H(A1) = hash(username-value: realm-value:passwd)
where passwd is the RES value calculated in step2 (RFC3310 chapter 3.3 defines The resulting AKA RES parameter is treated as a "passwd" when calculating the response directive of RFC 2617.)
H(A2) = hash(sip-Method:digest-uri-value)
request-digest in final response = KD ( H(A1),nonce-value
":" nc-value
":" cnonce-value
":" qop-value
":" H(A2)
)
Since previous calculated RES value is hex value 5C33FEDD8A4E7295, and landslide would automatically use the private username and realm in phonebook for HA1, so the the H(A1) would be : Hash(996890000103000@one.att.net:one.att.net:\0x5C33FEDD8A4E7295’) in our case.
H(A2) should be: Hash(REGISTER:sip:one.att.net). the hash algorithm used here for H(A1) and H(A2) should be MD5 HASH which is specified in authorization header of 401 message from IMS. 4. Convert the ascii value of the first part of A1 into hex before doing hash(A1), we got the hex value of the whole A1 is 393936383930303030313033303030406F6E652E6174742E6E65743A6F6E652E6174742E6E65743A5C33FEDD8A4E7295. 5. Using the online MD5 Hash tool: https://cryptii.com/md5-hash, by inputing the above hex value, we could get the MD5 hash value of H(A1) is:
ec9d3ff850fc4bff584550db50fef4b4. FOR H(A2), using the same online tool, we got value 86e3f6ea2c0e12cdf079e89ac0eaba60. 6. The last step is to Calculate the final response based on HA1 and HA2. According to spec RFC 2617:
request-digest in final response = hash( H(A1),nonce-value":" nc-value":" cnonce-value":" qop-value":" H(A2) so in our case: it shouldb be:
request-digest in final response = hash(ec9d3ff850fc4bff584550db50fef4b4:5Y6htWUK4hbrDJNoq/hkMQ0IYq3OpwD/sVdRtl57Z+w=:00000001:298c:auth:86e3f6ea2c0e12cdf079e89ac0eaba60) where NONCE,QOP could be found in 401 message, CNONCE(client random value) and NC-value(nonce count value) are generated by client and could be found in the second register's authorization header.
By input the ascii value ‘ec9d3ff850fc4bff584550db50fef4b4:5Y6htWUK4hbrDJNoq/hkMQ0IYq3OpwD/sVdRtl57Z+w=:00000001:298c: auth:86e3f6ea2c0e12cdf079e89ac0eaba60' in online tool, we got the final response value 92ac9933f846fb15a17707b0048dc1c9 which is the same as what we saw in second register sent by landslide. So seems like the manually computed response value matches the one landslide sent out in second regsiter message, so nothing wrong? Then why IMS rejected it, interesting? If we look into the details of the second register message, we could find out that the username value in authorization is "996890000103000@private.att.net". wait a minute, why "996890000103000@private.att.net"? the realm and domain we configured in phonebook is one.att.net, and the username we configured in phone is 996890000103000, so the username used for above mentioned H(A1) should be "996890000103000@one.att.net", and this is also the username value landslide used to compute H(A1) and how we used to compute H(A1) using online tools. Now if we look into the sip message editor, we could find out that user manually customized the username value to "{from-uri-user}@private.att.net" for some reason, that must be the reason we saw such unexpected username value in final message sent out by landslide. So in this case, IMS was using username "996890000103000@private.att.net" retrieved from second register message sent by landslide to compute H(A1), while Landslide was using the "private username" + "realm" configured in phonebook (which is 996890000103000@one.att.net) to compute H(A1), that's the root cause of mismatched response value reported by IMS. The reason of landslide doing this is that landslide would calculate the final response and populate the message first, then apply the customized header in message editor, so the replacment of username value by the one customized in message editor happens after final response calculation. Now if we get the debug info from IMS/HSS, find the expected response value inside IMS, and we compute the same response based on username "996890000103000@private.att.net" with above mentioned tools, we could find out we will get a matched response value. so the solution is just to make sure we send out a matched username in message with the one landslide used to compute H(A1), either change value in message edtior back to phonebook's value, or change phonebook accordingly.