hopefully someone can help.
I have to update a user's details in a MySQL Drupal environment from a VB.NET application/ASP.
So the user changes their password using classic ASP, this calls a .COM compliant DLL Class written in VB.NET
The instructions I have found are: (located from this site)
Here is an example hash from Drupal 7:
"pass" : "$S$Dxl65W9p07LfQU7jvy5CnsyDpMoLujiAgzy123khcg1OJi/P9pKS"
The characters 0-2 are the type ( $S$ is Drupal 7 )
The character 3 is the number of log2 rounds (X) based on the position of the char in this list: './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' So in our example 'D' would map to 15 The characters 4-11 are the SALT The rest is a SHA512 hash using 2^X rounds. The binary result is then converted to a string using base64.
$count = 1 << $count_log2;
$hash = hash($algo, $salt . $password, TRUE);
do { $hash = hash($algo, $hash . $password, TRUE);
} while (--$count);
Not being a cryptographer of any sort or understanding PHP, I found a bit of code that could do the SHA512 encryption and tried decyphering the PHP to VB.NET - I think this is what the PHP code above is doing, to encrypt a string.
Private Function EncryptSHA512Managed(ByVal ClearString As String) As String
Dim uEncode As New UnicodeEncoding()
Dim bytClearString() As Byte = uEncode.GetBytes(ClearString)
Dim sha As New System.Security.Cryptography.SHA512Managed()
Dim hash() As Byte = sha.ComputeHash(bytClearString)
Dim Z as Integer = 0
For Z = 1 To HowManyTimes - 1
hash2 = sha.ComputeHash(hash)
hash = hash2
Next
Return Convert.ToBase64String(hash2)
End Function
So from what I understand about the PHP explanation (and I have never used PHP) I would do something like this:
Private Function EncryptionStringForDrupal() As String
Dim EncStr As String = "apassword"
' Going to use TestSale as my salt test.
Return "$S$DTestSalt" & EncryptSHA512Managed("TestSalt" & EncStr)
End Function
With The "D" in the example PHP text, thats 15^2 and it comes out as 32,768 encryption loops and the resulting drupal encrypted password comes out as
$S$DTestSaltTjmIXDexvVOnQDA4ojamH2PFxVrfIKJLJBKNtclZaxs/LHiF8Wxx2kMb03qeo+FUK7prxEiKfToY50ZG0SQ3QA==
But its still wrong -.-
