[Asterisk-code-review] STIR/SHAKEN: Add tests for possible results. (testsuite[master])
Friendly Automation
asteriskteam at digium.com
Mon Jul 13 05:40:03 CDT 2020
Friendly Automation has submitted this change. ( https://gerrit.asterisk.org/c/testsuite/+/14575 )
Change subject: STIR/SHAKEN: Add tests for possible results.
......................................................................
STIR/SHAKEN: Add tests for possible results.
Added four new tests, each testing a different STIR/SHAKEN verification
result: STIR_SHAKEN_VERIFICATION_SUCCESS,
STIR_SHAKEN_VERIFICATION_FAILED, STIR_SHAKEN_VERIFICATION_MISTMATCH, and
STIR_SHAKEN_VERIFICATION_NOT_PRESENT.
Change-Id: I3aee8f73cc312db5c6e042393395adcef2b2d5eb
---
A contrib/keys/ec256-public.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/test-config.yaml
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/sipp/send-invite.xml
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/test-config.yaml
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/test-config.yaml
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/test-config.yaml
A tests/channels/pjsip/stir_shaken/tests.yaml
M tests/channels/pjsip/tests.yaml
34 files changed, 590 insertions(+), 0 deletions(-)
Approvals:
Joshua Colp: Looks good to me, approved
Kevin Harwell: Looks good to me, but someone else must approve
Friendly Automation: Approved for Submit
diff --git a/contrib/keys/ec256-public.pem b/contrib/keys/ec256-public.pem
new file mode 100644
index 0000000..c4e3bf3
--- /dev/null
+++ b/contrib/keys/ec256-public.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSy
+arT5H82qwe4LU8hbcBbhmc9gjy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END PUBLIC KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/ec256-private.pem
new file mode 100644
index 0000000..245e248
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIKjXgQ4o3wimaS+WuZP5tra2bjxq8pzYTf39+pLf70J9oAoGCCqGSM49
+AwEHoUQDQgAEcN+9C3HT51puV8YiHAB4/Yt69/6X7+kA3kRrRE5sV+BsW8IVLV6O
+LCrMKiQyrV/0iPVOMOpY09hhwoi6/v9D4g==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/extensions.conf
new file mode 100644
index 0000000..9c1f76c
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/extensions.conf
@@ -0,0 +1,4 @@
+[default]
+exten => echo,1,Answer()
+ same => n,Echo()
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/pjsip.conf
new file mode 100644
index 0000000..675fafd
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/pjsip.conf
@@ -0,0 +1,22 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5061
+
+[bob]
+type=endpoint
+aors=aor-bob
+from_user=alice
+transport=transport-udp
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
+
+[aor-bob]
+type=aor
+contact=sip:bob at 127.0.0.1:5060
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/stir_shaken.conf
new file mode 100644
index 0000000..aa71bfc
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/stir_shaken.conf
@@ -0,0 +1,7 @@
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/ec256-private.pem
new file mode 100644
index 0000000..245e248
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIKjXgQ4o3wimaS+WuZP5tra2bjxq8pzYTf39+pLf70J9oAoGCCqGSM49
+AwEHoUQDQgAEcN+9C3HT51puV8YiHAB4/Yt69/6X7+kA3kRrRE5sV+BsW8IVLV6O
+LCrMKiQyrV/0iPVOMOpY09hhwoi6/v9D4g==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/extensions.conf
new file mode 100644
index 0000000..c720c85
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/extensions.conf
@@ -0,0 +1,8 @@
+[default]
+exten => bob,1,Answer()
+ same => n,Set(RESULT=${STIR_SHAKEN(0,verify_result)})
+ same => n,GotoIf($["${RESULT}"="Signature failed"]?pass:fail)
+ same => n(fail),UserEvent(TestResult, result: fail)
+ same => n,Hangup()
+ same => n(pass),UserEvent(TestResult, result: pass)
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/pjsip.conf
new file mode 100644
index 0000000..8b4dbb2
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/pjsip.conf
@@ -0,0 +1,16 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5060
+
+[alice]
+type=endpoint
+context=default
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/stir_shaken.conf
new file mode 100644
index 0000000..af91737
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/stir_shaken.conf
@@ -0,0 +1,10 @@
+[general]
+curl_timeout=5
+
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/test-config.yaml b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/test-config.yaml
new file mode 100644
index 0000000..5707c52
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/test-config.yaml
@@ -0,0 +1,70 @@
+testinfo:
+ summary: 'Tests STIR_SHAKEN_SIGNATURE_FAILED'
+ description: |
+ 'Run two instances of Asterisk and set up an outgoing call
+ via PJSIP. The outgoing side will have STIR/SHAKEN
+ configured, so an identity header should be present. The
+ incoming side will test this with the STIR_SHAKEN dialplan
+ function, ensuring that "Signature failed" is the result,
+ using private and public keys that do not match.'
