[Mono-bugs] [Bug 75021][Maj] Changed - FormsAuthentication
HashPasswordForStoringInConfigFile MD5 hash not always
compatible to MS hash
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Sat May 21 20:52:37 EDT 2005
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by sebastien at ximian.com.
http://bugzilla.ximian.com/show_bug.cgi?id=75021
--- shadow/75021 2005-05-21 20:39:29.000000000 -0400
+++ shadow/75021.tmp.31506 2005-05-21 20:52:37.000000000 -0400
@@ -98,6 +98,51 @@
bytes = MD5.Create ().ComputeHash (Encoding.ASCII.GetBytes (password));
} else if (String.Compare (passwordFormat, "SHA1", true) == 0) {
bytes = SHA1.Create ().ComputeHash (Encoding.ASCII.GetBytes (password));
which is clearly wrong. MS probably use UTF8 or Unicode to convert the
string to a byte array before hashing.
+
+------- Additional Comments From sebastien at ximian.com 2005-05-21 20:52 -------
+Confirmed, it is UTF8.
+
+> mono bug75021.exe §
+value §
+ASCII D1-45-7B-72-C3-FB-32-3A-26-71-12-5A-EF-3E-AB-5D
+UTF7 2E-B5-63-40-03-C3-C0-35-DE-D9-B4-14-59-0C-02-D5
+UTF8 BD-9A-4C-25-5D-EE-C8-94-4D-99-E0-1A-64-C1-E3-22
+Unicode B4-EA-DC-7B-5E-3A-BC-F8-58-85-7F-9C-97-5D-8F-E7
+BigEndianUnicode D0-C0-CD-1E-B2-B4-41-8F-1E-8C-C4-DA-DB-EA-48-59
+
+> mono bug75021.exe ä
+value ä
+ASCII D1-45-7B-72-C3-FB-32-3A-26-71-12-5A-EF-3E-AB-5D
+UTF7 2D-6C-7C-16-09-AD-C7-A1-5B-2D-E5-75-63-28-39-2E
+UTF8 84-19-B7-1C-87-A2-25-A2-C7-0B-50-48-6F-BE-E5-45
+Unicode DF-E7-30-8C-9E-98-95-B3-C2-93-B8-4C-1D-D4-C2-C8
+BigEndianUnicode 7E-4B-44-4B-06-11-67-A3-2D-8A-CE-8A-F5-DF-51-9B
+
+
+using System;
+using System.Security.Cryptography;
+using System.Text;
+using System.Web.Security;
+
+class Program {
+
+ static void Main (string[] args)
+ {
+ MD5 h = MD5.Create ();
+ string s = args [0];
+ Console.WriteLine ("value {0}", s);
+ Console.WriteLine ("ASCII {0}", BitConverter.ToString
+(h.ComputeHash (Encoding.ASCII.GetBytes (s))));
+ Console.WriteLine ("UTF7 {0}", BitConverter.ToString
+(h.ComputeHash (Encoding.UTF7.GetBytes (s))));
+ Console.WriteLine ("UTF8 {0}", BitConverter.ToString
+(h.ComputeHash (Encoding.UTF8.GetBytes (s))));
+ Console.WriteLine ("Unicode {0}", BitConverter.ToString
+(h.ComputeHash (Encoding.Unicode.GetBytes (s))));
+ Console.WriteLine ("BigEndianUnicode {0}", BitConverter.ToString
+(h.ComputeHash (Encoding.BigEndianUnicode.GetBytes (s))));
+ }
+}
More information about the mono-bugs
mailing list