[Asterisk-code-review] res_pjsip_stir_shaken: Fix JSON field ordering and canonicalization. (asterisk[master])

N A asteriskteam at digium.com
Wed Feb 22 06:55:05 CST 2023 

Attention is currently required from: N A.

Hello Sean Bright, Friendly Automation, 

I'd like you to reexamine a change. Please visit

    https://gerrit.asterisk.org/c/asterisk/+/19897

to look at the new patch set (#2).

Change subject: res_pjsip_stir_shaken: Fix JSON field ordering and canonicalization.
......................................................................

res_pjsip_stir_shaken: Fix JSON field ordering and canonicalization.

The current STIR/SHAKEN signing process is inconsistent with the
RFCs in a couple ways that can cause interoperability issues.

RFC8225 specifies that the keys must be ordered lexicographically, but
currently the fields are simply ordered according to the order
in which they were added to the JSON object, which is not
compliant with the RFC and can cause issues with some carriers.

To fix this, a JSON API is added that makes use of libjansson's
ability to dump a JSON object sorted by key value. This results
in the correct ordering in the dumped string.

Additionally, the destination number must be canonicalized, i.e.
have any leading + prefix removed, in order to comply with the RFCs.
This is now done, so the payload contains a properly formatted number.

ASTERISK-30407 #close

Change-Id: Iab76d39447c4b8cf133de85657dba02fda07f9a2
---
M include/asterisk/json.h
M main/json.c
M res/res_pjsip_stir_shaken.c
M res/res_stir_shaken.c
4 files changed, 70 insertions(+), 4 deletions(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/97/19897/2
-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/19897
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: Iab76d39447c4b8cf133de85657dba02fda07f9a2
Gerrit-Change-Number: 19897
Gerrit-PatchSet: 2
Gerrit-Owner: N A <asterisk at phreaknet.org>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: Sean Bright <sean at seanbright.com>
Gerrit-Attention: N A <asterisk at phreaknet.org>
Gerrit-MessageType: newpatchset
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20230222/21856a58/attachment-0001.html>

More information about the asterisk-code-review mailing list