需要 SIP 摘要身份验证方面的帮助

发布于 2024-10-15 01:47:22 字数 1659 浏览 7 评论 0原文

我正在实施 SIP 摘要身份验证。这是我来自服务器的 401 响应。

SIP/2.0 401 Unauthorized
Call-ID: ed1c36aedb36da07d8d2cfe6b0126521@0:0:0:0:0:0:0:0
CSeq: 7 REGISTER
From: "myuser" <sip:[email protected]>;tag=c41616b8
To: "myuser" <sip:[email protected]>;tag=ac7e0189ab09b4fde10c77c8597b662a.5cbe
Via: SIP/2.0/UDP 172.22.162.100:5060;branch=z9hG4bK-333333-dd5444afbd4938fe01d9e1a47ccaf139
WWW-Authenticate: Digest realm="sip2sip.info", nonce="4d417ba7bb1906c1434ba9645b35d5a84d0e71ad"
Server: SIP Thor on OpenSIPS XS 1.4.5
Content-Length: 0

根据 RFC 2617 构建摘要响应的代码应该如下所示(在 Groovy 中)

def md5(user, realm, pass, method, String uri, nonce) {
  def paramsDump = """md5() params
  user: $user
  realm: $realm
  password: $pass
  method: $method
  uri: $uri
  nonce: $nonce
"""
  print paramsDump

  def A1 = DigestUtils.md5Hex ("$user:$realm:$pass")    
  def A2 = DigestUtils.md5Hex ("$method:$uri")

  def left = DigestUtils.md5Hex (A1)      
  def right = DigestUtils.md5Hex (A2) 

  DigestUtils.md5Hex ("$left:$nonce:$right")
}

md5 ('myuser',
    'sip2sip.info',
    'mypass',
    'REGISTER',
    'sip:sip2sip.info',
    '4d417ba7bb1906c1434ba9645b35d5a84d0e71ad')

由于某种原因,它产生的值与我期望的值不同(我知道应该适用于我的帐户的预定义值 - 我已经对 SIP Communicator 应用程序进行了一些流量嗅探)。 DigestUtils 类型来自 Apache Codec。有什么想法吗?

I'm impelementing SIP Digest authentication. Here's my 401 response from server.

SIP/2.0 401 Unauthorized
Call-ID: ed1c36aedb36da07d8d2cfe6b0126521@0:0:0:0:0:0:0:0
CSeq: 7 REGISTER
From: "myuser" <sip:[email protected]>;tag=c41616b8
To: "myuser" <sip:[email protected]>;tag=ac7e0189ab09b4fde10c77c8597b662a.5cbe
Via: SIP/2.0/UDP 172.22.162.100:5060;branch=z9hG4bK-333333-dd5444afbd4938fe01d9e1a47ccaf139
WWW-Authenticate: Digest realm="sip2sip.info", nonce="4d417ba7bb1906c1434ba9645b35d5a84d0e71ad"
Server: SIP Thor on OpenSIPS XS 1.4.5
Content-Length: 0

According to RFC 2617 the code to construct digest response should look like this (in Groovy)

def md5(user, realm, pass, method, String uri, nonce) {
  def paramsDump = """md5() params
  user: $user
  realm: $realm
  password: $pass
  method: $method
  uri: $uri
  nonce: $nonce
"""
  print paramsDump

  def A1 = DigestUtils.md5Hex ("$user:$realm:$pass")    
  def A2 = DigestUtils.md5Hex ("$method:$uri")

  def left = DigestUtils.md5Hex (A1)      
  def right = DigestUtils.md5Hex (A2) 

  DigestUtils.md5Hex ("$left:$nonce:$right")
}

md5 ('myuser',
    'sip2sip.info',
    'mypass',
    'REGISTER',
    'sip:sip2sip.info',
    '4d417ba7bb1906c1434ba9645b35d5a84d0e71ad')

For some reason it yields the value that differs from the one I expect (I know the predefined values that should work for my account - I've done some traffic sniffing of SIP Communicator application). DigestUtils type comes from Apache Codec. Any ideas?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

逆光下的微笑 2024-10-22 01:47:22

我不明白为什么你要这样创建左侧和右侧,不是

def A1 = DigestUtils.md5Hex ("$user:$realm:$pass")    
def A2 = DigestUtils.md5Hex ("$method:$uri")

DigestUtils.md5Hex ("$A1:$nonce:$A2")

根据第 3.2.2.1 节吗?

但我可能会错过一些东西......;)

I don't understand why you create the left and right like that, wouldn't

def A1 = DigestUtils.md5Hex ("$user:$realm:$pass")    
def A2 = DigestUtils.md5Hex ("$method:$uri")

DigestUtils.md5Hex ("$A1:$nonce:$A2")

be according to section 3.2.2.1?

But I just might be missing something...;)

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文