#!/usr/local/bin/perl use Digest::MD5 qw(md5 md5_hex md5_base64); # Steps to create the MD5 Challenge # # 1. Create first MD5 hash using username + “:” + realm + “:” + password # # String a1 = username + ":" + realm + ":" + password; # String ha1 = toHexString(mdigest.digest(a1.getBytes())); # # 2. Create second MD5 hash using request_method + “:” + request_uri # # String a2 = request_method.toUpperCase() + ":" + request_uri; # String ha2 = toHexString(mdigest.digest(a2.getBytes())); # # 3. If qop in the response header is “auth” then # the final MD5 hash is calculated using step 3a # else if it is undefined or empty # refer step 3b. # # 3a. Create the final MD5 string using ha1 + “:” + nonce + “:” + nonceCount + “:” + cNonce + “:” + qop + “:” + ha2 # String finalStr = ha1 + ":" + nonce + ":" + nonceCount + ":" + cNonce + ":" + qop + ":" + ha2; # String response = toHexString(mdigest.digest(finalStr.getBytes())); # 3b. Create the final MD5 string using ha1 + “:” + nonce + “:” + ha2 # String finalStr = ha1 + ":" + nonce + ":" + ha2; # String response = toHexString(mdigest.digest(finalStr.getBytes())); # Asrerisk example # Authorization: Digest username="xxxxxx", realm="CallManager", algorithm=MD5, # uri="sip:xxxxxxxxxxxxx", nonce="3Fqa3tCkok", response="027d3d55ce38586d635cf98ec27c027d", # opaque="opaqueData", qop=auth, cnonce="5ad86175", nc=00000002 $qpop=""; $realm="xxxxxxx"; $username="xxxxxxx"; $nonce="6b1d18c4"; $uri="sip:xxxxxxxxxxxxx"; $response="9f30a2a92ba0c0e134c83fabdf90248d"; $password="xxxxxxxxx"; $ha1 = md5_hex("$username:$realm:$password"); $ha2 = md5_hex("REGISTER:$uri"); if ($qpop =~ "auth") { $result3a = md5_hex("$ha1:$nonce:$nc:$cnonce:$qop:$ha2"); } else { $result3b = md5_hex("$ha1:$nonce:$ha2"); } #$result3a = md5_hex("$ha1:$nonce:$nc:$cnonce:$qop:$ha2"); #$result3b = md5_hex("$ha1:$nonce:$ha2"); print "response=", $response, "\n"; print "result3a=", $result3a, "\n"; print "result3b=", $result3b, "\n"; #EOF