+
+test-modules:
+ test-object:
+ config-section: test-object-config
+ typename: 'test_case.TestCaseModule'
+ modules:
+ -
+ config-section: 'originator-config'
+ typename: 'pluggable_modules.Originator'
+ -
+ config-section: 'ami-config'
+ typename: 'ami.AMIEventModule'
+ -
+ config-section: 'http-server'
+ typename: 'http_static_server.HTTPStaticServer'
+ -
+ config-section: 'hangup-monitor'
+ typename: 'pluggable_modules.HangupMonitor'
+
+test-object-config:
+ memcheck-delay-stop: 7
+ asterisk-instances: 2
+ connect-ami: True
+
+hangup-monitor:
+ ids: [ '1', ]
+
+http-server:
+ port: 8088
+ root-directory: 'contrib/keys'
+
+originator-config:
+ trigger: 'ami_connect'
+ ignore-originate-failure: 'no'
+ id: '0'
+ channel: 'PJSIP/bob'
+ context: 'default'
+ exten: 'echo'
+ priority: '1'
+ async: 'True'
+
+ami-config:
+ -
+ type: 'headermatch'
+ id: '1'
+ conditions:
+ match:
+ Event: 'UserEvent'
+ UserEvent: 'TestResult'
+ requirements:
+ match:
+ result: 'pass'
+ count: '1'
+
+properties:
+ dependencies:
+ - asterisk : 'res_pjsip'
+ - asterisk : 'res_stir_shaken'
+ tags:
+ - pjsip
+ - stir_shaken
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/ec256-private.pem
new file mode 100644
index 0000000..9c34408
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBqnQDP+jQVyc47VT9F9UcfMpV7qKHhTbujrnuLX7BoyoAoGCCqGSM49
+AwEHoUQDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSyarT5H82qwe4LU8hbcBbhmc9g
+jy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/extensions.conf
new file mode 100644
index 0000000..c9d902e
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/extensions.conf
@@ -0,0 +1,8 @@
+[default]
+exten => test,1,Answer()
+ same => n,Set(RESULT=${STIR_SHAKEN(0,verify_result)})
+ same => n,GotoIf($["${RESULT}"="Verification mismatch"]?pass:fail)
+ same => n(fail),UserEvent(TestResult, result: fail)
+ same => n,Hangup()
+ same => n(pass),UserEvent(TestResult, result: pass)
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/pjsip.conf
new file mode 100644
index 0000000..a55168b
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/pjsip.conf
@@ -0,0 +1,13 @@
+[global]
+debug=yes
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1
+
+[anonymous]
+type=endpoint
+context=default
+allow=!all,ulaw
+stir_shaken=yes
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/stir_shaken.conf
new file mode 100644
index 0000000..aa71bfc
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/stir_shaken.conf
@@ -0,0 +1,7 @@
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/sipp/send-invite.xml b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/sipp/send-invite.xml
new file mode 100644
index 0000000..8c15886
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/sipp/send-invite.xml
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE scenario SYSTEM "sipp.dtd">
+
+<scenario name="INVITE with Identity Header">
+ <send retrans="500">
+ <![CDATA[
+
+ INVITE sip:test@[remote_ip]:[remote_port] SIP/2.0
+ Via: SIP/2.0/[transport] [local_ip]:[local_port];branch=[branch]
+ From: test1 <sip:[service]@[local_ip]:[local_port]>;tag=[call_number]
+ To: test <sip:test@[remote_ip]:[remote_port]>
+ Call-ID: 1234567
+ CSeq: 1 INVITE
+ Contact: <sip:test@[local_ip]:[local_port];transport=[transport]>
+ Max-Forwards: 70
+ Identity: eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cDovLzEyNy4wLjAuMTo4MDg4L2VjMjU2LXB1YmxpYy5wZW0ifQ==.eyJvcmlnIjp7InRuIjoiMTIzNDU2NyJ9LCJhdHRlc3QiOiJDIiwib3JpZ2lkIjoidGVzdHN1aXRlIiwiaWF0IjoxNTkzMDE4ODcwfQ==.MEUCIDoDpo1F++fJuv4ItB1uO7ULFZUfpa0l5XXeGif8NCD6AiEAmTWr+NkUqIHNDuV8KZzvDj2nFg2PCeCs7jD9BtIsBzc=;info=<http://127.0.0.1:8088/ec256-public.pem>alg=ES256;ppt=shaken
+ Subject: Test
+ User-Agent: Test
+ Content-Type: application/sdp
+ Content-Length: [len]
+
+ v=0
+ o=phoneA 53655765 2353687637 IN IP[local_ip_type] [local_ip]
+ s=-
+ c=IN IP[media_ip_type] [media_ip]
