Hi, hopefully someone can help.
I have to update a user's details in a MySQL Drupal environment from a VB.NET application/ASP.
So the user changes their password using classic ASP, this calls a .COM compliant DLL Class written in VB.NET
The instructions I have found are:
Here is an example hash from Drupal 7:
"pass" : "$S$Dxl65W9p07LfQU7jvy5CnsyDpMoLujiAgzy123khcg1OJi/P9pKS"
The characters 0-2 are the type ( $S$ is Drupal 7 )
The character 3 is the number of log2 rounds (X) based on the position of the char in this list: './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' So in our example 'D' would map to 15
The characters 4-11 are the SALT
The rest is a SHA512 hash using 2^X rounds.
The binary result is then converted to a string using base64.
$count = 1 << $count_log2;
$hash = hash($algo, $salt . $password, TRUE);
do { $hash = hash($algo, $hash . $password, TRUE);
} while (--$count);
Not being a cryptographer of any sort, I found to encrypt a string into SHA512 using VB.NET I can use this code:
Private Function EncryptSHA512Managed(ByVal ClearString As String) As String
Dim uEncode As New UnicodeEncoding()
Dim bytClearString() As Byte = uEncode.GetBytes(ClearString)
Dim sha As New System.Security.Cryptography.SHA512Managed()
Dim hash() As Byte = sha.ComputeHash(bytClearString)
Dim Z as Integer = 0
For Z = 1 To HowManyTimes - 1
hash2 = sha.ComputeHash(hash)
hash = hash2
Next
Return Convert.ToBase64String(hash2)
End Function
So from what I understand about the PHP explanation (and I have never used PHP) I would do something like this:
Private Function EncryptionStringForDrupal() As String
Dim EncStr As String = "apassword"
' Going to use TestSale as my salt test.
Return "$S$DTestSalt" & EncryptSHA512Managed("TestSalt" & EncStr)
End Function
With The "D" in the example PHP text, thats 15^2 and it comes out as 32,768 encryption loops and the resulting drupal encrypted password comes out as
$S$DTestSaltTjmIXDexvVOnQDA4ojamH2PFxVrfIKJLJBKNtclZaxs/LHiF8Wxx2kMb03qeo+FUK7prxEiKfToY50ZG0SQ3QA==
But its still wrong -
What I have tried:
Banging head against wall, but it did not solve it.