linphone-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-users] How to calculate HA1?!

From: Sean M. Pappalardo
Subject: Re: [Linphone-users] How to calculate HA1?!
Date: Thu, 8 Jun 2023 10:43:25 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.11.0
Thank you. I previously got that working, but now don't remember where the nonce comes from, as I am trying to set up another user. Do I have to sniff a registration attempt packet to find it? 

On 3/21/20 11:35, Robert Dyck wrote:

Here is an example using the command line.

Given user 2@192.168.1.2 with password huh

Hash 1

[rdyck@blacky ~]$ echo -n "2:192.168.1.2:huh" | md5sum
dce1ddb931719bf0f9ebfbf3d7e88d77

Completing the authorization requires two more hashes.

Hash 2
echo -n "REGISTER:sip:192.168.1.2" | md5sum
e2cdec7afb0cc21674cceb668555438b

Hash 3 uses the previous hashes and the nonce - HA1:nonce:HA2
[rdyck@blacky ~]$ echo -n "dce1ddb931719bf0f9ebfbf3d7e88d77:5e7653cb00001dc2090a257e1725869dd3ad5f2a0c5426b0:e2cdec7afb0cc21674cceb668555438b" | md5sum 847caaf31fe4c371b1cacea53de87253- this would be the response to an authorization request. 

An actual registration - verify the response hash

Session Initiation Protocol (REGISTER)
    Request-Line: REGISTER sip:192.168.1.2 SIP/2.0
    Message Header
       Via: SIP/2.0/UDP 192.168.1.3:53845;branch=z9hG4bKe6b621d8a65eb39e;rport        Contact: <sip:2-0x23a8e80@192.168.1.3:53845>;expires=3840;+sip.instance="<urn:uuid:827173ac-5761-2b65-4493-94ca86baf98a>" 
        Max-Forwards: 70
       Authorization: Digest username="2", realm="192.168.1.2", nonce="5e7653cb00001dc2090a257e1725869dd3ad5f2a0c5426b0", uri="sip:192.168.1.2", response="847caaf31fe4c371b1cacea53de87253" 
        To: <sip:2@192.168.1.2>
        From: <sip:2@192.168.1.2>;tag=dadb5f2f513c33a3
        Call-ID: 0b5e6ca4907cdebf
        [Generated Call-ID: 0b5e6ca4907cdebf]
        CSeq: 29774 REGISTER
        User-Agent: baresip v0.6.5 (x86_64/linux)
        Allow:INVITE,ACK,BYE,CANCEL,OPTIONS,NOTIFY,SUBSCRIBE,INFO,MESSAGE,REFER
        Content-Length: 0





On Saturday, March 21, 2020 9:52:34 A.M. PDT Sean M. Pappalardo wrote:

 > Hello.

 >

 > I'm trying to prepare XML config files for my clients and want to use

 > hashes instead of passwords. How does linphone calculate the hashes it

 > stores in the config file? This should be in the wiki.

 >

 > I've looked at the source code for liblinphone but all I can find is

 > reference to a function called belle_sip_auth_helper_compute_ha1 which

 > isn't actually defined in the source, so where is it??

 >

 > Sincerely,

 > Sean M. Pappalardo

 > Sr. Networks Engineer

 > Renegade Technologies



--
Sean M. Pappalardo
Sr. Networks Engineer
Renegade Technologies

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]