0

I have a DB that has stored passwords that where encrypted using PHP's crypt function. I have found out that the crypt function actually uses bcrypt and i have found http://bcrypt.codeplex.com/ bcrypt is written in a very specific way with the BSD Base64 Alphabet not the regular Base64 Alphabet.

I'm hopping the Bcrypt.Net project emulates the PHP verion. but i don't know any thing about using DLLs in side of VBA and being able to access their function. And I don't know how to find the function inside the Dll that emulates the Bcrypt.

Im using the VBA inside Access 2010. Can anyone PLEASE HELP!

Erik A
  • 31,639
  • 12
  • 42
  • 67
JustinRoman
  • 1
  • 1
  • How about this? http://www.di-mgt.com.au/cryptoBlowfishVer6.html – html_programmer Oct 24 '13 at 14:49
  • I don't think you'll be able to use BCrypt in Access unless that .DLL has specifically been written for COM consumers. Most .NET projects/DLL's haven't been written as COM Callable, unless that was a specific requirement when building the .DLL. This is because making DLL's in .NET so they are COM callable is not trivial. – HK1 Oct 25 '13 at 16:32

2 Answers2

0

I downloaded bcrypt.net from here Bcrypt.Net. To add dll file right click on project name and then select "References...". A window will open and then browse your dll file to insert. Then add the code as your need in you C# page. 

using BCrypt;
public partial class your_class_name : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string salt = BCrypt.Net.BCrypt.GenerateSalt(); //Generate Salt
        string hash = BCrypt.Net.BCrypt.HashPassword("subinoy", salt); //Using salt to generate password
        if(BCrypt.Net.BCrypt.Verify("username","$2a$10$ljfI1o3m3gI.rXDpDkGc/ebUNqHKJ22EhJrQJnuoe3yAf58QoZW6i")) //this hash inside the if() will be taken from the database when the user registered
            bcrypttext.Text = "equals";
        else
            bcrypttext.Text = "Not equal" + hash;
  }
}

and for php bcrypt you watch this link

Community
  • 1
  • 1
Subinoy
  • 478
  • 7
  • 22
0

I know this is an extremely old question, however, I have found this for hashing and verifying password hashes created using BCrypt.

https://github.com/as08/ClassicASP.Bcrypt

I was able to register the DLL to a TLB by navigating to C:\Windows\Microsoft.NET\Framework\v4.0.30319 and running the following command:

RegAsm path/to/dllfile/ClassicASP.Bcrypt.dll /tlb /codebase

From there, I could use this with late binding:

Dim Bcrypt As Object
Set Bcrypt = CreateObject("ClassicASP.Bcrypt")

Dim response

' Generate a hash with a default work factor of 10
response = Bcrypt.Hash("testpassword")
Debug.Print response

'' Verify a hash
response = Bcrypt.Verify("testpassword", "$2a$10$z7vfvfvHkOvJ6H1qMd8G9.kc38zptoqrqpsg/pwYTlmCd37OZ3sDK")
Debug.Print response

I was able to verfiy passwords made using the nodejs bcryptjs package.

I hope this helps someone else with the same problem

Nick
  • 31
  • 1