GeoVision Authentication Errors

onvif_stream.txt

POST /onvif/device_service HTTP/1.1
Host: 10.192.5.11
User-Agent: gSOAP/2.8
Content-Type: application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver10/device/wsdl/GetDeviceInformation"
Content-Length: 3017
Connection: close
SOAPAction: "http://www.onvif.org/ver10/device/wsdl/GetDeviceInformation"

<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope" xmlns:SOAP-ENC="http://www.w3.org/2003/05/soap-encoding" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:chan="http://schemas.microsoft.com/ws/2005/02/duplex" xmlns:wsa5="http://www.w3.org/2005/08/addressing" xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:wsc="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:tplt="http://www.onvif.org/ver10/plus/schema" xmlns:xmime="http://tempuri.org/xmime.xsd" xmlns:xop="http://www.w3.org/2004/08/xop/include" xmlns:tt="http://www.onvif.org/ver10/schema" xmlns:wsrfbf="http://docs.oasis-open.org/wsrf/bf-2" xmlns:wstop="http://docs.oasis-open.org/wsn/t-1" xmlns:wsrfr="http://docs.oasis-open.org/wsrf/r-2" xmlns:name="http://www.onvif.org/ver20/analytics/wsdl/RuleEngineBinding" xmlns:name10="http://www.onvif.org/ver10/events/wsdl/PausableSubscriptionManagerBinding" xmlns:name2="http://www.onvif.org/ver20/analytics/wsdl/AnalyticsEngineBinding" xmlns:tan="http://www.onvif.org/ver20/analytics/wsdl" xmlns:name3="http://www.onvif.org/ver10/events/wsdl/PullPointSubscriptionBinding" xmlns:name4="http://www.onvif.org/ver10/events/wsdl/EventBinding" xmlns:tev="http://www.onvif.org/ver10/events/wsdl" xmlns:name5="http://www.onvif.org/ver10/events/wsdl/SubscriptionManagerBinding" xmlns:name6="http://www.onvif.org/ver10/events/wsdl/NotificationProducerBinding" xmlns:name7="http://www.onvif.org/ver10/events/wsdl/NotificationConsumerBinding" xmlns:name8="http://www.onvif.org/ver10/events/wsdl/PullPointBinding" xmlns:name9="http://www.onvif.org/ver10/events/wsdl/CreatePullPointBinding" xmlns:wsnt="http://docs.oasis-open.org/wsn/b-2" xmlns:tds="http://www.onvif.org/ver10/device/wsdl" xmlns:timg="http://www.onvif.org/ver20/imaging/wsdl" xmlns:tpl="http://www.onvif.org/ver10/plus/wsdl" xmlns:tptz="http://www.onvif.org/ver20/ptz/wsdl" xmlns:tr2="http://www.onvif.org/ver20/media/wsdl" xmlns:trt="http://www.onvif.org/ver10/media/wsdl"><SOAP-ENV:Header><wsse:Security SOAP-ENV:mustUnderstand="true"><wsse:UsernameToken><wsse:Username>test</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">5WeRy5ISXsadX2gQCxVVRGbnlXk=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">LBFjXKbBYWkfH3oIs831JTLkX7I=</wsse:Nonce><wsu:Created>2019-02-13T07:04:05Z</wsu:Created></wsse:UsernameToken></wsse:Security></SOAP-ENV:Header><SOAP-ENV:Body><tds:GetDeviceInformation></tds:GetDeviceInformation></SOAP-ENV:Body></SOAP-ENV:Envelope>
HTTP/1.1 400 Bad Request
Date: Wed, 13 Feb 2019 03:04:05 GMT
Server: App-webs/
Connection: close
Content-Length: 2214
Content-Type: application/soap+xml; charset=utf-8

