views:

254

answers:

4

I have a working .NET web application that perform hashing and encryption using MD5 on a certain string. This string will be stored in a cookie.

The problem is, I will need to validate this cookie from an ASP classic application.

From what I know, there are no built in cryptographic providers in ASP classic, thus I may need to copy/write my own implementation of the MD5 algorithm.

Is there any implementation ready to use, preferably open source (I don't want rogue code sending strings around the world), and compatible with the .NET counterpart?

A: 

this seem ok

Fredou
+1  A: 

A quick web search for VBScript MD5 turned up lots

Rather than cut and paste the nicest one I found was here

blowdart
I know there's a *lot*. I have one which returns different result with the .NET implementation.
Adrian Godong
What you'll probably find is the .NET was using Unicode for the text, and the VBScript one was using ASCII.
blowdart
I have specifically use ASCIIEncoder to convert the string object to byte[].
Adrian Godong
Hmmm weird, post samples I think
blowdart
+1  A: 

Much of the .Net Cryptography namespace is just a wrapper around Windows' CryptoAPI, you may be able to work directly with that, but that could end up being a pain. This page may be helpful... http://www.codeproject.com/KB/asp/adrian_bacaianu.aspx

Jim Leonardo
Interesting solution, though deployment may be a bit hassle. Worth trying though.
Adrian Godong
+2  A: 

Create your own .net DLL only with the bytes needed to perform the validation and then call it from ASP!

Here is how: Exposing .NET Components to COM

Eduardo Molteni
I am thinking about this kind of solution as well, offloading the logic process to a .NET code. Do you have any comparison on performance? This code will be run very often and will be quite critical to the whole application.
Adrian Godong
Do you mean the performance of calling a .Net object from ASP? It's negligible from my experience, but you should measure it.
Eduardo Molteni