HA1=SHA(username:realm:password)
HA2=SHA(method:digestURI)
response=SHA(HA1:nonce:HA2)

Perhaps it can be done with config file scripting, if you are familiar with transformations and header manipulation. But I think it will be simpler to extend auth module to support different hashing algorithm.

The code for computing shaX is already in kamailio (used for shaX transformations), so the change in auth should be about advertising and detecting when the new algorithm has to be used.

Cheers,
Daniel

Hello,

 

In my scenario with a Kamailio server, I have a VOIP client connecting to the server which, for some reasons, cannot calculate MD5 hashes but only SHA. In this situation, would it be possible to change the authentication algorithm by either modifying Kamailio scripts or writing an external module to do that?

 

As far as I know, the authentication response is calculated as follow (standard HTTP Digest authentication) :

HA1=MD5(username:realm:password)

HA2=MD5(method:digestURI)

response=MD5(HA1:nonce:HA2)

 

For that, I have to save ha1 and ha1b values in the DB with the SHA function directly (with a trigger for example), and then change the authentication method too.

What is the best solution to do that? Does a module already exists?

 

Thank you!

 

Frederic Mathys

System Integration & Validation

 

_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio World Conference, May 27-29, 2015
Berlin, Germany - http://www.kamailioworld.com