STIR/SHAKEN implementation - CLI tool, HTTP API server and C library
Hello, I noticed the discussion about STIR/SHAKEN that happened on this forum a few weeks ago and for quite some time I had in my todo list the task to add support for those extensions to Kamailio SIP server, but with no real pressure to deploy them here in Europe, I kept postponing for a while (also, some people did it already for Kamailio using embedded scripting languages Lua or Python). Anyhow, as I saw the discussion here, it became fresh again and I searched the web, but I could not find any free/open tools to test/validate implementations, so it looked a bit like chicken-egg problem, therefore I created recently such a project, written in Go language, with option to build a C static or shared library. It is still very fresh code, not much tested, now with ES256 signing algorithm based on golang native support, no interoperability done with other applications. The project is available at: ? * https://github.com/asipto/secsipidx To be able to enable older versions of PBX/SIP servers to support STIR/SHAKEN extensions, besides the C library exports, there is an application that can run as CLI tool or HTTP API server to check or generate Identity headers. I haven't tested at all on Windows, but I expect that golang ensures good portability, not using anything OS specific in the code. I thought it worth announcing it here, in case someone wants to play with, suggest improvements or even contribute to make it easier to use on their specific deployments. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
Thank you!!! This is great. We haven't yet had to implement, and I'm now less worried about it as a result of your code. I really appreciate you writing the code and putting it out there for those of us who will soon and likely on a short timeline. Kudos Daniel! Beckman On Mon, 27 Jan 2020, Daniel-Constantin Mierla wrote:
Hello,
I noticed the discussion about STIR/SHAKEN that happened on this forum a few weeks ago and for quite some time I had in my todo list the task to add support for those extensions to Kamailio SIP server, but with no real pressure to deploy them here in Europe, I kept postponing for a while (also, some people did it already for Kamailio using embedded scripting languages Lua or Python).
Anyhow, as I saw the discussion here, it became fresh again and I searched the web, but I could not find any free/open tools to test/validate implementations, so it looked a bit like chicken-egg problem, therefore I created recently such a project, written in Go language, with option to build a C static or shared library.
It is still very fresh code, not much tested, now with ES256 signing algorithm based on golang native support, no interoperability done with other applications. The project is available at:
? * https://github.com/asipto/secsipidx
To be able to enable older versions of PBX/SIP servers to support STIR/SHAKEN extensions, besides the C library exports, there is an application that can run as CLI tool or HTTP API server to check or generate Identity headers. I haven't tested at all on Windows, but I expect that golang ensures good portability, not using anything OS specific in the code.
I thought it worth announcing it here, in case someone wants to play with, suggest improvements or even contribute to make it easier to use on their specific deployments.
Cheers, Daniel
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
--------------------------------------------------------------------------- Peter Beckman Internet Guy beckman at angryox.com http://www.angryox.com/ ---------------------------------------------------------------------------
Indeed, this is great news for the many successful operators of open-source platforms on this list. Thank you very much for your generous contribution of time to make a foray into this challenging area, Daniel. I know the large installed base of Kamailio in North America will deeply appreciate it! ? Alex ? Sent from my iPad
On Jan 27, 2020, at 11:11 AM, Peter Beckman <beckman at angryox.com> wrote:
?Thank you!!! This is great. We haven't yet had to implement, and I'm now less worried about it as a result of your code. I really appreciate you writing the code and putting it out there for those of us who will soon and likely on a short timeline.
Kudos Daniel!
Beckman
On Mon, 27 Jan 2020, Daniel-Constantin Mierla wrote:
Hello,
I noticed the discussion about STIR/SHAKEN that happened on this forum a few weeks ago and for quite some time I had in my todo list the task to add support for those extensions to Kamailio SIP server, but with no real pressure to deploy them here in Europe, I kept postponing for a while (also, some people did it already for Kamailio using embedded scripting languages Lua or Python).
Anyhow, as I saw the discussion here, it became fresh again and I searched the web, but I could not find any free/open tools to test/validate implementations, so it looked a bit like chicken-egg problem, therefore I created recently such a project, written in Go language, with option to build a C static or shared library.
It is still very fresh code, not much tested, now with ES256 signing algorithm based on golang native support, no interoperability done with other applications. The project is available at:
* https://github.com/asipto/secsipidx
To be able to enable older versions of PBX/SIP servers to support STIR/SHAKEN extensions, besides the C library exports, there is an application that can run as CLI tool or HTTP API server to check or generate Identity headers. I haven't tested at all on Windows, but I expect that golang ensures good portability, not using anything OS specific in the code.
I thought it worth announcing it here, in case someone wants to play with, suggest improvements or even contribute to make it easier to use on their specific deployments.
