[OpenSIPS-Users] stir/shaken signature
John Burke
john at voxtelesys.com
Thu Jan 6 02:26:31 UTC 2022
Hey Marcin,
I also came across this when implementing S/S. In RFC8224 4.1, it
suggests the parameter is optional and the default is assumed to be ES256:
/Second, the JSON key "alg" MUST mirror the value of the optional//
//"alg" parameter in the SIP Identity header field. Note that if//
//the "alg" parameter is absent from the Identity header, the//
//default value is "ES256"./
In practice, I've seen traffic with and without this parameter but have
never run into any integration issues. IMO it's not really an issue,
but curious if it is causing you interop issues? Anyways, here is a
quick patch that I've used to force the "alg" param in the Identity
header (https://pastebin.com/AriqcThD).
Thanks,
John**
**
*
*
On 1/5/22 5:34 PM, Marcin Groszek wrote:
>
> Version 3.1.5
>
> When signature is generated it appears to be missing ;alg=ES256 after
> the info part containing url of a certificate, ppt="shaken" is
> present on the end as it should.
>
> Decoded header does contain "alg":"ES256"
>
>
> --
> Best Regards:
> Marcin Groszek
> Business Voip Resource.
> http://www.voipplus.net
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20220105/3af38366/attachment.html>
More information about the Users
mailing list