linphone-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-users] How to calculate HA1?!

From: David Sugar
Subject: Re: [Linphone-users] How to calculate HA1?!
Date: Thu, 8 Jun 2023 14:07:43 -0400

I do not know the back history or full context of your question, but basically the registrar/server creates the nonce, and may do so from entirely random data. It is presented as part of the digest challenge in an authentication required response from the server.  I normally temporarily cache the nonces I generate and also encode a timestamp in it to avoid repeats as part of my replay attack avoidance strategy.

 

From: Sean M. Pappalardo
Sent: Thursday, June 8, 2023 1:46 PM
To: Robert Dyck; linphone-users@nongnu.org
Subject: Re: [Linphone-users] How to calculate HA1?!

 

Thank you. I previously got that working, but now don't remember where

the nonce comes from, as I am trying to set up another user. Do I have

to sniff a registration attempt packet to find it?

 

On 3/21/20 11:35, Robert Dyck wrote:

> Here is an example using the command line.

>

> Given user 2@192.168.1.2 with password huh

>

> Hash 1

>

> [rdyck@blacky ~]$ echo -n "2:192.168.1.2:huh" | md5sum

> dce1ddb931719bf0f9ebfbf3d7e88d77

>

> Completing the authorization requires two more hashes.

>

> Hash 2

> echo -n "REGISTER:sip:192.168.1.2" | md5sum

> e2cdec7afb0cc21674cceb668555438b

>

> Hash 3 uses the previous hashes and the nonce - HA1:nonce:HA2

>

> [rdyck@blacky ~]$ echo -n

> "dce1ddb931719bf0f9ebfbf3d7e88d77:5e7653cb00001dc2090a257e1725869dd3ad5f2a0c5426b0:e2cdec7afb0cc21674cceb668555438b" | md5sum

> 847caaf31fe4c371b1cacea53de87253- this would be the response to an

> authorization request.

>

> An actual registration - verify the response hash

>

> Session Initiation Protocol (REGISTER)

>     Request-Line: REGISTER sip:192.168.1.2 SIP/2.0

>     Message Header

>         Via: SIP/2.0/UDP

> 192.168.1.3:53845;branch=z9hG4bKe6b621d8a65eb39e;rport

>         Contact:

> <sip:2-0x23a8e80@192.168.1.3:53845>;expires=3840;+sip.instance="<urn:uuid:827173ac-5761-2b65-4493-94ca86baf98a>"

>         Max-Forwards: 70

>         Authorization: Digest username="2", realm="192.168.1.2",

> nonce="5e7653cb00001dc2090a257e1725869dd3ad5f2a0c5426b0",

> uri="sip:192.168.1.2", response="847caaf31fe4c371b1cacea53de87253"

>         To: <sip:2@192.168.1.2>

>         From: <sip:2@192.168.1.2>;tag=dadb5f2f513c33a3

>         Call-ID: 0b5e6ca4907cdebf

>         [Generated Call-ID: 0b5e6ca4907cdebf]

>         CSeq: 29774 REGISTER

>         User-Agent: baresip v0.6.5 (x86_64/linux)

>         Allow:INVITE,ACK,BYE,CANCEL,OPTIONS,NOTIFY,SUBSCRIBE,INFO,MESSAGE,REFER

>         Content-Length: 0

>

>

>

>

>

> On Saturday, March 21, 2020 9:52:34 A.M. PDT Sean M. Pappalardo wrote:

>

>  > Hello.

>

>  >

>

>  > I'm trying to prepare XML config files for my clients and want to use

>

>  > hashes instead of passwords. How does linphone calculate the hashes it

>

>  > stores in the config file? This should be in the wiki.

>

>  >

>

>  > I've looked at the source code for liblinphone but all I can find is

>

>  > reference to a function called belle_sip_auth_helper_compute_ha1 which

>

>  > isn't actually defined in the source, so where is it??

>

>  >

>

>  > Sincerely,

>

>  > Sean M. Pappalardo

>

>  > Sr. Networks Engineer

>

>  > Renegade Technologies

 

 

--

Sean M. Pappalardo

Sr. Networks Engineer

Renegade Technologies

 

 

reply via email to
[Prev in Thread] Current Thread [Next in Thread]