Holger Kinkelin wrote: > username = "1000" > realm = "192.168.0.31" > password = "1000" > digestURI = "sip:192.168.0.31" > nonce = "4520e111333a24d8c4f3d20c6171cc37dfa2be33" > recCounter = "00000001" > cNonce = "abcdefghi" > qualOfProt IS MISSING! > > Now I try to calculate the digest as follows: (rfc 2617) > > HA1 = md5(username + ":" + realm + ":" + password) > HA2 = md5(digestURI)
Actually it should be HA2 = md5(method + ":" + digestURI) > response = md5(HA1 + ":" + nonce + ":" + recCounter + ":" + cNonce + > ":" + qop + ":" + HA2) This calculation is chosen only when "qop" is requested by the server (i.e. "qop" parameter is present in WWW/Proxy-Authenticate header in 401/407 response). When "qop" is not present, the response is calculated as: response = MD5(ha1 + ":" + nonce + ":" + ha2) > I'm not sure about two points: > > 1.) Is it correct to use the value "sip:192.168.0.31" as digestURI? Or > is it s.th else? Yes it's correct, as long as you put the same URI in the uri parameter in Authorization header and in the request URI. > 2.) I don't get a value for qop in the ethereal trace. Don't I need > this value? Is it a constant? The value is taken from "qop" parameter in 401/407 response. If this parameter is not present, it means server doesn't require quality of protection, so you'll use the second version of response calculation above (which doesn't require qop). HTH, -benny > > Thanks for replies, > Holger > _______________________________________________ > Sip-implementors mailing list > [email protected] > https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors -- Benny Prijono http://www.pjsip.org _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
