi Frederico, > > I'm not really sure I understand your question of "how" to generate the > signature. Are you refering to how the scripting should look like or > something else ? But anyway, it is not possible with OpenSIPS 2.4.7 as the > stir_shaken module is available starting with OpenSIPS 3.1. > > Regards, > > Vlad Patrascu > On 13.04.2020 18:13, Saint Michael wrote: > > I am trying to do the same. The question I need to ask here is: how do you > generate the signature from the certificate, the caller ID and the > destination number? > I have the API working in staging mode, but now I need to really sign a > call and send it forward with Opensips 2.4.7 > > Federico > > On Mon, Apr 13, 2020 at 11:03 AM Vlad Patrascu <[email protected]> wrote: > >> Hi Alexandru, >> >> OpenSIPS is using the signature in DER encoded format (as it is directly >> generated by openssl) but indeed it is not the proper format as per RFC >> 7518. Thanks for the report, I am working on a fix. >> >> Regards, >> >> Vlad Patrascu >> On 10.04.2020 12:28, Alexandru Tripon wrote: >> >> Hi, >> >> I tried to populate the Identity header with the stir_shaken module. >> The header is populated but when I try to verify the signature using an >> external tool it fails because of the length. >> I have the folowing Identity generated by Opensips: >> ` >> >> eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiL2hvbWUvdHJpYWwvTHVjcnUvQ29kZS9zdGlyU2hha2VuL215cHVia2V5LnBlbSJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyIxMDAyIl19LCJpYXQiOjE1ODY1MDMxODcsIm9yaWciOnsidG4iOiIxMDAxIn0sIm9yaWdpZCI6IjEyMzQ1NiJ9.MEYCIQCjIx6w8IeilqHq0jbc6uwIB9v1RDmecoep0gRJJC4EmQIhANH1MO9jwRtqH6jgFH12XqROFv-nUroEgzsRAaMJtAsR;info=\u003c/home/trial/Lucru/Code/stirShaken/mypubkey.pem\u003e;ppt=\"shaken\" >> ` >> the lenght of encoded signature(in base64) is 96 and in the decoded one >> is 72. >> In the RFC for ES256 algorithm( >> https://tools.ietf.org/html/rfc7518#section-3.4) the length of the >> decoded signature is 64. >> Am I missing something here? >> >> Thanks, >> Alexandru Tripon >> >> _______________________________________________ >> Users mailing >> [email protected]http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> > > _______________________________________________ > Users mailing > [email protected]http://lists.opensips.org/cgi-bin/mailman/listinfo/users > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