<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:soapenc="http://www.w3.org/2003/05/soap-encoding" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tt="http://www.onvif.org/ver10/schema" xmlns:tds="http://www.onvif.org/ver10/device/wsdl" xmlns:trt="http://www.onvif.org/ver10/media/wsdl" xmlns:timg="http://www.onvif.org/ver20/imaging/wsdl" xmlns:tev="http://www.onvif.org/ver10/events/wsdl" xmlns:tptz="http://www.onvif.org/ver20/ptz/wsdl" xmlns:tan="http://www.onvif.org/ver20/analytics/wsdl" xmlns:tst="http://www.onvif.org/ver10/storage/wsdl" xmlns:ter="http://www.onvif.org/ver10/error" xmlns:dn="http://www.onvif.org/ver10/network/wsdl" xmlns:tns1="http://www.onvif.org/ver10/topics" xmlns:tmd="http://www.onvif.org/ver10/deviceIO/wsdl" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl" xmlns:wsoap12="http://schemas.xmlsoap.org/wsdl/soap12" xmlns:http="http://schemas.xmlsoap.org/wsdl/http" xmlns:d="http://schemas.xmlsoap.org/ws/2005/04/discovery" xmlns:wsadis="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsnt="http://docs.oasis-open.org/wsn/b-2" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wstop="http://docs.oasis-open.org/wsn/t-1" xmlns:wsrf-bf="http://docs.oasis-open.org/wsrf/bf-2" xmlns:wsntw="http://docs.oasis-open.org/wsn/bw-2" xmlns:wsrf-rw="http://docs.oasis-open.org/wsrf/rw-2" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:wsrf-r="http://docs.oasis-open.org/wsrf/r-2" xmlns:trc="http://www.onvif.org/ver10/recording/wsdl" xmlns:tse="http://www.onvif.org/ver10/search/wsdl" xmlns:trp="http://www.onvif.org/ver10/replay/wsdl" xmlns:tnsn="http://www.eventextension.com/2011/event/topics" xmlns:extwsd="http://www.onvifext.com/onvif/ext/ver10/wsdl" xmlns:extxsd="http://www.onvifext.com/onvif/ext/ver10/schema"><env:Body><env:Fault><env:Code><env:Value>env:Sender</env:Value>
<env:Subcode><env:Value>ter:NotAuthorized</env:Value>
</env:Subcode>
</env:Code>
<env:Reason><env:Text xml:lang="en">The action requested requires authorization and the sender is not authorized</env:Text>
</env:Reason>
</env:Fault>
</env:Body>
</env:Envelope>

rtsp.py

import hashlib

def md5(s):
    h = hashlib.md5()
    h.update(s.encode("utf-8"))
    return h.hexdigest()

username = "test"
password = "Test1234"
realm = "78a183412b1c"
method = "DESCRIBE"
uri = "rtsp://10.192.5.11:554/Streaming/Channels/101"

good_nonce = "eaa4c3fb6d70d94a494f18900470ff11"
good_response = "1dabd52a304c82f533fe33e7d0f50d4a"

bad_nonce = "3bc020edb9732bc7ced9e6f555d27677"
bad_response = "a8d307a02aa89c151fc8d02950550e9d"

#compare good packet (ffplay)
ha1 = md5("{0}:{1}:{2}".format(username, realm, password))
ha2 = md5("{0}:{1}".format(method, uri))
new_response = md5("{0}:{1}:{2}".format(ha1, good_nonce, ha2))
print(good_response, new_response)

#compare bad packet (GeoVision)
ha1 = md5("{0}:{1}:{2}".format(username, realm, password))
ha2 = md5("{0}:{1}".format(method, uri))
new_response = md5("{0}:{1}:{2}".format(ha1, bad_nonce, ha2))
print(bad_response, new_response)


#### Output
#### 1dabd52a304c82f533fe33e7d0f50d4a 1dabd52a304c82f533fe33e7d0f50d4a
#### a8d307a02aa89c151fc8d02950550e9d 7e6f30736f2b087b18bf6b29c0d44c6d

rtsp_stream.txt

OPTIONS rtsp://10.192.5.11:554/Streaming/Channels/101 RTSP/1.0
CSeq: 5363
User-Agent: GeoRtspClient (RtspClient)

RTSP/1.0 200 OK
CSeq: 5363
Public: OPTIONS, DESCRIBE, PLAY, PAUSE, SETUP, TEARDOWN, SET_PARAMETER, GET_PARAMETER
Date:  Wed, Feb 13 2019 02:52:41 GMT

DESCRIBE rtsp://10.192.5.11:554/Streaming/Channels/101 RTSP/1.0
CSeq: 5364
Accept: application/sdp
User-Agent: GeoRtspClient (RtspClient)

RTSP/1.0 401 Unauthorized
CSeq: 5364
WWW-Authenticate: Digest realm="78a183412b1c", nonce="3bc020edb9732bc7ced9e6f555d27677", stale="FALSE"
WWW-Authenticate: Basic realm="78a183412b1c"
Date:  Wed, Feb 13 2019 02:52:41 GMT

DESCRIBE rtsp://10.192.5.11:554/Streaming/Channels/101 RTSP/1.0
CSeq: 5365
Accept: application/sdp
Authorization: Digest username="test", realm="78a183412b1c", nonce="3bc020edb9732bc7ced9e6f555d27677", uri="rtsp://10.192.5.11:554/Streaming/Channels/101", response="a8d307a02aa89c151fc8d02950550e9d"
User-Agent: GeoRtspClient (RtspClient)

RTSP/1.0 401 Unauthorized
CSeq: 5365
WWW-Authenticate: Digest realm="78a183412b1c", nonce="b4de8485081eec31a6ae49506eefc1c9", stale="FALSE"
WWW-Authenticate: Basic realm="78a183412b1c"
Date:  Wed, Feb 13 2019 02:52:41 GMT