Aidan, > So, I'm trying to fix QPID-1058 and add CRAM-MD5-HASHED support to the > .Net client. I'm having a bit of a problem, which I think is due to > the signed vs unsigned nature of byte in java and C#. > > If I force the key bytes to be within the range 0-127 all is well, but > if they go higher of lower then I start getting different outputs from > the HMAC, which is a bit perturbing. > > Don't suppouse anybodys come across something similar before have they?
Might this be an encoding issue? I.e. how are the bytes for calculating the initial hash derived from the plain-text password provided by the caller? The encoding should certainly match on both sides, otherwise the byte-representation will differ and the hash won't match.... Just a thought. -- Tomas Restrepo http://winterdom.com/weblog/ http://www.devdeo.com/
