From b318625a0780418c88f8c7946f119ea41d0a8bd9 Mon Sep 17 00:00:00 2001 From: "Jean-Marc Pigeon (Delson)" Date: Sat, 5 Jul 2025 10:10:27 -0400 Subject: [PATCH] Still working of the DIGEST-MD5 authentication --- Makefile.dbg | 4 +- lib/DIGEST-MD5 | 71 +++++++++++++++++++++++++++++- lib/DIGEST-MD5-1 | 112 +++++++++++++++++++++++++++++++++++++++++++++++ lib/lvleml.c | 5 ++- lib/yyy | 25 +++++++++++ 5 files changed, 212 insertions(+), 5 deletions(-) create mode 100644 lib/DIGEST-MD5-1 create mode 100644 lib/yyy diff --git a/Makefile.dbg b/Makefile.dbg index 6b8b472..9fad8c0 100644 --- a/Makefile.dbg +++ b/Makefile.dbg @@ -43,7 +43,9 @@ digest : clean debug -r $(TESTDIR) \ -c ./conf/$(APPNAME).conf.dvl \ -d 9 \ - "|127.127.10.25|1025|1" + "|devel5.safe.ca|1025|1" + +# "|127.127.10.25|1025|1" onercvr : clean debug @ \ diff --git a/lib/DIGEST-MD5 b/lib/DIGEST-MD5 index 477cee4..c797e0a 100644 --- a/lib/DIGEST-MD5 +++ b/lib/DIGEST-MD5 @@ -9,13 +9,80 @@ A1: chris+secret nonce cnonce eb5a750053e4d2c34aa84bbc9b0b6ee7:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk -> 54442ff1f394d9d0de1205cef4d9cebe -A2 + +A2 digest-uri="imap/elwood.innosoft.com" AUTHENTICATE:imap/elwood.innosoft.com -> 15e3594677e51ade69715d1cb7d207ba RESPONSE - A1A nonce nc-value cnonce qpop A2 + A1 nonce nc-value cnonce qpop A2 54442ff1f394d9d0de1205cef4d9cebe:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba -> 26ef1190b643a36e879673066098379c OK. #----------------------------------------- +RFC-2831 +example 1 (B64) +X chris:elwood.innosoft.com:secret + Y -> eb5a750053e4d2c34aa84bbc9b0b6ee7 + +A1 +chris+secret nonce cnonce +eb5a750053e4d2c34aa84bbc9b0b6ee7:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk + HA1 -> 54442ff1f394d9d0de1205cef4d9cebe + +A2 digest-uri="imap/elwood.innosoft.com" +AUTHENTICATE:imap/elwood.innosoft.com + HA2 -> 15e3594677e51ade69715d1cb7d207ba + +RESPONSE + HA1 nonce nc-value cnonce qpop HA2 +54442ff1f394d9d0de1205cef4d9cebe:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba + -> 26ef1190b643a36e879673066098379c +expected-> d388dad90d4bbd760a152321f2143af7 + NO Match +#------- +example 2 (ACAP) +chris:elwood.innosoft.com:secret + -> eb5a750053e4d2c34aa84bbc9b0b6ee7 +A1 +chris+secret nonce cnonce +eb5a750053e4d2c34aa84bbc9b0b6ee7:OA9BSXrbuRhWay:OA9BSuZWMSpW8m + -> da2ad3976e8e37a03ecd844797a82ae7 + +A2 digest-uri="acap/elwood.innosoft.com" +AUTHENTICATE:acap/elwood.innosoft.com + -> c557ec746787450143826ac2c55cbabf + +RESPONSE + A1 nonce nc-value cnonce qpop A2 +da2ad3976e8e37a03ecd844797a82ae7:OA9BSXrbuRhWay:00000001:OA9BSuZWMSpW8m:auth:c557ec746787450143826ac2c55cbabf + -> 90771dc5643a801bb9a9bcbb1ed3cd34 + NO Match + + + +#----------------------------------------- +#Essais avec mailleur (password xxx) +webmaster@example.com:mailleur.example.com:xxx + -> 841ece3c65e16f381f58f3ee5c28dabc + +A1 +webmaster+secret nonce cnonce +841ece3c65e16f381f58f3ee5c28dabc:ABCDEF:0b5f7bf8d392423e355bd2e2375fcd25 + HEX=38343165636533633635653136663338316635386633656535633238646162633A4142434445463A3062356637626638643339323432336533353562643265323337356663643235 + HA1 -> 94a52c447501f0729d2f2a07dfde9c9e + +A2 digest-uri="smtp/127.127.10.25" +AUTHENTICATE:smtp/127.127.10.25 + HEX=41555448454E5449434154453A736D74702F3132372E3132372E31302E3235 + HA2 -> df0b39e40b72a0f55dba5c2e153b0b7f + + +RESPONSE + A1 nonce nc-value cnonce qpop A2 +94a52c447501f0729d2f2a07dfde9c9e:ABCDEF:00000001:0b5f7bf8d392423e355bd2e2375fcd25:auth:df0b39e40b72a0f55dba5c2e153b0b7f + HEX=94a52c447501f0729d2f2a07dfde9c9e:ABCDEF:00000001:0b5f7bf8d392423e355bd2e2375fcd25:auth:df0b39e40b72a0f55dba5c2e153b0b7 + + -> 3eafcc0a2e5d920e4b3ee691b2cf9e15 + NO Match + caaee0870f16e83f8176e0de724567a1 diff --git a/lib/DIGEST-MD5-1 b/lib/DIGEST-MD5-1 new file mode 100644 index 0000000..5339d11 --- /dev/null +++ b/lib/DIGEST-MD5-1 @@ -0,0 +1,112 @@ +#----------------------------------------- +#Essais avec mailleur (password xxx) +webmaster@example.com:mailleur.example.com:xxx + -> 841ece3c65e16f381f58f3ee5c28dabc + +A1 007862:asterisk:1q2w3e + HA1 -> 64e5dd333209a9af67ec11d61b3c6479 + +A2 REGISTER:sip:192.168.55.167:5060 + HA2 -> 7df6ad58ee02df3e342fe72722bd624c + + +RESPONSE + HA1 nonce nc-value cnonce qpop HA2 +64e5dd333209a9af67ec11d61b3c6479:1612176383/ac153881bb7f5c7fafe2179aa4ed5617:00000001:CC77FDAA:auth:7df6ad58ee02df3e342fe72722bd624c + HRSP=611d34af182ff56ffec67a04ce8561e5 + Match + +#-------------------------------# +X webmaster@example.com:devel5.safe.ca:mailleur2 + Y -> 139f041506766c07cab7dc7bd842e535 + +A1 139f041506766c07cab7dc7bd842e535:ABCDEF:DjrYLBA3zOo=: + HA1 -> b4e0e53f97f1ec651567be200ded6216 + +A2 AUTHENTICATE:smtp/devel5.safe.ca + HA2 -> 41054b020583decd30bce12313b60579 + + HA1 nonce nc-value cnonce qpop HA2 +b4e0e53f97f1ec651567be200ded6216:ABCDEF:00000001:DjrYLBA3zOo=:auth:41054b020583decd30bce12313b60579 + +#-------------------------------# +X webmaster@example.com:devel5.safe.ca:xxx + Y -> 9bf22611048932ad8661a24966fcc9da + +A1 60dbd555ac12ca306e2a011af850062f:abcdef:f4d9a4fdf85df7bc50d74ab893673f08 + HA1 -> 2630ba89adf72bddf006949fc68be360 + HEXA1 -> 3236333062613839616466373262646466303036393439666336386265333630 + +A2 AUTHENTICATE:smtp/devel5.safe.ca + Ha2 -> d0b815ab45006cd0a0ae2a1e44c26311 + HEXA2 -> 6430623831356162343530303663643061306165326131653434633236333131 + + + HEXA1 nonce nc-value cnonce qpop HEXA2 +3236333062613839616466373262646466303036393439666336386265333630:abcdef:00000001:f4d9a4fdf85df7bc50d74ab893673f08:auth:6430623831356162343530303663643061306165326131653434633236333131 + -> d975a253dbeb1463d5e81621c62de806 + NO Match + Expected 1a23eaa7400ca40d732c5518df1c6bf6 + + + +#-------------------------------# +A1 webmaster@example.com:devel5.safe.ca:xxx + HA1 -> 60dbd555ac12ca306e2a011af850062f + +A2 AUTHENTICATE:smtp/devel5.safe.ca + HA2 -> d0b815ab45006cd0a0ae2a1e44c26311 + +md5-sess +MHA2 60dbd555ac12ca306e2a011af850062f:abcdef:491ea65a17ebf2375c6de7b89089a0c6 + HMHA2-> 72926dc581112b30f0fb5835b16eb98f + +AU 72926dc581112b30f0fb5835b16eb98f:abcdef:00000001:491ea65a17ebf2375c6de7b89089a0c6:auth:d0b815ab45006cd0a0ae2a1e44c26311 + a8b1d5e4d239a7342ba25edf07a92161 + + +R 23734732d5893f5f4c8db0d11afdb16f + + +#-------------------------------# +#RFC 2831 +A1 chris:elwood.innosoft.com:secret + HA1 -> eb5a750053e4d2c34aa84bbc9b0b6ee7 + +A3 eb5a750053e4d2c34aa84bbc9b0b6ee7:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk + HA3 -> 54442ff1f394d9d0de1205cef4d9cebe + +A5 chris:elwood.innosoft.com:secret:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk + HA5 -> 64fab581c08cd3607db0e2cb7448f8fc + +#Using 16 octet MD5 hash +A7 chris:elwood.innosoft.com:secret + MA7 -> 53e4d2c34aa84bbc + +A9 53E4D2C34AA84BBC:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk + HA9 -> ed24c93d123ef0a9f86b6284e21f9795 (lower) + HA9 -> 808ab19ea0b8021813668e78659d4a61 (Upper) + +#using MD4 +A11 chris:elwood.innosoft.com:secret + MD4 -> efc8655e58a71662cd7e05321207a166 +A13 efc8655e58a71662cd7e05321207a166:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk + HA13-> f36feb336734edd02e66eefbe2bc410d + +# +A2 AUTHENTICATE:imap/elwood.innosoft.com + HA2 -> 15e3594677e51ade69715d1cb7d207ba + +AU3 54442ff1f394d9d0de1205cef4d9cebe:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba + HA2 -> 26ef1190b643a36e879673066098379c + (MAtch Question + https://stackoverflow.com/questions/40505711/digest-md5-response-generation) + + +AU5 64fab581c08cd3607db0e2cb7448f8fc:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba + HAU4-> d1e92278b0fe2998049370e46965d610 + +AU9 808ab19ea0b8021813668e78659d4a61:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba + +AU13 f36feb336734edd02e66eefbe2bc410d:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba + diff --git a/lib/lvleml.c b/lib/lvleml.c index 7d75206..c6b7066 100644 --- a/lib/lvleml.c +++ b/lib/lvleml.c @@ -490,11 +490,12 @@ while (proceed==true) { (void) rou_alert(0,"%s JMPDBG phase='%d'",OPEP,phase); switch (phase) { case 0 : { //Building the challenge sequence + #define FMT "realm=\"%s\",nonce=\"%s\",qop=\"auth\",algorithm=md5-sess,charset=utf-8" char *nonce; //nonce=cnv_getrndstr(20); - nonce=strdup("ABCDEF"); + nonce=strdup("abcdef"); (void) snprintf(challenge,sizeof(challenge),FMT,contact->locname,nonce); nonce=rou_freestr(nonce); } @@ -569,7 +570,7 @@ cur.tv_nsec/=10000; //100 millisec //seq=strdup("<01234567890ABCDEFGHIJKLMNOPQRST@mailpostg.example.com>"); //seq=strdup("username = "); //seq=strdup("realm=\"elwood.innosoft.com\",nonce=\"OA6MG9tEQGm2hh\",qop=\"auth\",algorithm=md5-sess,charset=utf-8"); -seq=strdup("realm=\"example.com\",nonce=\"0123456789\",algorithm=md5-sess"); +seq=strdup("realm=\"example.com\",nonce=\"0123456789\",algorithm=xmd5"); (void) rou_alert(0,"%s JMPDBG SEQ=<%s>",OPEP,seq); code=(char *)0; usr=(USRTYP *)0; diff --git a/lib/yyy b/lib/yyy new file mode 100644 index 0000000..d72f530 --- /dev/null +++ b/lib/yyy @@ -0,0 +1,25 @@ +#---------------------------- +#RFC 2831 + +A1 chris:elwood.innosoft.com:secret + MD5 -> eb5a750053e4d2c34aa84bbc9b0b6ee7 + ASC ëZuSäÒÃJ¨K¼�␋nç + +HA1 ëZuSäÒÃJ¨K¼�␋nç:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk + MD5 -> 31eff9910059e25fc196bb1fd4f3b6a2 + +A2 AUTHENTICATE:imap/elwood.innosoft.com + HA2 -> 15e3594677e51ade69715d1cb7d207ba + +Reponse 31eff9910059e25fc196bb1fd4f3b6a2:A6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba + MD5 -> + + + +#---------------- +# +USR webmaster@example.com:devel5.safe.ca:xxx + MD5 -> 60dbd555ac12ca306e2a011af850062f + +A1 `��U��0n*��P/:abcdef:241d0e88112556c60f8154a8da8f3ce7 + MD5 -> -- 2.47.3