3Com VCX V7111 User Manual page 172

User Agent, redirect or registrar servers typically use 401 Unauthorized response to
challenge authentication containing a WWW-Authenticate header, and expect the re-INVITE
to contain an Authorization header.
The following example describes the Digest Authentication procedure including computation
of User Agent credentials.
The REGISTER request is sent to Registrar/Proxy server for registration, as follows:
REGISTER sip:10.2.2.222 SIP/2.0
Via: SIP/2.0/UDP 10.1.1.200
From: <sip: 122@10.1.1.200>;tag=1c17940
To: <sip: 122@10.1.1.200>
Call-ID: 634293194@10.1.1.200
User-Agent: 3Com-Sip-Gateway/8FXS/v.4.20.299.410
CSeq: 1 REGISTER
Contact: sip:122@10.1.1.200:
Expires:3600
On receiving this request the Registrar/Proxy returns 401 Unauthorized response.
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 10.2.1.200
From: <sip:122@10.2.2.222 >;tag=1c17940
To: <sip:122@10.2.2.222 >
Call-ID: 634293194@10.1.1.200
Cseq: 1 REGISTER
Date: Mon, 30 Jul 2001 15:33:54 GMT
Server: Columbia-SIP-Server/1.17
Content-Length: 0
WWW-Authenticate: Digest realm="3Com.com",
nonce="11432d6bce58ddf02e3b5e1c77c010d2",
stale=FALSE,
algorithm=MD5
According to the sub-header present in the WWW-Authenticate header the correct
REGISTER request is formed.
Since the algorithm used is MD5, take the following:
The username is equal to the endpoint phone number: 122
The realm return by the proxy: 3Com.com
The password from the ini file: 3Com.
The equation to be evaluated: (according to RFC this part is called A1).
"122:3Com.com:3Com".
The MD5 algorithm is run on this equation and stored for future usage.
The result is: "a8f17d4b41ab8dab6c95d3c14e34a9e1"
To evaluate the par called A2, take the following:
The method type "REGISTER"
172 3Com VCX V7111 VoIP SIP Gateway User Manual