[Asterisk-code-review] STIR/SHAKEN: Add tests for possible results. (testsuite[master])

Friendly Automation asteriskteam at digium.com
Mon Jul 13 05:40:03 CDT 2020


Friendly Automation has submitted this change. ( https://gerrit.asterisk.org/c/testsuite/+/14575 )

Change subject: STIR/SHAKEN: Add tests for possible results.
......................................................................

STIR/SHAKEN: Add tests for possible results.

Added four new tests, each testing a different STIR/SHAKEN verification
result: STIR_SHAKEN_VERIFICATION_SUCCESS,
STIR_SHAKEN_VERIFICATION_FAILED, STIR_SHAKEN_VERIFICATION_MISTMATCH, and
STIR_SHAKEN_VERIFICATION_NOT_PRESENT.

Change-Id: I3aee8f73cc312db5c6e042393395adcef2b2d5eb
---
A contrib/keys/ec256-public.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_failed/test-config.yaml
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/sipp/send-invite.xml
A tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/test-config.yaml
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_not_present/test-config.yaml
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/ec256-private.pem
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/extensions.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/pjsip.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/stir_shaken.conf
A tests/channels/pjsip/stir_shaken/stir_shaken_success/test-config.yaml
A tests/channels/pjsip/stir_shaken/tests.yaml
M tests/channels/pjsip/tests.yaml
34 files changed, 590 insertions(+), 0 deletions(-)

Approvals:
  Joshua Colp: Looks good to me, approved
  Kevin Harwell: Looks good to me, but someone else must approve
  Friendly Automation: Approved for Submit



diff --git a/contrib/keys/ec256-public.pem b/contrib/keys/ec256-public.pem
new file mode 100644
index 0000000..c4e3bf3
--- /dev/null
+++ b/contrib/keys/ec256-public.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSy
+arT5H82qwe4LU8hbcBbhmc9gjy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END PUBLIC KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/ec256-private.pem
new file mode 100644
index 0000000..245e248
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIKjXgQ4o3wimaS+WuZP5tra2bjxq8pzYTf39+pLf70J9oAoGCCqGSM49
+AwEHoUQDQgAEcN+9C3HT51puV8YiHAB4/Yt69/6X7+kA3kRrRE5sV+BsW8IVLV6O
+LCrMKiQyrV/0iPVOMOpY09hhwoi6/v9D4g==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/extensions.conf
new file mode 100644
index 0000000..9c1f76c
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/extensions.conf
@@ -0,0 +1,4 @@
+[default]
+exten => echo,1,Answer()
+ same => n,Echo()
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/pjsip.conf
new file mode 100644
index 0000000..675fafd
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/pjsip.conf
@@ -0,0 +1,22 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5061
+
+[bob]
+type=endpoint
+aors=aor-bob
+from_user=alice
+transport=transport-udp
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
+
+[aor-bob]
+type=aor
+contact=sip:bob at 127.0.0.1:5060
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/stir_shaken.conf
new file mode 100644
index 0000000..aa71bfc
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast1/stir_shaken.conf
@@ -0,0 +1,7 @@
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/ec256-private.pem
new file mode 100644
index 0000000..245e248
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIKjXgQ4o3wimaS+WuZP5tra2bjxq8pzYTf39+pLf70J9oAoGCCqGSM49
+AwEHoUQDQgAEcN+9C3HT51puV8YiHAB4/Yt69/6X7+kA3kRrRE5sV+BsW8IVLV6O
+LCrMKiQyrV/0iPVOMOpY09hhwoi6/v9D4g==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/extensions.conf
new file mode 100644
index 0000000..c720c85
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/extensions.conf
@@ -0,0 +1,8 @@
+[default]
+exten => bob,1,Answer()
+ same => n,Set(RESULT=${STIR_SHAKEN(0,verify_result)})
+ same => n,GotoIf($["${RESULT}"="Signature failed"]?pass:fail)
+ same => n(fail),UserEvent(TestResult, result: fail)
+ same => n,Hangup()
+ same => n(pass),UserEvent(TestResult, result: pass)
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/pjsip.conf
new file mode 100644
index 0000000..8b4dbb2
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/pjsip.conf
@@ -0,0 +1,16 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5060
+
+[alice]
+type=endpoint
+context=default
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/stir_shaken.conf
new file mode 100644
index 0000000..af91737
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/configs/ast2/stir_shaken.conf
@@ -0,0 +1,10 @@
+[general]
+curl_timeout=5
+
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_failed/test-config.yaml b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/test-config.yaml
new file mode 100644
index 0000000..5707c52
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_failed/test-config.yaml
@@ -0,0 +1,70 @@
+testinfo:
+    summary:     'Tests STIR_SHAKEN_SIGNATURE_FAILED'
+    description: |
+        'Run two instances of Asterisk and set up an outgoing call
+        via PJSIP. The outgoing side will have STIR/SHAKEN
+        configured, so an identity header should be present. The
+        incoming side will test this with the STIR_SHAKEN dialplan
+        function, ensuring that "Signature failed" is the result,
+        using private and public keys that do not match.'
+
+test-modules:
+    test-object:
+        config-section: test-object-config
+        typename: 'test_case.TestCaseModule'
+    modules:
+        -
+            config-section: 'originator-config'
+            typename: 'pluggable_modules.Originator'
+        -
+            config-section: 'ami-config'
+            typename: 'ami.AMIEventModule'
+        -
+            config-section: 'http-server'
+            typename: 'http_static_server.HTTPStaticServer'
+        -
+            config-section: 'hangup-monitor'
+            typename: 'pluggable_modules.HangupMonitor'
+
+test-object-config:
+    memcheck-delay-stop: 7
+    asterisk-instances: 2
+    connect-ami: True
+
+hangup-monitor:
+    ids: [ '1', ]
+
+http-server:
+    port: 8088
+    root-directory: 'contrib/keys'
+
+originator-config:
+    trigger: 'ami_connect'
+    ignore-originate-failure: 'no'
+    id: '0'
+    channel: 'PJSIP/bob'
+    context: 'default'
+    exten: 'echo'
+    priority: '1'
+    async: 'True'
+
+ami-config:
+    -
+        type: 'headermatch'
+        id: '1'
+        conditions:
+            match:
+                Event: 'UserEvent'
+                UserEvent: 'TestResult'
+        requirements:
+            match:
+                result: 'pass'
+        count: '1'
+
+properties:
+    dependencies:
+        - asterisk : 'res_pjsip'
+        - asterisk : 'res_stir_shaken'
+    tags:
+        - pjsip
+        - stir_shaken
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/ec256-private.pem
new file mode 100644
index 0000000..9c34408
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBqnQDP+jQVyc47VT9F9UcfMpV7qKHhTbujrnuLX7BoyoAoGCCqGSM49
+AwEHoUQDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSyarT5H82qwe4LU8hbcBbhmc9g
+jy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/extensions.conf
new file mode 100644
index 0000000..c9d902e
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/extensions.conf
@@ -0,0 +1,8 @@
+[default]
+exten => test,1,Answer()
+ same => n,Set(RESULT=${STIR_SHAKEN(0,verify_result)})
+ same => n,GotoIf($["${RESULT}"="Verification mismatch"]?pass:fail)
+ same => n(fail),UserEvent(TestResult, result: fail)
+ same => n,Hangup()
+ same => n(pass),UserEvent(TestResult, result: pass)
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/pjsip.conf
new file mode 100644
index 0000000..a55168b
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/pjsip.conf
@@ -0,0 +1,13 @@
+[global]
+debug=yes
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1
+
+[anonymous]
+type=endpoint
+context=default
+allow=!all,ulaw
+stir_shaken=yes
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/stir_shaken.conf
new file mode 100644
index 0000000..aa71bfc
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/configs/ast1/stir_shaken.conf
@@ -0,0 +1,7 @@
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/sipp/send-invite.xml b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/sipp/send-invite.xml
new file mode 100644
index 0000000..8c15886
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/sipp/send-invite.xml
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!DOCTYPE scenario SYSTEM "sipp.dtd">
+
+<scenario name="INVITE with Identity Header">
+  <send retrans="500">
+    <![CDATA[
+
+      INVITE sip:test@[remote_ip]:[remote_port] SIP/2.0
+      Via: SIP/2.0/[transport] [local_ip]:[local_port];branch=[branch]
+      From: test1 <sip:[service]@[local_ip]:[local_port]>;tag=[call_number]
+      To: test <sip:test@[remote_ip]:[remote_port]>
+      Call-ID: 1234567
+      CSeq: 1 INVITE
+      Contact: <sip:test@[local_ip]:[local_port];transport=[transport]>
+      Max-Forwards: 70
+      Identity: eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cDovLzEyNy4wLjAuMTo4MDg4L2VjMjU2LXB1YmxpYy5wZW0ifQ==.eyJvcmlnIjp7InRuIjoiMTIzNDU2NyJ9LCJhdHRlc3QiOiJDIiwib3JpZ2lkIjoidGVzdHN1aXRlIiwiaWF0IjoxNTkzMDE4ODcwfQ==.MEUCIDoDpo1F++fJuv4ItB1uO7ULFZUfpa0l5XXeGif8NCD6AiEAmTWr+NkUqIHNDuV8KZzvDj2nFg2PCeCs7jD9BtIsBzc=;info=<http://127.0.0.1:8088/ec256-public.pem>alg=ES256;ppt=shaken
+      Subject: Test
+      User-Agent: Test
+      Content-Type: application/sdp
+      Content-Length: [len]
+
+      v=0
+      o=phoneA 53655765 2353687637 IN IP[local_ip_type] [local_ip]
+      s=-
+      c=IN IP[media_ip_type] [media_ip]
+      t=0 0
+      m=audio 6000 RTP/AVP 0
+      a=rtpmap:0 PCMU/8000
+
+    ]]>
+  </send>
+
+  <recv response="100" optional="true"/>
+
+  <recv response="200" rtd="true"/>
+
+  <send>
+    <![CDATA[
+
+      ACK sip:test@[remote_ip]:[remote_port] SIP/2.0
+      Via: SIP/2.0/[transport] [local_ip]:[local_port];branch=[branch]
+      From: test1 <sip:[service]@[local_ip]:[local_port]>;tag=[call_number]
+      To: test <sip:test@[remote_ip]:[remote_port]>[peer_tag_param]
+      Call-ID: [call_id]
+      CSeq: 1 ACK
+      Contact: <sip:test@[local_ip]:[local_port];transport=[transport]>
+      Max-Forwards: 70
+      Subject: Test
+      Content-Length: 0
+
+    ]]>
+  </send>
+
+  <recv request="BYE"/>
+
+  <send>
+    <![CDATA[
+
+      SIP/2.0 200 OK
+      [last_Via:]
+      [last_From:]
+      [last_To:]
+      [last_Call-ID:]
+      [last_CSeq:]
+      Contact: <sip:test@[local_ip]:[local_port];transport=[transport]>
+      Content-Length: 0
+
+    ]]>
+  </send>
+
+</scenario>
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/test-config.yaml b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/test-config.yaml
new file mode 100644
index 0000000..ff6a57d
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_mismatch/test-config.yaml
@@ -0,0 +1,59 @@
+testinfo:
+    summary:     'Tests STIR_SHAKEN_VERIFY_MISMATCH'
+    description: |
+        'Run one instance of Asterisk and set up an incoming call
+        via PJSIP and SIPp. An identity header will be present in the
+        INVITE. The STIR_SHAKEN dialplan function will check that
+        "Verification mismatch" is the result.'
+
+test-modules:
+    test-object:
+        config-section: sipp-config
+        typename: 'sipp.SIPpTestCase'
+    modules:
+        -
+            config-section: 'ami-config'
+            typename: 'ami.AMIEventModule'
+        -
+            config-section: 'http-server'
+            typename: 'http_static_server.HTTPStaticServer'
+        -
+            config-section: 'hangup-monitor'
+            typename: 'pluggable_modules.HangupMonitor'
+
+hangup-monitor:
+    ids: [ '0', ]
+
+http-server:
+    port: 8088
+    root-directory: 'contrib/keys'
+
+sipp-config:
+    fail-on-any: False
+    test-iterations:
+        -
+            scenarios:
+                    - { 'key-args': { 'scenario': 'send-invite.xml', '-i': '127.0.0.1', '-p': '5061', '-s': 'anon' }}
+
+ami-config:
+    -
+        type: 'headermatch'
+        id: '0'
+        conditions:
+            match:
+                Event: 'UserEvent'
+                UserEvent: 'TestResult'
+        requirements:
+            match:
+                result: 'pass'
+        count: '1'
+
+properties:
+    dependencies:
+        - sipp:
+            version: 'v3.3'
+        - asterisk : 'res_pjsip'
+        - asterisk : 'res_stir_shaken'
+    tags:
+        - pjsip
+        - stir_shaken
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/extensions.conf
new file mode 100644
index 0000000..9c1f76c
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/extensions.conf
@@ -0,0 +1,4 @@
+[default]
+exten => echo,1,Answer()
+ same => n,Echo()
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/pjsip.conf
new file mode 100644
index 0000000..bbff175
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast1/pjsip.conf
@@ -0,0 +1,21 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5061
+
+[bob]
+type=endpoint
+aors=aor-bob
+from_user=alice
+transport=transport-udp
+allow=!all,ulaw
+callerid=1234567
+
+[aor-bob]
+type=aor
+contact=sip:bob at 127.0.0.1:5060
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/ec256-private.pem
new file mode 100644
index 0000000..9c34408
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBqnQDP+jQVyc47VT9F9UcfMpV7qKHhTbujrnuLX7BoyoAoGCCqGSM49
+AwEHoUQDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSyarT5H82qwe4LU8hbcBbhmc9g
+jy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/extensions.conf
new file mode 100644
index 0000000..e28a720
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/extensions.conf
@@ -0,0 +1,8 @@
+[default]
+exten => bob,1,Answer()
+ same => n,Set(RESULT=${STIR_SHAKEN(0,verify_result)})
+ same => n,GotoIf($["${RESULT}"="Verification not present"]?pass:fail)
+ same => n(fail),UserEvent(TestResult, result: fail)
+ same => n,Hangup()
+ same => n(pass),UserEvent(TestResult, result: pass)
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/pjsip.conf
new file mode 100644
index 0000000..8b4dbb2
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/pjsip.conf
@@ -0,0 +1,16 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5060
+
+[alice]
+type=endpoint
+context=default
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/stir_shaken.conf
new file mode 100644
index 0000000..cde4616
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/configs/ast2/stir_shaken.conf
@@ -0,0 +1,7 @@
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=https://testing.com/test.crt
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/test-config.yaml b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/test-config.yaml
new file mode 100644
index 0000000..e4b43a3
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_not_present/test-config.yaml
@@ -0,0 +1,63 @@
+testinfo:
+    summary:     'Tests STIR_SHAKEN_VERIFY_NOT_PRESENT'
+    description: |
+        'Run two instances of Asterisk and set up an outgoing call
+        via PJSIP. The outgoing side will not have STIR/SHAKEN
+        configured, and therefore will have no Identity section
+        added to the INVITE. The incoming side will test this with
+        the STIR_SHAKEN dialplan function, ensuring that
+        "Verification not present" is the result.'
+
+test-modules:
+    test-object:
+        config-section: test-object-config
+        typename: 'test_case.TestCaseModule'
+    modules:
+        -
+            config-section: 'originator-config'
+            typename: 'pluggable_modules.Originator'
+        -
+            config-section: 'ami-config'
+            typename: 'ami.AMIEventModule'
+        -
+            config-section: 'hangup-monitor'
+            typename: 'pluggable_modules.HangupMonitor'
+
+test-object-config:
+    memcheck-delay-stop: 7
+    asterisk-instances: 2
+    connect-ami: True
+
+hangup-monitor:
+    ids: [ '1', ]
+
+originator-config:
+    trigger: 'ami_connect'
+    ignore-originate-failure: 'no'
+    id: '0'
+    channel: 'PJSIP/bob'
+    context: 'default'
+    exten: 'echo'
+    priority: '1'
+    async: 'True'
+
+ami-config:
+    -
+        type: 'headermatch'
+        id: '1'
+        conditions:
+            match:
+                Event: 'UserEvent'
+                UserEvent: 'TestResult'
+        requirements:
+            match:
+                result: 'pass'
+        count: '1'
+
+properties:
+    dependencies:
+        - asterisk : 'res_pjsip'
+        - asterisk : 'res_stir_shaken'
+    tags:
+        - pjsip
+        - stir_shaken
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/ec256-private.pem
new file mode 100644
index 0000000..9c34408
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBqnQDP+jQVyc47VT9F9UcfMpV7qKHhTbujrnuLX7BoyoAoGCCqGSM49
+AwEHoUQDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSyarT5H82qwe4LU8hbcBbhmc9g
+jy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/extensions.conf
new file mode 100644
index 0000000..9c1f76c
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/extensions.conf
@@ -0,0 +1,4 @@
+[default]
+exten => echo,1,Answer()
+ same => n,Echo()
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/pjsip.conf
new file mode 100644
index 0000000..675fafd
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/pjsip.conf
@@ -0,0 +1,22 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5061
+
+[bob]
+type=endpoint
+aors=aor-bob
+from_user=alice
+transport=transport-udp
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
+
+[aor-bob]
+type=aor
+contact=sip:bob at 127.0.0.1:5060
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/stir_shaken.conf
new file mode 100644
index 0000000..aa71bfc
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast1/stir_shaken.conf
@@ -0,0 +1,7 @@
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/ec256-private.pem b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/ec256-private.pem
new file mode 100644
index 0000000..9c34408
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/ec256-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBqnQDP+jQVyc47VT9F9UcfMpV7qKHhTbujrnuLX7BoyoAoGCCqGSM49
+AwEHoUQDQgAETFyAe9OyRbqxRzeDLR8mw9ljPBSyarT5H82qwe4LU8hbcBbhmc9g
+jy4SnZ7knbNkwPKkaIIosI/WM8ceRpUcEA==
+-----END EC PRIVATE KEY-----
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/extensions.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/extensions.conf
new file mode 100644
index 0000000..ae0ccc0
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/extensions.conf
@@ -0,0 +1,8 @@
+[default]
+exten => bob,1,Answer()
+ same => n,Set(RESULT=${STIR_SHAKEN(0,verify_result)})
+ same => n,GotoIf($["${RESULT}"="Verification passed"]?pass:fail)
+ same => n(fail),UserEvent(TestResult, result: fail)
+ same => n,Hangup()
+ same => n(pass),UserEvent(TestResult, result: pass)
+ same => n,Hangup()
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/pjsip.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/pjsip.conf
new file mode 100644
index 0000000..8b4dbb2
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/pjsip.conf
@@ -0,0 +1,16 @@
+[system]
+type=system
+timer_t1=100
+timer_b=6400
+
+[transport-udp]
+type=transport
+protocol=udp
+bind=127.0.0.1:5060
+
+[alice]
+type=endpoint
+context=default
+allow=!all,ulaw
+callerid=1234567
+stir_shaken=yes
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/stir_shaken.conf b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/stir_shaken.conf
new file mode 100644
index 0000000..af91737
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/configs/ast2/stir_shaken.conf
@@ -0,0 +1,10 @@
+[general]
+curl_timeout=5
+
+[bob]
+type=certificate
+path=<<astetcdir>>/ec256-private.pem
+public_key_url=http://127.0.0.1:8088/ec256-public.pem
+caller_id_number=1234567
+attestation=C
+origid=testsuite
diff --git a/tests/channels/pjsip/stir_shaken/stir_shaken_success/test-config.yaml b/tests/channels/pjsip/stir_shaken/stir_shaken_success/test-config.yaml
new file mode 100644
index 0000000..3f3c805
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/stir_shaken_success/test-config.yaml
@@ -0,0 +1,69 @@
+testinfo:
+    summary:     'Tests STIR_SHAKEN_VERIFY_PASSED'
+    description: |
+        'Run two instances of Asterisk and set up an outgoing call
+        via PJSIP. The outgoing side will have STIR/SHAKEN
+        configured, so an identity header should be present. The
+        incoming side will test this with the STIR_SHAKEN dialplan
+        function, ensuring that "Verification passed" is the result.'
+
+test-modules:
+    test-object:
+        config-section: test-object-config
+        typename: 'test_case.TestCaseModule'
+    modules:
+        -
+            config-section: 'originator-config'
+            typename: 'pluggable_modules.Originator'
+        -
+            config-section: 'ami-config'
+            typename: 'ami.AMIEventModule'
+        -
+            config-section: 'http-server'
+            typename: 'http_static_server.HTTPStaticServer'
+        -
+            config-section: 'hangup-monitor'
+            typename: 'pluggable_modules.HangupMonitor'
+
+test-object-config:
+    memcheck-delay-stop: 7
+    asterisk-instances: 2
+    connect-ami: True
+
+hangup-monitor:
+    ids: [ '1', ]
+
+http-server:
+    port: 8088
+    root-directory: 'contrib/keys'
+
+originator-config:
+    trigger: 'ami_connect'
+    ignore-originate-failure: 'no'
+    id: '0'
+    channel: 'PJSIP/bob'
+    context: 'default'
+    exten: 'echo'
+    priority: '1'
+    async: 'True'
+
+ami-config:
+    -
+        type: 'headermatch'
+        id: '1'
+        conditions:
+            match:
+                Event: 'UserEvent'
+                UserEvent: 'TestResult'
+        requirements:
+            match:
+                result: 'pass'
+        count: '1'
+
+properties:
+    dependencies:
+        - asterisk : 'res_pjsip'
+        - asterisk : 'res_stir_shaken'
+    tags:
+        - pjsip
+        - stir_shaken
diff --git a/tests/channels/pjsip/stir_shaken/tests.yaml b/tests/channels/pjsip/stir_shaken/tests.yaml
new file mode 100644
index 0000000..5025edc
--- /dev/null
+++ b/tests/channels/pjsip/stir_shaken/tests.yaml
@@ -0,0 +1,5 @@
+tests:
+    - test: 'stir_shaken_failed'
+    - test: 'stir_shaken_mismatch'
+    - test: 'stir_shaken_not_present'
+    - test: 'stir_shaken_success'
diff --git a/tests/channels/pjsip/tests.yaml b/tests/channels/pjsip/tests.yaml
index 564432b..057b8ae 100644
--- a/tests/channels/pjsip/tests.yaml
+++ b/tests/channels/pjsip/tests.yaml
@@ -20,6 +20,7 @@
     - dir: 'sdp_offer_answer'
     - dir: 'secure_calling'
     - dir: 'statsd'
+    - dir: 'stir_shaken'
     - dir: 'subscriptions'
     - dir: 'transfers'
     - dir: 'transport'

-- 
To view, visit https://gerrit.asterisk.org/c/testsuite/+/14575
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: testsuite
Gerrit-Branch: master
Gerrit-Change-Id: I3aee8f73cc312db5c6e042393395adcef2b2d5eb
Gerrit-Change-Number: 14575
Gerrit-PatchSet: 3
Gerrit-Owner: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20200713/5aeadb09/attachment-0001.html>


More information about the asterisk-code-review mailing list