[Mono-bugs] [Bug 75021][Maj] Changed - FormsAuthentication HashPasswordForStoringInConfigFile MD5 hash not always compatible to MS hash

[bugzilla-daemon at bugzilla.ximian.com]

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien at ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=75021

--- shadow/75021	2005-05-21 15:48:26.000000000 -0400
+++ shadow/75021.tmp.31474	2005-05-21 20:39:29.000000000 -0400
@@ -2,13 +2,13 @@
 Product: Mono: Class Libraries
 Version: unspecified
 OS: Red Hat 9.0
 OS Details: tested on RH9, Ubuntu warty and Windows
 Status: NEW   
 Resolution: 
-Severity: 
+Severity: Unknown
 Priority: Major
 Component: Sys.Web
 AssignedTo: mono-bugs at ximian.com                            
 ReportedBy: barbara at idealnet.com               
 QAContact: mono-bugs at ximian.com
 TargetMilestone: ---
@@ -87,6 +87,17 @@
 See simple test case in attachment
 
 ------- Additional Comments From barbara at idealnet.com  2005-05-21 15:48 -------
 Created an attachment (id=15187)
 simple test case to reproduce the issue
 
+
+------- Additional Comments From sebastien at ximian.com  2005-05-21 20:39 -------
+The current hash is done, on Mono, with ASCII
+
+if (String.Compare (passwordFormat, "MD5", true) == 0) {
+	bytes = MD5.Create ().ComputeHash (Encoding.ASCII.GetBytes (password));
+} else if (String.Compare (passwordFormat, "SHA1", true) == 0) {
+	bytes = SHA1.Create ().ComputeHash (Encoding.ASCII.GetBytes (password));
+
+which is clearly wrong. MS probably use UTF8 or Unicode to convert the
+string to a byte array before hashing.