[Sip-implementors] WWW-Authenticate MD5 issue

Wed, 05 Mar 2003 11:08:39 -0800 

Hello All,

Not exactly a SER question, but perhaps someone can help regardless...

I'm having troubles with MD5 algorithm and authorizing against a SIP client.

I have verified the MD5 alrogithm is working properly and is output correct results, 
and I can authorize against one of our SER proxies.

However, when I authorize against another proxy I'm having troubles and the only 
difference I notice is that it has a domain field. I've read the IETF spec about 
domain, but I'm unclear about how it will effect the algorithm:
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 65.39.185.155:5060
From: <sip:[EMAIL PROTECTED]:5060>
To: <sip:[EMAIL PROTECTED]:5060>;tag=fea7371f
Call-ID: [EMAIL PROTECTED]
CSeq: 694980 REGISTER
WWW-Authenticate: Digest 
algorithm=MD5,domain="/",nonce="ouaECxW4AwA=052615b8b67d137234d9087a0acc857f04caa958",realm="sipinfo.iprimus.net"
Content-Length: 0

How does the domain="/" affect my variables as input into this algorithm:

(Hard coded values just to for sake of clarity)

LPCSTR szUserName = "user54";
LPCSTR szRealm = "sipinfo.iprimus.net";
LPCSTR szPassword = "password";

CVsMD5 cMD5A1Hash;
cMD5A1Hash.Write((const BYTE *)szUserName, strlen(szUserName));
cMD5A1Hash.Write((const BYTE *)":", strlen(":"));
cMD5A1Hash.Write((const BYTE *)szRealm, strlen(szRealm));
cMD5A1Hash.Write((const BYTE *)":", strlen(":"));
cMD5A1Hash.Write((const BYTE *)szPassword, strlen(szPassword));
cMD5A1Hash.Close();
CVsString cA1Hash = cMD5A1Hash.GetDigest();

LPCSTR szMethod = "REGISTER";
LPCSTR szURI = "sip:primus.net";

CVsMD5 cMD5A2Hash;
cMD5A2Hash.Write((const BYTE *)szMethod, strlen(szMethod));
cMD5A2Hash.Write((const BYTE *)":", strlen(":"));
cMD5A2Hash.Write((const BYTE *)szURI, strlen(szURI));
cMD5A2Hash.Close();

CVsString cA2Hash = cMD5A2Hash.GetDigest();

LPCSTR szA1Hash = (LPCSTR)cA1Hash;
LPCSTR szNonce = "ouaECxW4AwA=052615b8b67d137234d9087a0acc857f04caa958";
LPCSTR szA2Hash = (LPCSTR)cA2Hash;

CVsMD5 cMD5Response;
cMD5Response.Write((const BYTE *)szA1Hash, strlen(szA1Hash));
cMD5Response.Write((const BYTE *)":", strlen(":"));
cMD5Response.Write((const BYTE *)szNonce, strlen(szNonce));
cMD5Response.Write((const BYTE *)":", strlen(":"));
cMD5Response.Write((const BYTE *)szA2Hash, strlen(szA2Hash));
cMD5Response.Close();

My output is:
REGISTER sip:iprimus.net SIP/2.0
Via: SIP/2.0/UDP 65.39.185.155:5060
From: sip:[EMAIL PROTECTED]
To: sip:[EMAIL PROTECTED]
Contact: sip:[EMAIL PROTECTED]:5060
Call-ID: [EMAIL PROTECTED]
CSeq: 694981 REGISTER
Content-Length: 0
Expires: 3600
Authorization: Digest 
username="user54",realm="sipinfo.iprimus.net",nonce="OuaECxW4AwA=052615b8b67d137234d9087a0acc857f04caa958",response="a3e82b6874e0a39d0b9d70aad8781d37",uri="sip:iprimus.net"

The response when using the same server nonce does NOT match another SIP client I use 
(which can authorize to the server)... What am I doing wrong??

Thanks in advance

_______________________________________________
Sip-implementors mailing list
[EMAIL PROTECTED]
http://lists.cs.columbia.edu/mailman/listinfo/sip-implementors

Reply via email to