[Asterisk-code-review] res_pjsip_stir_shaken: RFC 8225 compliance and error message cleanup. (asterisk[16])

Benjamin Keith Ford asteriskteam at digium.com
Mon Jul 19 10:48:29 CDT 2021 

Benjamin Keith Ford has submitted this change. ( https://gerrit.asterisk.org/c/asterisk/+/16154 )

Change subject: res_pjsip_stir_shaken: RFC 8225 compliance and error message cleanup.
......................................................................

res_pjsip_stir_shaken: RFC 8225 compliance and error message cleanup.

>From RFC 8225 Section 5.2.1:

    The "dest" claim is a JSON object with the claim name of "dest"
    and MUST have at least one identity claim object.  The "dest"
    claim value is an array containing one or more identity claim JSON
    objects representing the destination identities of any type
    (currently "tn" or "uri").  If the "dest" claim value array
    contains both "tn" and "uri" claim names, the JSON object should
    list the "tn" array first and the "uri" array second.  Within the
    "tn" and "uri" arrays, the identity strings should be put in
    lexicographical order, including the scheme-specific portion of
    the URI characters.

Additionally, make it clear that there was a failure to sign the JWT
payload and not necessarily a memory allocation failure.

Change-Id: Ia8733b861aef6edfaa9c2136e97b447a01578dc9
---
M res/res_pjsip_stir_shaken.c
1 file changed, 2 insertions(+), 2 deletions(-)

Approvals:
  Joshua Colp: Looks good to me, but someone else must approve
  Kevin Harwell: Looks good to me, but someone else must approve
  Benjamin Keith Ford: Looks good to me, approved; Approved for Submit
  George Joseph: Looks good to me, but someone else must approve



diff --git a/res/res_pjsip_stir_shaken.c b/res/res_pjsip_stir_shaken.c
index 42d638f..1519d34 100644
--- a/res/res_pjsip_stir_shaken.c
+++ b/res/res_pjsip_stir_shaken.c
@@ -258,7 +258,7 @@
 	ast_copy_pj_str(dest_tn, &uri->user, uri->user.slen + 1);
 
 	/* x5u (public key URL), attestation, and origid will be added by ast_stir_shaken_sign */
-	json = ast_json_pack("{s: {s: s, s: s, s: s}, s: {s: {s: s}, s: {s: s}}}",
+	json = ast_json_pack("{s: {s: s, s: s, s: s}, s: {s: {s: [s]}, s: {s: s}}}",
 		"header", "alg", "ES256", "ppt", "shaken", "typ", "passport",
 		"payload", "dest", "tn", dest_tn, "orig", "tn",
 		session->id.number.str);
@@ -269,7 +269,7 @@
 
 	ss_payload = ast_stir_shaken_sign(json);
 	if (!ss_payload) {
-		ast_log(LOG_ERROR, "Failed to allocate memory for STIR/SHAKEN payload\n");
+		ast_log(LOG_ERROR, "Failed to sign STIR/SHAKEN payload\n");
 		return -1;
 	}
 

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/16154
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: Ia8733b861aef6edfaa9c2136e97b447a01578dc9
Gerrit-Change-Number: 16154
Gerrit-PatchSet: 2
Gerrit-Owner: Sean Bright <sean at seanbright.com>
Gerrit-Reviewer: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20210719/8a3f0264/attachment-0001.html>

More information about the asterisk-code-review mailing list