(RADIATOR) Crypto EPPwdHash

Pavel A Crasotin pavel at ctk.ru
Sat Jan 15 06:38:30 CST 2005 

Hello all.

We are trying authenticate VoIP user on our gatekeeper using
RADIATOR and Oracle DB as backend. Logins and passwords of voip users
are stored as clear text.

But we have problems. Voip terminal sends login and password to GK as
cryptoEPPwdHash:
    cryptoTokens = 1 entries {
      [0]=cryptoEPPwdHash {
        alias = h323_ID  5 characters {
          0074 0065 0073 0074 0031                  test1
        }
        timeStamp = 1103778935
        token = {
          algorithmOID = 1.2.840.113549.2.5
          paramS = {
          }
          hash = Hex:  b6 5f e7 0d d2 2e c9 18  88 4f e3 aa 54 e7 22 31
        }
      }
    }

GK translates this data to radius server and in RADIATOR debug I see:

Code:       Access-Request
Identifier: 30
Authentic:  R;<154>w<30><0>k'<153>0<0> <16><154><244>$
Attributes:
        User-Name = "test1"
        NAS-IP-Address = 127.0.0.1
        NAS-Port-Type = Async
        Service-Type = Login-User
        cisco-avpair = "xpgk-md5-auth=test1/1103778935/b65fe70dd22ec918884fe3aa54e72231"
        cisco-avpair = "xpgk-request-type=user"


Can anyone help me and explain how can I authenticate these devices?
What should I do to compare hash and password?

As GK we use MVTS if it helps...

Thanks in advance.

--
With respect,
Pavel A Crasotin
OJSC SeverTransCom
Tel: +7 (0852) 58-41-03, 58-01-01
Fax: +7 (0852) 58-01-01


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list