md5 nonce construction?


#1

Hi All,

I’m trying to troubleshoot a client not being able to register. My suspicion is that its implementation of the www-authentication is flawed on this client UA.

I’m trying to re-create the challenge and response of md5 hashes using a console “echo -n “” |md5sum” to verify what I’m seeing.

I have rifled through the RFC 2617, in attempt to understand how the client would construct its response to the challenge, but other than learing that user Mufasa has “Circle Of Life” as a password, it hasn’t taken me forward very much.

What I understand of the response nonce is:
md5 < A1,nonce:A2
where A1 = md5secret (as you would put it in the sip.conf)
nonce = the nonce that was issued in the 401 challenge
A2 =md5<( (method: md5<URI value))

Can you please explain to me how the client’s response hash is put together?

Thanks,
Leo


#2

Hi,

to setup an md5 password on asterisk you should do like this

echo “username:domain:password” | md5sum

where domain=asterisk by default

HTH

Ronald


#3

Hi Ronald,
Thanks for your reply.
I already found how to make an md5secret from the voip.org wiki :laughing: and it wasn’t entirely my question. But that’s probably me not being clear enough.

What I’m after is:
UA -> Asterisk : "invite"
Asterisk -> UA: 401 + nonce (= challenge)
UA->Asterisk: reply_nonce (reply to challenge)

In this reply_nonce, the UA will take a couple of variables, like username:realm:password and a couple of other things, and uses that to build the reply hash.
What I’m after is which elements/variables are used to come to that reply_nonce.

Take care,
Leo