actualización 21/02/2017 - Ahora con HMACSHA256 añadido para JWTs
Actualizar 07/05/2016 - Ahora con SHA1 y SHA256 añadido
derecho, para todos de ustedes que han estado luchando con esto (como yo) y quieren saber, ¡es posible!
El siguiente código se divide en varias funciones para que pueda MD5/sha1/sha256 una cadena o un archivo.
Tomé prestadas las funciones GetBytes y BytesToBase64 de otro stackexchange, y el código dentro de stringToUTFBytes se basa en otro stackexchange.
function md5hashBytes(aBytes)
Dim MD5
set MD5 = CreateObject("System.Security.Cryptography.MD5CryptoServiceProvider")
MD5.Initialize()
'Note you MUST use computehash_2 to get the correct version of this method, and the bytes MUST be double wrapped in brackets to ensure they get passed in correctly.
md5hashBytes = MD5.ComputeHash_2((aBytes))
end function
function sha1hashBytes(aBytes)
Dim sha1
set sha1 = CreateObject("System.Security.Cryptography.SHA1Managed")
sha1.Initialize()
'Note you MUST use computehash_2 to get the correct version of this method, and the bytes MUST be double wrapped in brackets to ensure they get passed in correctly.
sha1hashBytes = sha1.ComputeHash_2((aBytes))
end function
function sha256hashBytes(aBytes)
Dim sha256
set sha256 = CreateObject("System.Security.Cryptography.SHA256Managed")
sha256.Initialize()
'Note you MUST use computehash_2 to get the correct version of this method, and the bytes MUST be double wrapped in brackets to ensure they get passed in correctly.
sha256hashBytes = sha256.ComputeHash_2((aBytes))
end function
function sha256HMACBytes(aBytes, aKey)
Dim sha256
set sha256 = CreateObject("System.Security.Cryptography.HMACSHA256")
sha256.Initialize()
sha256.key=aKey
'Note you MUST use computehash_2 to get the correct version of this method, and the bytes MUST be double wrapped in brackets to ensure they get passed in correctly.
sha256HMACBytes = sha256.ComputeHash_2((aBytes))
end function
function stringToUTFBytes(aString)
Dim UTF8
Set UTF8 = CreateObject("System.Text.UTF8Encoding")
stringToUTFBytes = UTF8.GetBytes_4(aString)
end function
function bytesToHex(aBytes)
dim hexStr, x
for x=1 to lenb(aBytes)
hexStr= hex(ascb(midb((aBytes),x,1)))
if len(hexStr)=1 then hexStr="0" & hexStr
bytesToHex=bytesToHex & hexStr
next
end function
Function BytesToBase64(varBytes)
With CreateObject("MSXML2.DomDocument").CreateElement("b64")
.dataType = "bin.base64"
.nodeTypedValue = varBytes
BytesToBase64 = .Text
End With
End Function
'Special version that produces the URLEncoded variant of Base64 used in JWTs.
Function BytesToBase64UrlEncode(varBytes)
With CreateObject("MSXML2.DomDocument").CreateElement("b64")
.dataType = "bin.base64"
.nodeTypedValue = varBytes
BytesToBase64UrlEncode = replace(replace(replace(replace(replace(.Text,chr(13),""),chr(10),""),"+", "-"),"/", "_"),"=", "")
End With
End Function
Function GetBytes(sPath)
With CreateObject("Adodb.Stream")
.Type = 1 ' adTypeBinary
.Open
.LoadFromFile sPath
.Position = 0
GetBytes = .Read
.Close
End With
End Function
Estos pueden ser utilizados como sigue:
BytesToBase64(md5hashBytes(stringToUTFBytes("Hello World")))
Produce: == sQqNsWTgdUEFt6mb5y4/5Q
bytesToHex(md5hashBytes(stringToUTFBytes("Hello World")))
Produce: B10A8DB164E0754105B7A99BE72E3FE5
Para SHA1:
bytesToHex(sha1hashBytes(stringToUTFBytes("Hello World")))
Produce: 0A4D55A8D778E5022FAB701977C5D840BBC486D0
Para SHA256:
bytesToHex(sha256hashBytes(stringToUTFBytes("Hello World")))
Produce: A591A6D40BF420404A011733CFB7B190D62C65BF0BCDA32B57B277D9AD9F146E
Para obtener el MD5 de un archivo (útil para comprobar Amazon S3 MD5):
BytesToBase64(md5hashBytes(GetBytes(sPath)))
Donde sPath es el camino a th e archivo local.
Y, por último, para crear un JWT:
'define the JWT header, needs to be converted to UTF bytes:
aHead=stringToUTFBytes("{""alg"":""HS256"",""typ"":""JWT""}")
'define the JWT payload, again needs to be converted to UTF Bytes.
aPayload=stringToUTFBytes("{""sub"":""1234567890"",""name"":""John Doe"",""admin"":true}")
'Your shared key.
theKey="mySuperSecret"
aSigSource=stringToUTFBytes(BytesToBase64UrlEncode(aHead) & "." & BytesToBase64UrlEncode(aPayload))
'The full JWT correctly Base 64 URL encoded.
aJWT=BytesToBase64UrlEncode(aHead) & "." & BytesToBase64UrlEncode(aPayload) & "." & BytesToBase64UrlEncode(sha256HMACBytes(aSigSource,stringToUTFBytes(theKey)))
que producirá el siguiente JWT válida: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.7ofvtkn0z_pTl6WcqRTxw-4eSE3NqcEq9_3ax0YcuIQ
también: FYI, pero Windows IIS ejecutar código PHP muy bien. Simplemente cree un grupo de aplicaciones diferente con un controlador para el módulo FastCGI. –
posible duplicado de [md5/hash en vb6?] (Http://stackoverflow.com/questions/6579523/md5-hash-on-vb6) –
No no no vb 6 sino script vb en páginas asp? – user1270384