[Mono-bugs] [Bug 75021][Maj] Changed - FormsAuthentication
HashPasswordForStoringInConfigFile MD5 hash not always
compatible to MS hash
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Sat May 21 20:39:29 EDT 2005
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by sebastien at ximian.com.
http://bugzilla.ximian.com/show_bug.cgi?id=75021
--- shadow/75021 2005-05-21 15:48:26.000000000 -0400
+++ shadow/75021.tmp.31474 2005-05-21 20:39:29.000000000 -0400
@@ -2,13 +2,13 @@
Product: Mono: Class Libraries
Version: unspecified
OS: Red Hat 9.0
OS Details: tested on RH9, Ubuntu warty and Windows
Status: NEW
Resolution:
-Severity:
+Severity: Unknown
Priority: Major
Component: Sys.Web
AssignedTo: mono-bugs at ximian.com
ReportedBy: barbara at idealnet.com
QAContact: mono-bugs at ximian.com
TargetMilestone: ---
@@ -87,6 +87,17 @@
See simple test case in attachment
------- Additional Comments From barbara at idealnet.com 2005-05-21 15:48 -------
Created an attachment (id=15187)
simple test case to reproduce the issue
+
+------- Additional Comments From sebastien at ximian.com 2005-05-21 20:39 -------
+The current hash is done, on Mono, with ASCII
+
+if (String.Compare (passwordFormat, "MD5", true) == 0) {
+ bytes = MD5.Create ().ComputeHash (Encoding.ASCII.GetBytes (password));
+} else if (String.Compare (passwordFormat, "SHA1", true) == 0) {
+ bytes = SHA1.Create ().ComputeHash (Encoding.ASCII.GetBytes (password));
+
+which is clearly wrong. MS probably use UTF8 or Unicode to convert the
+string to a byte array before hashing.
More information about the mono-bugs
mailing list