[Mono-list] Bugs in Mono.Security
Galkin Oleg
bloodrooted at yandex.ru
Tue Jun 27 07:39:19 EDT 2006
Hello!
Me and my buddy found several bugs in Mono.Security. Here are their descriptions:
#1. Mono.Security.X509.X501
X520.AttributeTypeAndValue GetAttributeFromOid(string attributeType)
The problem is in the folowing code line (approximately line 91):
//-----------------------Begin Code Snippet---------------------
if (text1 == "OID.")
//-----------------------End Code Snippet-----------------------
This bug causes error with adding irregular types of RDN values.
This line must be replaced with:
//-----------------------Begin Code Snippet---------------------
if (text1.Substring(0,4) == "OID.")
//-----------------------End Code Snippet-----------------------
#2 Internationalization problems with BMPString (Mono.Security.X509.X501.ToString())
Mono.Security.X509.X520.GetASN1(byte encoding)
In this method, BMPString type is encoded by BigEndianUnicode, but in Mono.Security.X509.X501.ToString() BMPString is decoded as "%20%13...etc.". Why don't you use BigEndianUnicode to decode it?
The Solution is:
Following lines in X501.ToString:
//-----------------------Begin Code Snippet---------------------
StringBuilder builder2 = new StringBuilder();
for (int num3 = 1; num3 < asn3.Value.Length; num3 += 2)
{
builder2.Append((char)asn3.Value[num3]);
}
text1 = builder2.ToString();
//-----------------------End Code Snippet-----------------------
replace with:
//-----------------------Begin Code Snippet---------------------
text1 = Encoding.BigEndianUnicode.GetString(asn3.Value);
//-----------------------End Code Snippet-----------------------
Best Regards,
Timothy & Oleg
More information about the Mono-list
mailing list