gpt4 book ai didi

radius-protocol - 计算 RADIUS 消息的验证者字段

转载 作者:行者123 更新时间:2023-12-02 01:41:58 46 4
gpt4 key购买 nike

我正在尝试实现 RADIUS 协议(protocol)。根据 RFC 2866,对于 RADIUS 记帐,在计算 Authenticator 字段时,这些步骤如下:

The Authenticator field in an Accounting-Response packet is called the Response Authenticator, and contains a one-way MD5 hash calculated over a stream of octets consisting of the Accounting- Response Code, Identifier, Length, the Request Authenticator field from the Accounting-Request packet being replied to, and the response attributes if any, followed by the shared secret. The resulting 16 octet MD5 hash value is stored in the Authenticator field of the Accounting-Response packet.



我正在尝试计算它,但无法获得正确的值:
代码 = 5 (0x05) 1 个字节
标识符:134 (0x86) 1 个字节
长度:20 (0x0014) 2 字节
请求认证器:bac85592365b2e786ad3095a1cf22646,16字节
我的回复中没有属性
共享 secret :63 21 6d 40 35 32 32 35 (c!m@5225)

因此 MD% 哈希的输入为:
05860014bac85592365b2e786ad3095a1cf2264663216d4035323235
我得到:
b7ac1e6909302b06bd021aede380dbc5 使用这两个网站: http://www.md5hashgenerator.com/http://www.miraclesalad.com/webtools/md5.php

实际响应的身份验证器为 9629702dca9469714fb423ca7b1525bc
我正在比较查看客户端/服务器发送的真实 RADIUS 数据包,而我计算的身份验证器与服务器发送的数据包不匹配。有什么想法吗?
The RFC 2865 at the end has a couple of examples. Example 1, using the shared
secret "xyzzy5461"



User Telnet to Specified Host

The NAS at 192.168.1.16 sends an Access-Request UDP packet to the
RADIUS Server for a user named nemo logging in on port 3 with
password "arctangent".

The Request Authenticator is a 16 octet random number generated by
the NAS.

The User-Password is 16 octets of password padded at end with nulls,
XORed with MD5(shared secret|Request Authenticator).

01 00 00 38 0f 40 3f 94 73 97 80 57 bd 83 d5 cb
98 f4 22 7a 01 06 6e 65 6d 6f 02 12 0d be 70 8d
93 d4 13 ce 31 96 e4 3f 78 2a 0a ee 04 06 c0 a8
01 10 05 06 00 00 00 03

1 Code = Access-Request (1)
1 ID = 0
2 Length = 56
16 Request Authenticator

Attributes:

6 User-Name = "nemo"
18 User-Password
6 NAS-IP-Address = 192.168.1.16
6 NAS-Port = 3

The RADIUS server authenticates nemo, and sends an Access-Accept UDP
packet to the NAS telling it to telnet nemo to host 192.168.1.3.

The Response Authenticator is a 16-octet MD5 checksum of the code
(2), id (0), Length (38), the Request Authenticator from above, the
attributes in this reply, and the shared secret.

02 00 00 26 86 fe 22 0e 76 24 ba 2a 10 05 f6 bf
9b 55 e0 b2 06 06 00 00 00 01 0f 06 00 00 00 00
0e 06 c0 a8 01 03

1 Code = Access-Accept (2)
1 ID = 0 (same as in Access-Request)
2 Length = 38
16 Response Authenticator

Attributes:

6 Service-Type (6) = Login (1)
6 Login-Service (15) = Telnet (0)
6 Login-IP-Host (14) = 192.168.1.3

最佳答案

问题解决了!在线 md5 工具需要字符串,因此即使我传递了字节值,它也被视为字符串,因此是错误的值。

关于radius-protocol - 计算 RADIUS 消息的验证者字段,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28074449/

46 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com