Support for 3GPP/IMS digest AKA (AKAv1-MD5) SIP authentication

[bennylp]

Digest AKA is utilized by 3GPP/IMS, and is specified in RFC 3310: Hypertext Transfer Protocol (HTTP) Digest Authentication Using Authentication and Key Agreement (AKA).

[bennylp]

In r1488:

Initial support for AKA framework in r:

• added new library, libmilenage, under third_party directory for Milenage algorithms. This was taken directly from 3GPP spec.
• the SIP credential structure (pjsip_cred_info) has been improved to support specifying non-MD5 credential and specifying callback to compute the response digest, and added with new information specific to AKA authentication.
• added sip_auth_aka.[h|c] for the implementation of AKA response calculation.
• added base64 encoding and decoding in PJLIB-UTIL

This implementation adds support for AKA authentication without adding footprint overhead to the stack.

To support AKA authentication, application just need to specify a new type of credential that uses callback function to calculate the response. Below is the snippet on how this should be used:

 pjsip_cred_info cred;

 // Always bzero as a good practice
 pj_bzero(&cred, sizeof(cred));

 cred.realm = pj_str("*");
 cred.scheme = pj_str("digest");
 cred.username = pj_str("THE_USER");
 cred.data_type = PJSIP_CRED_DATA_PLAIN_PASSWD | PJSIP_CRED_DATA_EXT_AKA;  // <-- NEW !!!
 cred.data = .. the password ..;  // <-- For MD5 authentication

 // AKA specific info
 cred.ext.aka.k = ...;   // permanent key
 cred.ext.aka.op = ...;  // operator variant key
 cred.ext.aka.amf = ...; // authentication management field.
 cred.ext.aka.cb = &pjsip_auth_create_akav1;

The PJSIP_CRED_DATA_EXT_AKA flag indicates that digest computation will be performed by the callback function in ext.aka.cb rather than the built-in MD5.

A new pjsip_auth_create_akav1() function is provided in the library to compute AKAv1 digest. When the algorithm in the challenge is "AKAv1-MD5" (case-insensitive), this function will parse nonce in the challenge to get RAND and AUTN values and compute AKAv1-MD5 response digest according to the AKA keys specified in the credential.

The pjsip_auth_create_akav1() function also supports falling back to the normal MD5 authentication, if the challenge specifies "MD5" as the algorithm. In this case, it assumes that data field contains the password of the credential, either in plain-text if PJSIP_CRED_DATA_PLAIN_PASSWD flag is specified, or hashed password if PJSIP_CRED_DATA_DIGEST flag is specified.

Alternatively application may create and use response calculation function other than pjsip_auth_create_akav1(), for example to support AKAv2 authentication.