Joel Holder

Math, coding, philosophy, art, and other things that interest me

View on GitHub
1 January 2009

Symmetric Hashing With .NET Crypto Service Providers and COM Interop

by Joel Holder

I wrote the DotNetCryptoCOM (DNCC) library because I  wanted to be able to generate and reverse cypher text between .NET and COM applications using a single .dll.  It allows developers to drive the builtin .NET Cryptographic Service Providers with a simple API.  I’ve used this lib in VB, Managed C++, and of course C# applications.  Some of you may find it useful as well.
 
A few notes of interest:
 
1.  If you plan to use it from COM apps, you’ll need to do the following from a cmd shell: </p>

(hint, use a Visual Studio Shell to have the path var in your env setup properly)</font></div>

     copy DotNetCryptoCOM.dll  %windir%\system32

     cd %windir%\system32

     regasm %windir%\system32\DotNetCryptoCOM.dll /tlb:DotNetCryptoCOM.tlb

     gacutil /i DotNetCryptoCOM.dll

2.  If you plan to use it in Classic ASP apps, you’ll also need to remember to configure IIS to support ASP pages and from a cmd shell type:

     iisreset.

Now, I present a brief sample that shows how to use DNCC. 

First, I’ll encrypt some text in VBScript with it:

——————————————————————–

‘ Set raw text </p>

Dim

</font></font> strRawData </p>

strRawData =

</font>“super secret message”</font></font></font></font></font></font>

</div>

‘ Set secret key </p>

Dim</font></font> strKey </p>

strKey = </font>“shhhh”</font></font></font></font></font></font>  

‘ Set an instance of the CryptoProvider </p>

</font>Set dncc = CreateObject(“DotNetCryptoCOM.CryptoClass”) </p>

</font>‘ Encrypt the data with key </p>

strEncryptedData = dncc.Encrypt(strRawData, strKey)

</font>

——————————————————————–

Now assume you’ve provided strEncryptedData to a C# .NET application.

——————————————————————– </p>

string

</font></font> secretKey = “shhhh”; </p>

DotNetCryptoCOM.

</font>CryptoClass dncc = new DotNetCryptoCOM.CryptoClass(); </p>

string

</font></font> strRawData =</font></font> dncc.Decrypt(strEncryptedData, secretKey);

——————————————————————–

Voila..  Secure trip between domains.  Note, the default Cryptographic Service Provider is DES.

If you’re interested in DNCC’s internal implementation, I’ll leave that to your curiosity and reflector

Its really pretty straight forward if you take a look inside…

I have provided the DNCC library for download here.

A more complete example of an ASP to ASP.NET shared authentication solution uses it here.

Happy hashing and best of luck..

</p> </p> </p> </p>

</font>

</p> </div>

tags: