Browse code

secsipid: added secsipid_check_identity_pubkey(pubkeyVal)

- functions that checks the identity header validity with a public key
provided in the parameter

Daniel-Constantin Mierla authored on 17/11/2020 09:11:29
Showing 1 changed files
... ...
@@ -46,6 +46,7 @@ static int child_init(int);
46 46
 static void mod_destroy(void);
47 47
 
48 48
 static int w_secsipid_check_identity(sip_msg_t *msg, char *pkeypath, char *str2);
49
+static int w_secsipid_check_identity_pubkey(sip_msg_t *msg, char *pkeyval, char *str2);
49 50
 static int w_secsipid_add_identity(sip_msg_t *msg, char *porigtn, char *pdesttn,
50 51
 			char *pattest, char *porigid, char *px5u, char *pkeypath);
51 52
 
... ...
@@ -54,6 +55,8 @@ static int w_secsipid_add_identity(sip_msg_t *msg, char *porigtn, char *pdesttn,
54 55
 static cmd_export_t cmds[]={
55 56
 	{"secsipid_check_identity", (cmd_function)w_secsipid_check_identity, 1,
56 57
 		fixup_spve_null, fixup_free_spve_null, ANY_ROUTE},
58
+	{"secsipid_check_identity_pubkey", (cmd_function)w_secsipid_check_identity_pubkey, 1,
59
+		fixup_spve_null, fixup_free_spve_null, ANY_ROUTE},
57 60
 	{"secsipid_add_identity", (cmd_function)w_secsipid_add_identity, 6,
58 61
 		fixup_spve_all, fixup_free_spve_all, ANY_ROUTE},
59 62
 	{0, 0, 0, 0, 0, 0}
... ...
@@ -162,6 +165,57 @@ static int w_secsipid_check_identity(sip_msg_t *msg, char *pkeypath, char *str2)
162 165
 	return ki_secsipid_check_identity(msg, &keypath);
163 166
 }
164 167
 
168
+/**
169
+ *
170
+ */
171
+static int ki_secsipid_check_identity_pubkey(sip_msg_t *msg, str *keyval)
172
+{
173
+	int ret = 1;
174
+	str ibody = STR_NULL;
175
+	hdr_field_t *hf;
176
+
177
+	for (hf=msg->headers; hf; hf=hf->next) {
178
+		if (hf->name.len==SECSIPID_HDR_IDENTITY_LEN
179
+				&& strncasecmp(hf->name.s, SECSIPID_HDR_IDENTITY,
180
+					SECSIPID_HDR_IDENTITY_LEN)==0)
181
+			break;
182
+	}
183
+
184
+	if(hf == NULL) {
185
+		LM_DBG("no identity header\n");
186
+		return -1;
187
+	}
188
+
189
+	ibody = hf->body;
190
+
191
+	ret = SecSIPIDCheckFullPubKey(ibody.s, ibody.len, secsipid_expire, keyval->s,
192
+			keyval->len);
193
+
194
+	if(ret==0) {
195
+		LM_DBG("identity check: ok\n");
196
+		return 1;
197
+	}
198
+
199
+	LM_DBG("identity check: failed\n");
200
+	return -1;
201
+}
202
+
203
+/**
204
+ *
205
+ */
206
+static int w_secsipid_check_identity_pubkey(sip_msg_t *msg, char *pkeyval, char *str2)
207
+{
208
+	str keyval = STR_NULL;
209
+
210
+	if(fixup_get_svalue(msg, (gparam_t*)pkeyval, &keyval)<0) {
211
+		LM_ERR("failed to get keyval parameter\n");
212
+		return -1;
213
+	}
214
+
215
+	return ki_secsipid_check_identity_pubkey(msg, &keyval);
216
+}
217
+
218
+
165 219
 /**
166 220
  *
167 221
  */
... ...
@@ -277,6 +331,11 @@ static sr_kemi_t sr_kemi_secsipid_exports[] = {
277 331
 		{ SR_KEMIP_STR, SR_KEMIP_STR, SR_KEMIP_STR,
278 332
 			SR_KEMIP_STR, SR_KEMIP_STR, SR_KEMIP_STR }
279 333
 	},
334
+	{ str_init("secsipid"), str_init("secsipid_check_identity_pubkey"),
335
+		SR_KEMIP_INT, ki_secsipid_check_identity_pubkey,
336
+		{ SR_KEMIP_STR, SR_KEMIP_NONE, SR_KEMIP_NONE,
337
+			SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE }
338
+	},
280 339
 
281 340
 	{ {0, 0}, {0, 0}, 0, NULL, { 0, 0, 0, 0, 0, 0 } }
282 341
 };