http://bugzilla.novell.com/show_bug.cgi?id=630341
http://bugzilla.novell.com/show_bug.cgi?id=630341#c0 Summary: Probable bug in Classification: Mono Product: Mono: Runtime Version: 2.6.x Platform: i686 OS/Version: Ubuntu Status: NEW Severity: Normal Priority: P5 - None Component: io-layer AssignedTo: [email protected] ReportedBy: [email protected] QAContact: [email protected] Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.125 Safari/533.4 I've downloaded and tried to run http://www.lumisoft.ee/lswww/Download/Downloads/MailServer/ on my Ubuntu 9.04 server. Mono version is 2.6, compiled myself from the stable zips on the mono homepage. (http://ftp.novell.com/pub/mono/sources-stable/) The author claims he has tested it on Suse Linux with the 0.94 release, and that it worked. However, I had to correct all the bugs listed here to get the latest version working: http://www.lumisoft.ee/Forum/default.aspx?g=posts&t=673 <http://www.lumisoft.ee/Forum/default.aspx?g=posts&t=673> I was debugging (without soft-debugger step-through, which doesn't work correctly btw...) this issue all friday evening, until I found the reason. It turned out the "bug" was the way the Mailserver's developer converted the HmacMd5 to a hex string... Now in my opinion, his line: return Encoding.Default.GetString(kMd5.ComputeHash(Encoding.ASCII.GetBytes(hashKey))); is plain wrong, because this causes the byte array to be converted into a different encoding on each operating system (1252 on my windows 7, UTF-8 on Ubuntu), and the mailserver's programmer then calculates the hex string from the string hash with the operating-system specific encoding. However, the peculiar thing is, the windows default encoding was 1252. When on Ubuntu, I used Encoding.GetEncoding(1252).GetString(kMd5....) it was just as wrong. Now since it works with the encoding change on Windows (but not on Linux), I'm not sure anymore whether I am right, or whether the server's programmer is right, which would mean that the encoding-bug is a bug in mono. I've isolated the code in question below, just switch bCorrectedVersion between true and false, and watch how the hash is different on Windows vs. Linux when one switches bCorrectedVersion to false... BTW, this is the hash used to authenticate pop3/smtp, so it definitely is not good when it's different... (That was the issue that kept all my get/send mail request to and from the server failing, because authentication failed...) Reproducible: Always Steps to Reproduce: Below is the code in question to reproduce the issue: private void button1_Click(object sender, EventArgs e) { string m_Key = "TestKey1"; string result_Password = "TestUser1"; string hash = ""; bool bCorrectedVersion = true; if(bCorrectedVersion) hash = HmacMd5_corrected(m_Key, result_Password); else hash = Net_Utils_ToHex(HmacMd5(m_Key, result_Password)); this.textBox2.Text = "Hash: " + hash; } public static string Net_Utils_ToHex(string text) { if (text == null) { throw new ArgumentNullException("text"); } // Default encoding: Windows 1252, Linux UTF-8 return BitConverter.ToString(Encoding.Default.GetBytes(text)).ToLower().Replace("-",""); } // corrected version of original private string HmacMd5_corrected(string hashKey, string text) { System.Security.Cryptography.HMACMD5 kMd5 = new System.Security.Cryptography.HMACMD5(Encoding.Default.GetBytes(text)); string strHash = ""; foreach (byte x in kMd5.ComputeHash(Encoding.ASCII.GetBytes(hashKey))) { strHash += x.ToString("x2"); } return strHash; //return Encoding.Default.GetString(kMd5.ComputeHash(Encoding.ASCII.GetBytes(hashKey))); } // original private string HmacMd5(string hashKey, string text) { System.Security.Cryptography.HMACMD5 kMd5 = new System.Security.Cryptography.HMACMD5(Encoding.Default.GetBytes(text)); return Encoding.Default.GetString(kMd5.ComputeHash(Encoding.ASCII.GetBytes(hashKey))); } Actual Results: Switch bCorrectedVersion between true and false, and watch how the hash is different on Windows vs. Linux when one switches bCorrectedVersion to false... Expected Results: Different hash on Windows than on Ubuntu, but it should be the same. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug. _______________________________________________ mono-bugs maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-bugs
