string.Format("rspauth={0}",

public string rspauth(string Username, string Realm, string Password, string Nonce, string Cnonce,
  string m_Authzid, string m_DigestUri, string Qop, string m_Nc)
   {
       //          HEX( KD ( HEX(H(A1)),
       //              { nonce-value, ":" nc-value, ":",
       //                cnonce-value, ":", qop-value, ":", HEX(H(A2)) }))

       //If authzid is specified, then A1 is

       //   A1 = { H( { username-value, ":", realm-value, ":", passwd } ),
       //        ":", nonce-value, ":", cnonce-value, ":", authzid-value }

       //If authzid is not specified, then A1 is

       //   A1 = { H( { username-value, ":", realm-value, ":", passwd } ),
       //        ":", nonce-value, ":", cnonce-value }

       //         The server receives and validates the "digest-response". The server
       //checks that the nonce-count is "00000001". If it supports subsequent
       //authentication (see section 2.2), it saves the value of the nonce and
       //the nonce-count. It sends a message formatted as follows:

       // response-auth = "rspauth" "=" response-value

       //where response-value is calculated as above, using the values sent in
       //step two, except that if qop is "auth", then A2 is

       //    A2 = { ":", digest-uri-value }

       //And if qop is "auth-int" or "auth-conf" then A2 is

       //    A2 = { ":", digest-uri-value, ":00000000000000000000000000000000" }

       byte[] H1;
       byte[] H2;
       byte[] H3;

       // byte[] temp;
       string A1;
       string A2;
       string A3;
       string p1;
       string p2;

       var sb = new StringBuilder();
       sb.Append(Username);
       sb.Append(":");
       sb.Append(Realm);
       sb.Append(":");
       sb.Append(Password);

       H1 = new MD5CryptoServiceProvider().ComputeHash(Encoding.UTF8.GetBytes(sb.ToString()));

       sb.Remove(0, sb.Length);
       sb.Append(":");
       sb.Append(Nonce);
       sb.Append(":");
       sb.Append(Cnonce);

       if (m_Authzid != null)
       {
           sb.Append(":");
           sb.Append(m_Authzid);
       }

       A1 = sb.ToString();

       byte[] bA1 = Encoding.ASCII.GetBytes(A1);
       var bH1A1 = new byte[H1.Length + bA1.Length];

       // Array.Copy(H1, bH1A1, H1.Length);
       Array.Copy(H1, 0, bH1A1, 0, H1.Length);
       Array.Copy(bA1, 0, bH1A1, H1.Length, bA1.Length);

       H1 = new MD5CryptoServiceProvider().ComputeHash(bH1A1);

       // Console.WriteLine(util.Hash.HexToString(H1));

       sb.Remove(0, sb.Length);
       sb.Append(":");
       sb.Append(m_DigestUri);
       //if (Qop.CompareTo("auth") != 0)
       //{
       //    sb.Append(":00000000000000000000000000000000");
       //}

       A2 = sb.ToString();
       //H2 = Encoding.ASCII.GetBytes(A2);
       H2 = Encoding.UTF8.GetBytes(A2);

       H2 = new MD5CryptoServiceProvider().ComputeHash(H2);

       // create p1 and p2 as the hex representation of H1 and H2
       p1 = Hash.HexToString(H1).ToLower();
       p2 = Hash.HexToString(H2).ToLower();

       sb.Remove(0, sb.Length);
       sb.Append(p1);
       sb.Append(":");
       sb.Append(Nonce);
       sb.Append(":");
       sb.Append(m_Nc);
       sb.Append(":");
       sb.Append(Cnonce);
       sb.Append(":");
       sb.Append(Qop);
       sb.Append(":");
       sb.Append(p2);

       A3 = sb.ToString();

       H3 = new MD5CryptoServiceProvider().ComputeHash(Encoding.UTF8.GetBytes(A3));

       var m_Response = Hash.HexToString(H3).ToLower();
       return m_Response;
   }