Symmetric Hashing With .NET Crypto Service Providers and COM Interop
by Joel Holder
(hint, use a Visual Studio Shell to have the path var in your env setup properly)</font></div>
copy DotNetCryptoCOM.dll %windir%\system32
cd %windir%\system32
regasm %windir%\system32\DotNetCryptoCOM.dll /tlb:DotNetCryptoCOM.tlb
gacutil /i DotNetCryptoCOM.dll
2. If you plan to use it in Classic ASP apps, you’ll also need to remember to configure IIS to support ASP pages and from a cmd shell type:
iisreset.
Now, I present a brief sample that shows how to use DNCC.
First, I’ll encrypt some text in VBScript with it:
——————————————————————–
‘ Set raw text </p>
Dim </font></font> strRawData </p>
strRawData = </font>“super secret message”</font></font></font></font></font></font> ‘ Set secret key </p>
Dim</font></font> strKey </p>
strKey = </font>“shhhh”</font></font></font></font></font></font> ‘ Set an instance of the CryptoProvider </p>
</font>Set dncc = CreateObject(“DotNetCryptoCOM.CryptoClass”) </p>
</font>‘ Encrypt the data with key </p>
strEncryptedData = dncc.Encrypt(strRawData, strKey) </font> ——————————————————————– Now assume you’ve provided strEncryptedData to a C# .NET application. ——————————————————————– </p>
string </font></font> secretKey = “shhhh”; </p>
DotNetCryptoCOM. </font>CryptoClass dncc = new DotNetCryptoCOM.CryptoClass(); </p>
string </font></font> strRawData =</font></font> dncc.Decrypt(strEncryptedData, secretKey); ——————————————————————– Voila.. Secure trip between domains. Note, the default Cryptographic Service Provider is DES. If you’re interested in DNCC’s internal implementation, I’ll leave that to your curiosity and reflector. Its really pretty straight forward if you take a look inside… I have provided the DNCC library for download here. A more complete example of an ASP to ASP.NET shared authentication solution uses it here. Happy hashing and best of luck.. </font>