JScript function: MD5 hash of string

Questions and information about using VBScript and JavaScript in NeoBook functions

Moderator: Neosoft Support

Locked
User avatar
dpayer
Posts: 1394
Joined: Mon Apr 11, 2005 5:55 am
Location: Iowa - USA

JScript function: MD5 hash of string

Post by dpayer »

I have adapted the javascript to do an MD5 hash of a string from :

http://www.webtoolkit.info/javascript-md5.html

The code below is an NB function. It returns a variable: [MD5result]

Save the following as a NB function and when you call it in your app you will be prompted for the variable name that contains the string you want to hash.

This is only to hash STRINGS, not FILES.

Why use MD5 hash? Security. If you store passwords for an application, it is common to store the hash of the password and not the actual password. If someone steals your database, they will only see hashes and these cannot be re-engineered back to the password. Your application can hash the password given for your app and compare the hash with the stored hash. If someone tries to enter just a hash - it too would be hashed and could not be used for authentication.

David P.

Code: Select all


{NeoBook Function}
Version=5.70
Language=JScript
Param=[%1]|Variable|String to be hashed
{End}
function MD5Hasher() {

	function RotateLeft(lValue, iShiftBits) {
		return (lValue<<iShiftBits) | (lValue>>>(32-iShiftBits));
	}

	function AddUnsigned(lX,lY) {
		var lX4,lY4,lX8,lY8,lResult;
		lX8 = (lX & 0x80000000);
		lY8 = (lY & 0x80000000);
		lX4 = (lX & 0x40000000);
		lY4 = (lY & 0x40000000);
		lResult = (lX & 0x3FFFFFFF)+(lY & 0x3FFFFFFF);
		if (lX4 & lY4) {
			return (lResult ^ 0x80000000 ^ lX8 ^ lY8);
		}
		if (lX4 | lY4) {
			if (lResult & 0x40000000) {
				return (lResult ^ 0xC0000000 ^ lX8 ^ lY8);
			} else {
				return (lResult ^ 0x40000000 ^ lX8 ^ lY8);
			}
		} else {
			return (lResult ^ lX8 ^ lY8);
		}
 	}

 	function F(x,y,z) { return (x & y) | ((~x) & z); }
 	function G(x,y,z) { return (x & z) | (y & (~z)); }
 	function H(x,y,z) { return (x ^ y ^ z); }
	function I(x,y,z) { return (y ^ (x | (~z))); }

	function FF(a,b,c,d,x,s,ac) {
		a = AddUnsigned(a, AddUnsigned(AddUnsigned(F(b, c, d), x), ac));
		return AddUnsigned(RotateLeft(a, s), b);
	};

	function GG(a,b,c,d,x,s,ac) {
		a = AddUnsigned(a, AddUnsigned(AddUnsigned(G(b, c, d), x), ac));
		return AddUnsigned(RotateLeft(a, s), b);
	};

	function HH(a,b,c,d,x,s,ac) {
		a = AddUnsigned(a, AddUnsigned(AddUnsigned(H(b, c, d), x), ac));
		return AddUnsigned(RotateLeft(a, s), b);
	};

	function II(a,b,c,d,x,s,ac) {
		a = AddUnsigned(a, AddUnsigned(AddUnsigned(I(b, c, d), x), ac));
		return AddUnsigned(RotateLeft(a, s), b);
	};

	function ConvertToWordArray(string) {
		var lWordCount;
		var lMessageLength = string.length;
		var lNumberOfWords_temp1=lMessageLength + 8;
		var lNumberOfWords_temp2=(lNumberOfWords_temp1-(lNumberOfWords_temp1 % 64))/64;
		var lNumberOfWords = (lNumberOfWords_temp2+1)*16;
		var lWordArray=Array(lNumberOfWords-1);
		var lBytePosition = 0;
		var lByteCount = 0;
		while ( lByteCount < lMessageLength ) {
			lWordCount = (lByteCount-(lByteCount % 4))/4;
			lBytePosition = (lByteCount % 4)*8;
			lWordArray[lWordCount] = (lWordArray[lWordCount] | (string.charCodeAt(lByteCount)<<lBytePosition));
			lByteCount++;
		}
		lWordCount = (lByteCount-(lByteCount % 4))/4;
		lBytePosition = (lByteCount % 4)*8;
		lWordArray[lWordCount] = lWordArray[lWordCount] | (0x80<<lBytePosition);
		lWordArray[lNumberOfWords-2] = lMessageLength<<3;
		lWordArray[lNumberOfWords-1] = lMessageLength>>>29;
		return lWordArray;
	};

	function WordToHex(lValue) {
		var WordToHexValue="",WordToHexValue_temp="",lByte,lCount;
		for (lCount = 0;lCount<=3;lCount++) {
			lByte = (lValue>>>(lCount*8)) & 255;
			WordToHexValue_temp = "0" + lByte.toString(16);
			WordToHexValue = WordToHexValue + WordToHexValue_temp.substr(WordToHexValue_temp.length-2,2);
		}
		return WordToHexValue;
	};

	function Utf8Encode(string) {
		string = string.replace(/\r\n/g,"\n");
		var utftext = "";

		for (var n = 0; n < string.length; n++) {

			var c = string.charCodeAt(n);

			if (c < 128) {
				utftext += String.fromCharCode(c);
			}
			else if((c > 127) && (c < 2048)) {
				utftext += String.fromCharCode((c >> 6) | 192);
				utftext += String.fromCharCode((c & 63) | 128);
			}
			else {
				utftext += String.fromCharCode((c >> 12) | 224);
				utftext += String.fromCharCode(((c >> 6) & 63) | 128);
				utftext += String.fromCharCode((c & 63) | 128);
			}

		}

		return utftext;
	};

	var x=Array();
	var k,AA,BB,CC,DD,a,b,c,d;
	var S11=7, S12=12, S13=17, S14=22;
	var S21=5, S22=9 , S23=14, S24=20;
	var S31=4, S32=11, S33=16, S34=23;
	var S41=6, S42=10, S43=15, S44=21;

	string = Utf8Encode(string);

	x = ConvertToWordArray(string);

	a = 0x67452301; b = 0xEFCDAB89; c = 0x98BADCFE; d = 0x10325476;