+ t=0 0
+ m=audio 6000 RTP/AVP 0
+ a=rtpmap:0 PCMU/8000
+
+ ]]>
+ </send>
+
+ <recv response="100" optional="true"/>
+
+ <recv response="200" rtd="true"/>
+
+ <send>
+ <![CDATA[
+
+ ACK sip:test@[remote_ip]:[remote_port] SIP/2.0
+ Via: SIP/2.0/[transport] [local_ip]:[local_port];branch=[branch]
+ From: test1 <sip:[service]@[local_ip]:[local_port]>;tag=[call_number]
+ To: test <sip:test@[remote_ip]:[remote_port]>[peer_tag_param]
+ Call-ID: [call_id]
+ CSeq: 1 ACK
+ Contact: <sip:test@[local_ip]:[local_port];transport=[transport]>
+ Max-Forwards: 70
+ Subject: Test
+ Content-Length: 0
+
+ ]]>
+ </send>
+
+ <recv request="BYE"/>
+
+ <send>
+ <![CDATA[
+
+ SIP/2.0 200 OK
+ [last_Via:]
+ [last_From:]
+ [last_To:]
+ [last_Call-ID:]
+ [last_CSeq:]
+ Contact: <sip:test@[local_ip]:[local_port];transport=[transport]>
+ Content-Length: 0
+
+ ]]>
+ </send>
+
+</scenario>
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/test-config.yaml b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/test-config.yaml
new file mode 100644
index 0000000..ff6a57d
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/test-config.yaml
@@ -0,0 +1,59 @@
+testinfo:
+ summary: 'Tests STIR_SHAKEN_VERIFY_MISMATCH'
+ description: |
+ 'Run one instance of Asterisk and set up an incoming call
+ via PJSIP and SIPp. An identity header will be present in the
+ INVITE. The STIR_SHAKEN dialplan function will check that
+ "Verification mismatch" is the result.'
+
+test-modules:
+ test-object:
+ config-section: sipp-config
+ typename: 'sipp.SIPpTestCase'
+ modules:
+ -
+ config-section: 'ami-config'
+ typename: 'ami.AMIEventModule'
+ -
+ config-section: 'http-server'
+ typename: 'http_static_server.HTTPStaticServer'
+ -
+ config-section: 'hangup-monitor'
+ typename: 'pluggable_modules.HangupMonitor'
+
+hangup-monitor:
+ ids: [ '0', ]
+
+http-server:
+ port: 8088
+ root-directory: 'contrib/keys'
+
+sipp-config:
+ fail-on-any: False
+ test-iterations:
+ -
+ scenarios:
+ - { 'key-args': { 'scenario': 'send-invite.xml', '-i': '127.0.0.1', '-p': '5061', '-s': 'anon' }}
+
+ami-config:
+ -
+ type: 'headermatch'
+ id: '0'
+ conditions:
+ match:
+ Event: 'UserEvent'
+ UserEvent: 'TestResult'
+ requirements:
+ match:
+ result: 'pass'
+ count: '1'
+
+properties:
+ dependencies:
+ - sipp:
+ version: 'v3.3'
+ - asterisk : 'res_pjsip'
+ - asterisk : 'res_stir_shaken'
+ tags:
+ - pjsip
+ - stir_shaken
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/extensions.conf
new file mode 100644
index 0000000..9c1f76c
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/extensions.conf
@@ -0,0 +1,4 @@
+[default]
+exten => echo,1,Answer()
+ same => n,Echo()
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/pjsip.conf
new file mode 100644
index 0000000..bbff175
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/pjsip.conf
@@ -0,0 +1,21 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5061
+
+[bob]
+type=endpoint
+aors=aor-bob
+from_user=alice
+transport=transport-udp
+allow=!all,ulaw
+callerid=1234567
+
+[aor-bob]
+type=aor
+contact=sip:bob at 127.0.0.1:5060
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/ec256-private.pem
new file mode 100644
index 0000000..9c34408
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBqnQDP+jQVyc47VT9F9UcfMpV7qKHhTbujrnuLX7BoyoAoGCCqGSM49
+AwEHoUQDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSyarT5H82qwe4LU8hbcBbhmc9g
+jy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/extensions.conf
new file mode 100644
index 0000000..e28a720
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/extensions.conf
@@ -0,0 +1,8 @@
+[default]
+exten => bob,1,Answer()
+ same => n,Set(RESULT=${STIR_SHAKEN(0,verify_result)})
+ same => n,GotoIf($["${RESULT}"="Verification not present"]?pass:fail)
+ same => n(fail),UserEvent(TestResult, result: fail)
+ same => n,Hangup()
+ same => n(pass),UserEvent(TestResult, result: pass)
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/pjsip.conf
new file mode 100644
index 0000000..8b4dbb2
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/pjsip.conf
@@ -0,0 +1,16 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5060
+
+[alice]
+type=endpoint
+context=default
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/stir_shaken.conf
new file mode 100644
index 0000000..cde4616
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/stir_shaken.conf
@@ -0,0 +1,7 @@
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=https://testing.com/test.crt
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/test-config.yaml b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/test-config.yaml
new file mode 100644
index 0000000..e4b43a3
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/test-config.yaml
@@ -0,0 +1,63 @@
+testinfo:
+ summary: 'Tests STIR_SHAKEN_VERIFY_NOT_PRESENT'
+ description: |
+ 'Run two instances of Asterisk and set up an outgoing call
+ via PJSIP. The outgoing side will not have STIR/SHAKEN
+ configured, and therefore will have no Identity section
+ added to the INVITE. The incoming side will test this with
+ the STIR_SHAKEN dialplan function, ensuring that
+ "Verification not present" is the result.'
+
+test-modules:
+ test-object:
+ config-section: test-object-config
+ typename: 'test_case.TestCaseModule'
+ modules:
+ -
+ config-section: 'originator-config'
+ typename: 'pluggable_modules.Originator'
+ -
+ config-section: 'ami-config'
+ typename: 'ami.AMIEventModule'
+ -
+ config-section: 'hangup-monitor'
+ typename: 'pluggable_modules.HangupMonitor'
+
+test-object-config:
+ memcheck-delay-stop: 7
+ asterisk-instances: 2
+ connect-ami: True
+
+hangup-monitor:
+ ids: [ '1', ]
+
+originator-config:
+ trigger: 'ami_connect'
+ ignore-originate-failure: 'no'
+ id: '0'
+ channel: 'PJSIP/bob'
+ context: 'default'
+ exten: 'echo'
+ priority: '1'
+ async: 'True'
+
+ami-config:
+ -
+ type: 'headermatch'
+ id: '1'
+ conditions:
+ match:
+ Event: 'UserEvent'
+ UserEvent: 'TestResult'
+ requirements:
+ match:
+ result: 'pass'
+ count: '1'
+
+properties:
+ dependencies:
+ - asterisk : 'res_pjsip'
+ - asterisk : 'res_stir_shaken'
+ tags:
+ - pjsip
+ - stir_shaken
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/ec256-private.pem
new file mode 100644
index 0000000..9c34408
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBqnQDP+jQVyc47VT9F9UcfMpV7qKHhTbujrnuLX7BoyoAoGCCqGSM49
+AwEHoUQDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSyarT5H82qwe4LU8hbcBbhmc9g
+jy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/extensions.conf
new file mode 100644
index 0000000..9c1f76c
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/extensions.conf
@@ -0,0 +1,4 @@
+[default]
+exten => echo,1,Answer()
+ same => n,Echo()
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/pjsip.conf
new file mode 100644
index 0000000..675fafd
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/pjsip.conf
@@ -0,0 +1,22 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5061
+
+[bob]
+type=endpoint
+aors=aor-bob
+from_user=alice
+transport=transport-udp
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
+
+[aor-bob]
+type=aor
+contact=sip:bob at 127.0.0.1:5060
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/stir_shaken.conf
new file mode 100644
index 0000000..aa71bfc
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/stir_shaken.conf
@@ -0,0 +1,7 @@
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/ec256-private.pem
new file mode 100644
index 0000000..9c34408
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBqnQDP+jQVyc47VT9F9UcfMpV7qKHhTbujrnuLX7BoyoAoGCCqGSM49
+AwEHoUQDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSyarT5H82qwe4LU8hbcBbhmc9g
+jy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/extensions.conf
new file mode 100644
index 0000000..ae0ccc0
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/extensions.conf
@@ -0,0 +1,8 @@
+[default]
+exten => bob,1,Answer()
+ same => n,Set(RESULT=${STIR_SHAKEN(0,verify_result)})
+ same => n,GotoIf($["${RESULT}"="Verification passed"]?pass:fail)
+ same => n(fail),UserEvent(TestResult, result: fail)
+ same => n,Hangup()
+ same => n(pass),UserEvent(TestResult, result: pass)
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/pjsip.conf
new file mode 100644
index 0000000..8b4dbb2
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/pjsip.conf
@@ -0,0 +1,16 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5060
+
+[alice]
+type=endpoint
+context=default
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/stir_shaken.conf
new file mode 100644
index 0000000..af91737
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/stir_shaken.conf
@@ -0,0 +1,10 @@
+[general]
+curl_timeout=5
+
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/test-config.yaml b/tests/channels/pjsip/stir_shaken/stir_shaken_success/test-config.yaml
new file mode 100644
index 0000000..3f3c805
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/test-config.yaml
@@ -0,0 +1,69 @@
+testinfo:
+ summary: 'Tests STIR_SHAKEN_VERIFY_PASSED'
+ description: |
+ 'Run two instances of Asterisk and set up an outgoing call
+ via PJSIP. The outgoing side will have STIR/SHAKEN
+ configured, so an identity header should be present. The
+ incoming side will test this with the STIR_SHAKEN dialplan
+ function, ensuring that "Verification passed" is the result.'
+
+test-modules:
+ test-object:
+ config-section: test-object-config
+ typename: 'test_case.TestCaseModule'
+ modules:
+ -
+ config-section: 'originator-config'
+ typename: 'pluggable_modules.Originator'
+ -
+ config-section: 'ami-config'
+ typename: 'ami.AMIEventModule'
+ -
+ config-section: 'http-server'
+ typename: 'http_static_server.HTTPStaticServer'
+ -
+ config-section: 'hangup-monitor'
+ typename: 'pluggable_modules.HangupMonitor'
+
+test-object-config:
+ memcheck-delay-stop: 7
+ asterisk-instances: 2
+ connect-ami: True
+
+hangup-monitor:
+ ids: [ '1', ]
+
+http-server:
+ port: 8088
+ root-directory: 'contrib/keys'
+
+originator-config:
+ trigger: 'ami_connect'
+ ignore-originate-failure: 'no'
+ id: '0'
+ channel: 'PJSIP/bob'
+ context: 'default'
+ exten: 'echo'
+ priority: '1'
+ async: 'True'
+
+ami-config:
+ -
+ type: 'headermatch'
+ id: '1'
+ conditions:
+ match:
+ Event: 'UserEvent'
+ UserEvent: 'TestResult'
+ requirements:
+ match:
+ result: 'pass'
+ count: '1'
+
+properties:
+ dependencies:
+ - asterisk : 'res_pjsip'
+ - asterisk : 'res_stir_shaken'
+ tags:
+ - pjsip
+ - stir_shaken
diff --git a/tests/channels/pjsip/stir_shaken/tests.yaml b/tests/channels/pjsip/stir_shaken/tests.yaml
new file mode 100644
index 0000000..5025edc
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/tests.yaml
@@ -0,0 +1,5 @@
+tests:
+ - test: 'stir_shaken_failed'
+ - test: 'stir_shaken_mismatch'
+ - test: 'stir_shaken_not_present'
+ - test: 'stir_shaken_success'
diff --git a/tests/channels/pjsip/tests.yaml b/tests/channels/pjsip/tests.yaml
index 564432b..057b8ae 100644
--- a/tests/channels/pjsip/tests.yaml
+++ b/tests/channels/pjsip/tests.yaml
@@ -20,6 +20,7 @@
- dir: 'sdp_offer_answer'
- dir: 'secure_calling'
- dir: 'statsd'
+ - dir: 'stir_shaken'
- dir: 'subscriptions'
- dir: 'transfers'
- dir: 'transport'
--
To view, visit https://gerrit.asterisk.org/c/testsuite/+/14575
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: testsuite
Gerrit-Branch: master
Gerrit-Change-Id: I3aee8f73cc312db5c6e042393395adcef2b2d5eb
Gerrit-Change-Number: 14575
Gerrit-PatchSet: 3
Gerrit-Owner: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20200713/5aeadb09/attachment-0001.html>
More information about the asterisk-code-review
mailing list