Hello,
I am having problems generating a valid HMAC key for my TURN allocate requests to the Lync edge server. I have a valid username / realm / password combination but I always get an error back from the Edge server about the value of the MESSAGE-INTEGRITY attribute. http://msdn.microsoft.com/en-gb/library/dd949398(v=office.12).aspx
I have had no problems before when generating the MESSAGE-INTEGRITY of STUN messages to other TURN servers, and have come across similar issues with signing STUN messages for interop with Lync (which I have overcome). I am aware that the TURN message must be padded with NULLs until it is a multiple of 64 before the signing occurs, and that the key for signing is the MD5 hash of USERNAME : REALM : PASSWORD (where the username / password are acquired from the MRAS request, and the realm is from the 401 response from the TURN server).
I have enabled logging on a Lync client and used Wireshark to get the STUN packets it is sending to the Lync TURN component. I have constructed a test STUN packet to be identical to the one Lync sends, but I am unable to generate the same HMAC as it gets (signing my test packet with the Lync client's username/password from it's MRAS credential response).
Has anyone had any problems getting a valid MESSAGE-INTEGRITY value for the Lync edge server, and if so what was the solution?
Thanks,
Simon