Cheers, Daniel
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
--------------------------------------------------------------------------- Peter Beckman Internet Guy beckman at angryox.com http://www.angryox.com/ ---------------------------------------------------------------------------_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
Thanks Alex! Feedback if works fine or not would be appreciated, if someone already has access to a service where the Identity header is sent (I can assist if one needs help to get secsipid project set up). In Europe I expect to take much longer than in North America to see these extensions enabled between SIP carriers. Cheers, Daniel On 27.01.20 17:53, Alex Balashov wrote:
Indeed, this is great news for the many successful operators of open-source platforms on this list.
Thank you very much for your generous contribution of time to make a foray into this challenging area, Daniel. I know the large installed base of Kamailio in North America will deeply appreciate it!
? Alex
? Sent from my iPad
On Jan 27, 2020, at 11:11 AM, Peter Beckman <beckman at angryox.com> wrote:
?Thank you!!! This is great. We haven't yet had to implement, and I'm now less worried about it as a result of your code. I really appreciate you writing the code and putting it out there for those of us who will soon and likely on a short timeline.
Kudos Daniel!
Beckman
On Mon, 27 Jan 2020, Daniel-Constantin Mierla wrote:
Hello,
I noticed the discussion about STIR/SHAKEN that happened on this forum a few weeks ago and for quite some time I had in my todo list the task to add support for those extensions to Kamailio SIP server, but with no real pressure to deploy them here in Europe, I kept postponing for a while (also, some people did it already for Kamailio using embedded scripting languages Lua or Python).
Anyhow, as I saw the discussion here, it became fresh again and I searched the web, but I could not find any free/open tools to test/validate implementations, so it looked a bit like chicken-egg problem, therefore I created recently such a project, written in Go language, with option to build a C static or shared library.
It is still very fresh code, not much tested, now with ES256 signing algorithm based on golang native support, no interoperability done with other applications. The project is available at:
* https://github.com/asipto/secsipidx
To be able to enable older versions of PBX/SIP servers to support STIR/SHAKEN extensions, besides the C library exports, there is an application that can run as CLI tool or HTTP API server to check or generate Identity headers. I haven't tested at all on Windows, but I expect that golang ensures good portability, not using anything OS specific in the code.
I thought it worth announcing it here, in case someone wants to play with, suggest improvements or even contribute to make it easier to use on their specific deployments.
Cheers, Daniel
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
Peter Beckman Internet Guy beckman at angryox.com http://www.angryox.com/ ---------------------------------------------------------------------------_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
Glad to hear it looks useful for you! The implementation so far was purely based on my understanding for the specs, no interop testing being done as I don't have access to a service using it already. Anyhow, golang has native support for json and many embedded encryption algorithms, so if some parameters need to be tuned there, should be straightforward. Just report any issue on github project and it will be taken care. Cheers, Daniel On 27.01.20 17:11, Peter Beckman wrote:
Thank you!!! This is great. We haven't yet had to implement, and I'm now less worried about it as a result of your code. I really appreciate you writing the code and putting it out there for those of us who will soon and likely on a short timeline.
Kudos Daniel!
Beckman
On Mon, 27 Jan 2020, Daniel-Constantin Mierla wrote:
Hello,
I noticed the discussion about STIR/SHAKEN that happened on this forum a few weeks ago and for quite some time I had in my todo list the task to add support for those extensions to Kamailio SIP server, but with no real pressure to deploy them here in Europe, I kept postponing for a while (also, some people did it already for Kamailio using embedded scripting languages Lua or Python).
Anyhow, as I saw the discussion here, it became fresh again and I searched the web, but I could not find any free/open tools to test/validate implementations, so it looked a bit like chicken-egg problem, therefore I created recently such a project, written in Go language, with option to build a C static or shared library.
It is still very fresh code, not much tested, now with ES256 signing algorithm based on golang native support, no interoperability done with other applications. The project is available at:
? * https://github.com/asipto/secsipidx
To be able to enable older versions of PBX/SIP servers to support STIR/SHAKEN extensions, besides the C library exports, there is an application that can run as CLI tool or HTTP API server to check or generate Identity headers. I haven't tested at all on Windows, but I expect that golang ensures good portability, not using anything OS specific in the code.
I thought it worth announcing it here, in case someone wants to play with, suggest improvements or even contribute to make it easier to use on their specific deployments.
Cheers, Daniel
--? Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
---------------------------------------------------------------------------
Peter Beckman????????????????????????????????????????????????? Internet Guy beckman at angryox.com???????????????????????????????? http://www.angryox.com/ ---------------------------------------------------------------------------
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
participants (3)
-
abalashov@evaristesys.com -
beckman@angryox.com -
miconda@gmail.com