<html><head></head><body><div class="ydp8caf0fd8yahoo-style-wrap" style="font-family: Helvetica Neue, Helvetica, Arial, sans-serif; font-size: 13px;"><div></div>
<div dir="ltr" data-setdir="false">Sunil, </div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">I was having a similar issue... it looks like part 2 of the base64 string decodes to:</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false"><span>{"attest"8""Â&FW7B#§²'Fâ#¥²#S333#sR%×ÒÂ&B#£c#ssrÂ&÷&r#§²'Fâ#¢#S333#sb'ÒÂ&÷&vB#¢&G6F66fG2ÖG6F6B×5ds"}</span><br></div><div dir="ltr" data-setdir="false"><span><br></span></div><div dir="ltr" data-setdir="false"><span><br></span></div><div dir="ltr" data-setdir="false"><span>My problem was that I was using sngrep to find my identity header and it appears to have been truncating my string. upon using ngrep to get the raw packet data I found the identity string was totally different and decoded properly. </span></div><div><br></div>
</div><div id="yahoo_quoted_2205622526" class="yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Monday, May 24, 2021, 02:13:08 AM EDT, Sunil More <sunil.more64sinfo@gmail.com> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div id="yiv2894876446"><div><div dir="ltr">Hello All,<div><br clear="none"></div><div>I tried the same with Opensips version 3.1.2 , Still the same result. The Payload is not a valid JSON.<br clear="none"><br clear="none">version: opensips 3.1.2 (x86_64/linux)<br clear="none">flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, HP_MALLOC, DBG_MALLOC, FAST_LOCK-ADAPTIVE_WAIT<br clear="none">ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535<br clear="none">poll method support: poll, epoll, sigio_rt, select.<br clear="none">git revision: 539ab0b3a<br clear="none">main.c compiled on 05:43:20 May 24 2021 with gcc 7</div><div><br clear="none"></div><div>Regards,</div><div>Sunil More</div><div><br clear="none"><div class="yiv2894876446gmail_quote"><div class="yiv2894876446yqt5338462221" id="yiv2894876446yqtfd90965"><div class="yiv2894876446gmail_attr" dir="ltr">---------- Forwarded message ---------<br clear="none">From: <strong class="yiv2894876446gmail_sendername">Sunil More</strong> <span><<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:sunil.more64sinfo@gmail.com" target="_blank" href="mailto:sunil.more64sinfo@gmail.com">sunil.more64sinfo@gmail.com</a>></span><br clear="none">Date: Thu, 20 May 2021 at 15:55<br clear="none">Subject: STIR/Shaken payload issue.<br clear="none">To: <a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:users@lists.opensips.org" target="_blank" href="mailto:users@lists.opensips.org">users@lists.opensips.org</a> <<a rel="nofollow noopener noreferrer" shape="rect" ymailto="mailto:users@lists.opensips.org" target="_blank" href="mailto:users@lists.opensips.org">users@lists.opensips.org</a>><br clear="none"></div><br clear="none"><br clear="none"><div lang="EN-IN" style="word-wrap:break-word;"><div class="yiv2894876446m_-7941281493350622922WordSection1"><p class="yiv2894876446MsoNormal">Hello All, </p><p class="yiv2894876446MsoNormal"><u></u> <u></u></p><p class="yiv2894876446MsoNormal">I was working to use stir shaken module. The certificates are put in place and Identity Header is also created. However the Identity when tried to put on JWT.io for validation , I can observe that the payload is not good. </p><p class="yiv2894876446MsoNormal"><span style="color:white;">Here is the identity Heade<br clear="none"></span><font color="#000000"><span class="yiv2894876446gmail-m_-7941281493350622922typ"><b>Identity</b></span><span class="yiv2894876446gmail-m_-7941281493350622922pun">:</span><span class="yiv2894876446gmail-m_-7941281493350622922pln"> eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9hcHBzLnNhbWVzcGFjZS5jb20vc2VydmVyLmNydCJ9</span><span class="yiv2894876446gmail-m_-7941281493350622922pun">.</span><span class="yiv2894876446gmail-m_-7941281493350622922pln">eyJhdHRlc3QiOCIiwiZGVzdCI6eyJ0biI6WyI5MTk1MDMzMzgyNzUiXX0sImlhdCI6MTYyMDkxMDc3Nywib3JpZyI6eyJ0biI6IjkxOTUwMzMzODI3NiJ9LCJvcmlnaWQiOiJkc2FkYXNhc2Zkcy1kc2FkYXNkLXNWRzIn0</span><span class="yiv2894876446gmail-m_-7941281493350622922pun">.</span><span class="yiv2894876446gmail-m_-7941281493350622922typ">JzYHlbStXK7gpmRWVZY_IC8VmeZfaKWBzGTOfGU82OQ3w28lctaYv</span><span class="yiv2894876446gmail-m_-7941281493350622922pun">-</span><span class="yiv2894876446gmail-m_-7941281493350622922typ">YAzBdjqjUGJKISid327KSzUGGvpXYBSg</span><span class="yiv2894876446gmail-m_-7941281493350622922pun">;</span><span class="yiv2894876446gmail-m_-7941281493350622922pln">info</span><span class="yiv2894876446gmail-m_-7941281493350622922pun">=<</span><span class="yiv2894876446gmail-m_-7941281493350622922pln">https</span><span class="yiv2894876446gmail-m_-7941281493350622922pun">:</span><span class="yiv2894876446gmail-m_-7941281493350622922com">//<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="http://apps.samespace.com/server.crt" style="">apps.samespace.com/server.crt</a>>;ppt="shaken"</span></font></p><p class="yiv2894876446MsoNormal"><br clear="none"></p><p class="yiv2894876446MsoNormal">After JWT.io <br clear="none">Header for algorithm and token type looks ok ..<br clear="none">{</p><p class="yiv2894876446MsoNormal"> "alg": "ES256",</p><p class="yiv2894876446MsoNormal"> "ppt": "shaken",</p><p class="yiv2894876446MsoNormal"> "typ": "passport",</p><p class="yiv2894876446MsoNormal"> "x5u": "<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://apps.samespace.com/server.crt">https://apps.samespace.com/server.crt</a>"</p><p class="yiv2894876446MsoNormal">}<br clear="none"><br clear="none"></p><p class="yiv2894876446MsoNormal">However payload looks like this which is probably some invalid JSON, I am not sure what could cause this.<br clear="none"><br clear="none">"{\"attest\"8\"\"�&FW7B#��'F�#��#�\u0013�S\u0003333�#sR%���&�\u0017B#�\u0013c#\u0003�\u0013\u0003ssr�&�&�r#��'F�#�#�\u0013�S\u0003333�#sb'��&�&�v�B#�&G6\u0016F\u00176\u00176fG2�G6\u0016F\u00176B�5ds\"}"<br clear="none"><br clear="none"></p><p class="yiv2894876446MsoNormal">Here is the code snippet used .</p><p class="yiv2894876446MsoNormal"><br clear="none"></p><p class="yiv2894876446MsoNormal"><u></u><font color="#000000"><span style="font-size:10.5pt;font-family:Consolas;">stir_shaken_auth(</span><span style="font-size:10.5pt;font-family:Consolas;">"B"</span><span style="font-size:10.5pt;font-family:Consolas;">, $var(origid),$var(cert), $var(privKey),</span><span style="font-size:10.5pt;font-family:Consolas;">"<a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://apps.samespace.com/server.crt">https://apps.samespace.com/server.crt</a>"</span><span style="font-size:10.5pt;font-family:Consolas;">,</span><span style="font-size:10.5pt;font-family:Consolas;">"919503338276"</span><span style="font-size:10.5pt;font-family:Consolas;">,</span><span style="font-size:10.5pt;font-family:Consolas;">"919503338275"</span><span style="font-size:10.5pt;font-family:Consolas;">)</span><span style="font-size:10.5pt;font-family:Consolas;">;</span></font> <u></u></p><div><div><p class="yiv2894876446MsoNormal" style="line-height:14.25pt;background:#1e1e1e;"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4;"><u></u><u></u></span></p></div></div><p class="yiv2894876446MsoNormal"><u></u> <u></u></p><p class="yiv2894876446MsoNormal">I am using opensips version as below </p><p class="yiv2894876446MsoNormal"><u></u> <u></u></p><p class="yiv2894876446MsoNormal">version: opensips 3.1.1 (x86_64/linux)</p><p class="yiv2894876446MsoNormal">flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, HP_MALLOC, DBG_MALLOC, FAST_LOCK-ADAPTIVE_WAIT</p><p class="yiv2894876446MsoNormal">ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535</p><p class="yiv2894876446MsoNormal">poll method support: poll, epoll, sigio_rt, select.</p><p class="yiv2894876446MsoNormal">git revision: 229ec0793</p><p class="yiv2894876446MsoNormal">main.c compiled on 11:50:44 Jan 15 2021 with gcc 7</p><p class="yiv2894876446MsoNormal"><u></u> <u></u></p><p class="yiv2894876446MsoNormal">Kindly let me know if there is something wrong that I could be doing. I checked the sample from <b><a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://transnexus.com/whitepapers/understanding-stir-shaken/">https://transnexus.com/whitepapers/understanding-stir-shaken/</a><u></u><u></u></b></p><p class="yiv2894876446MsoNormal">The Identity from this example shows a good payload. </p><p class="yiv2894876446MsoNormal"><u></u> <u></u></p><p class="yiv2894876446MsoNormal"><u></u> <u></u></p><p class="yiv2894876446MsoNormal">Regards,</p><p class="yiv2894876446MsoNormal">Sunil More</p><p class="yiv2894876446MsoNormal">Phone : 919503338275</p><p class="yiv2894876446MsoNormal">Sent from <a rel="nofollow noopener noreferrer" shape="rect" target="_blank" href="https://go.microsoft.com/fwlink/?LinkId=550986">Mail</a> for Windows 10</p><p class="yiv2894876446MsoNormal"><u></u> <u></u></p></div></div>
</div></div></div></div><div class="yiv2894876446yqt5338462221" id="yiv2894876446yqtfd56787">
</div></div></div><div class="yqt5338462221" id="yqtfd51869">_______________________________________________<br clear="none">Users mailing list<br clear="none"><a shape="rect" ymailto="mailto:Users@lists.opensips.org" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br clear="none"><a shape="rect" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br clear="none"></div></div>
</div>
</div></body></html>