	for (k=0;k<x.length;k+=16) {
		AA=a; BB=b; CC=c; DD=d;
		a=FF(a,b,c,d,x[k+0], S11,0xD76AA478);
		d=FF(d,a,b,c,x[k+1], S12,0xE8C7B756);
		c=FF(c,d,a,b,x[k+2], S13,0x242070DB);
		b=FF(b,c,d,a,x[k+3], S14,0xC1BDCEEE);
		a=FF(a,b,c,d,x[k+4], S11,0xF57C0FAF);
		d=FF(d,a,b,c,x[k+5], S12,0x4787C62A);
		c=FF(c,d,a,b,x[k+6], S13,0xA8304613);
		b=FF(b,c,d,a,x[k+7], S14,0xFD469501);
		a=FF(a,b,c,d,x[k+8], S11,0x698098D8);
		d=FF(d,a,b,c,x[k+9], S12,0x8B44F7AF);
		c=FF(c,d,a,b,x[k+10],S13,0xFFFF5BB1);
		b=FF(b,c,d,a,x[k+11],S14,0x895CD7BE);
		a=FF(a,b,c,d,x[k+12],S11,0x6B901122);
		d=FF(d,a,b,c,x[k+13],S12,0xFD987193);
		c=FF(c,d,a,b,x[k+14],S13,0xA679438E);
		b=FF(b,c,d,a,x[k+15],S14,0x49B40821);
		a=GG(a,b,c,d,x[k+1], S21,0xF61E2562);
		d=GG(d,a,b,c,x[k+6], S22,0xC040B340);
		c=GG(c,d,a,b,x[k+11],S23,0x265E5A51);
		b=GG(b,c,d,a,x[k+0], S24,0xE9B6C7AA);
		a=GG(a,b,c,d,x[k+5], S21,0xD62F105D);
		d=GG(d,a,b,c,x[k+10],S22,0x2441453);
		c=GG(c,d,a,b,x[k+15],S23,0xD8A1E681);
		b=GG(b,c,d,a,x[k+4], S24,0xE7D3FBC8);
		a=GG(a,b,c,d,x[k+9], S21,0x21E1CDE6);
		d=GG(d,a,b,c,x[k+14],S22,0xC33707D6);
		c=GG(c,d,a,b,x[k+3], S23,0xF4D50D87);
		b=GG(b,c,d,a,x[k+8], S24,0x455A14ED);
		a=GG(a,b,c,d,x[k+13],S21,0xA9E3E905);
		d=GG(d,a,b,c,x[k+2], S22,0xFCEFA3F8);
		c=GG(c,d,a,b,x[k+7], S23,0x676F02D9);
		b=GG(b,c,d,a,x[k+12],S24,0x8D2A4C8A);
		a=HH(a,b,c,d,x[k+5], S31,0xFFFA3942);
		d=HH(d,a,b,c,x[k+8], S32,0x8771F681);
		c=HH(c,d,a,b,x[k+11],S33,0x6D9D6122);
		b=HH(b,c,d,a,x[k+14],S34,0xFDE5380C);
		a=HH(a,b,c,d,x[k+1], S31,0xA4BEEA44);
		d=HH(d,a,b,c,x[k+4], S32,0x4BDECFA9);
		c=HH(c,d,a,b,x[k+7], S33,0xF6BB4B60);
		b=HH(b,c,d,a,x[k+10],S34,0xBEBFBC70);
		a=HH(a,b,c,d,x[k+13],S31,0x289B7EC6);
		d=HH(d,a,b,c,x[k+0], S32,0xEAA127FA);
		c=HH(c,d,a,b,x[k+3], S33,0xD4EF3085);
		b=HH(b,c,d,a,x[k+6], S34,0x4881D05);
		a=HH(a,b,c,d,x[k+9], S31,0xD9D4D039);
		d=HH(d,a,b,c,x[k+12],S32,0xE6DB99E5);
		c=HH(c,d,a,b,x[k+15],S33,0x1FA27CF8);
		b=HH(b,c,d,a,x[k+2], S34,0xC4AC5665);
		a=II(a,b,c,d,x[k+0], S41,0xF4292244);
		d=II(d,a,b,c,x[k+7], S42,0x432AFF97);
		c=II(c,d,a,b,x[k+14],S43,0xAB9423A7);
		b=II(b,c,d,a,x[k+5], S44,0xFC93A039);
		a=II(a,b,c,d,x[k+12],S41,0x655B59C3);
		d=II(d,a,b,c,x[k+3], S42,0x8F0CCC92);
		c=II(c,d,a,b,x[k+10],S43,0xFFEFF47D);
		b=II(b,c,d,a,x[k+1], S44,0x85845DD1);
		a=II(a,b,c,d,x[k+8], S41,0x6FA87E4F);
		d=II(d,a,b,c,x[k+15],S42,0xFE2CE6E0);
		c=II(c,d,a,b,x[k+6], S43,0xA3014314);
		b=II(b,c,d,a,x[k+13],S44,0x4E0811A1);
		a=II(a,b,c,d,x[k+4], S41,0xF7537E82);
		d=II(d,a,b,c,x[k+11],S42,0xBD3AF235);
		c=II(c,d,a,b,x[k+2], S43,0x2AD7D2BB);
		b=II(b,c,d,a,x[k+9], S44,0xEB86D391);
		a=AddUnsigned(a,AA);
		b=AddUnsigned(b,BB);
		c=AddUnsigned(c,CC);
		d=AddUnsigned(d,DD);
	}

	var temp = WordToHex(a)+WordToHex(b)+WordToHex(c)+WordToHex(d);

	return temp.toLowerCase();
	MD5=temp
}
var string=nbGetVar ( "[%1]" );

var MD5=MD5Hasher(string);
nbSetVar ('[MD5result]', MD5);
Neosoft Support
NeoSoft Team
Posts: 5628
Joined: Thu Mar 31, 2005 10:48 pm
Location: Oregon, USA
Contact:

Post by Neosoft Support »

Thanks David. That's very useful!
NeoSoft Support
smokinbanger
Posts: 204
Joined: Mon Jan 16, 2012 9:53 am
Location: United States

Post by smokinbanger »

Not sure why but I get the same [MD5result] every time regardless of the input string

Code: Select all

NBW Publication Source File
(C)1993-2011 NeoSoft Corp.
Title=Untitled NeoBook Publication
Language=US
NeoBookVer=5.70
ScreenColors=16777216
ScreenWidth=320
ScreenHeight=200
BkndColor=0
ScreenAutoSize=Yes
LinkColor=16711680
WindowStyle=0
WindowOrder=0
WindowPos=0
WindowProps=31
BiDiMode=0
UseUpdateTimer=Yes
ShowErrors=No
ReturnTime=60
ShapeTransColor=536870912
CompileType=0
MediaType=0
FilesIncluded=1
FontsIncluded=2
CopyExternalFiles=No
SetupMedia=3
SetupInstDir=C:\MyProgram
SetupTitle=Setup
SetupColors=16711680|0|65535
VersionMajor=1
VersionMinor=0
VersionRelease=0
VersionBuild=0
ReqExLevel=1
CustomFontName=Arial
CustomFontSize=9
CustomFontStyle=0
CustomCharset=1
CacheSize=30
ExtractOp=132
L_OK=OK
L_CANCEL=Cancel
L_YES=Yes
L_NO=No
L_CLOSE=Close
L_ERRORTITLE=Error
L_FINDTITLE=Find
L_FINDPROMPT=Find &What
L_FINDFIRST=&Find First
L_FINDNEXT=Find &Next
L_FINDERROR=Search text not found.
L_PWORDTITLE=Password required
L_PWORDMSG=Before continuing, you must first|enter the correct password.
L_PWORDPROMPT=&Password:
L_PWORDERROR=That's not the right password!
L_MEDIAERROR=In order to play this type of file you must install|the appropriate multimedia hardware and/or|software.
L_INTERNETERROR=Unable to locate Internet Browser software.
L_ABORTFUNCTION=Do you want to cancel this function?
L_EXTRACTERROR=This file could not be extracted and cannot be played.
L_INSTDIRPROMPT=Please enter the drive and directory where you would like this program to be installed. To accept the default drive and directory, simply press Enter.
L_INSTFOLDERPROMPT=Do you wish to create a program folder?
L_INSTRUNPROMPT=Do you want to run
L_INSTDISKPROMPT=Please insert disk #
L_INSTDISKERROR=That's not the correct disk, try again.
L_INSTGENERROR=The installation has terminated.
L_INSTEXITPROMPT=Do you really want to cancel the installation?
L_INSTWINTITLE=Setup
L_INSTPROGTITLE=Extracting Files...
L_SENDEMAIL=Sending Mail...
L_MAILSERVER=Please enter the name of your outgoing email server:
L_COPY=Copy to Clipboard
L_SELECTALL=Select All
L_DONWLOADFILE=Downloading: %s
L_PLEASEWAIT=Please wait...
TrayMenuBegin
MenuName=TrayOpen
MenuText=Open
MenuState=3
MenuKey=0
MenuAction=SetVar "[WindowState]" "Normal"
MenuName=TrayExit
MenuText=Exit
MenuState=3
MenuKey=0
MenuAction=Exit "" ""
MenuEnd
MasterPage
NewPage=New Page
PageStyle=0
PageColor=16777215
PageGradient1=16711680
PageGradient2=255
PageGradientDir=1
WallpaperStyle=0
ObjectType=9
Name=TextEntry1
X=10
Y=15
W=305
H=25
Anchor=0
VarName=[TextEntry1]
EditLen=0
LineColor=0
LineWidth=1
LineStyle=0
FillColor=16777215
FillPattern=0
Font=Arial
FontSize=11
FontStyle=0
FontCharset=1
TextColor=0
TabOrder=2
ObjectType=3
Name=PushButton1
X=110
Y=65
W=80
H=40
Anchor=0
Text=MD5
Align=2
ImageStyle=0
XPTheme=Yes
ObjAction=Call "HashString" "[TextEnrty1]"
LineColor=0
LineWidth=1
LineStyle=0
FillColor=16777215
FillPattern=0
Font=Arial
FontSize=11
FontStyle=0
FontCharset=1
TextColor=0
TabOrder=3
ObjectType=8
Name=Text2
X=5
Y=135
W=305
H=35
Anchor=0
Font=Arial
FontSize=11
FontStyle=0
FontCharset=1
TextColor=0
Text={\rtf1\ansi\deff0\deftab254{\fonttbl{\f0\fnil\fcharset1 Arial;}}{\pard{\ql\li0\fi0\ri0\sb0\sl\sa0 \plain\f0\fs22\cf0 [MD5result]}}}
HMargin=0
VMargin=0
LineColor=0
LineWidth=1
LineStyle=0
FillColor=16777215
FillPattern=0
TabOrder=4
Tony Kroos
Posts: 419
Joined: Thu Oct 15, 2009 3:43 pm

Post by Tony Kroos »

Call "HashString" "[TextEnrty1]"
smokinbanger
Posts: 204
Joined: Mon Jan 16, 2012 9:53 am
Location: United States

Post by smokinbanger »

Tony Kroos wrote:Call "HashString" "[TextEnrty1]"
:oops:
David de Argentina
Posts: 1596
Joined: Mon Apr 04, 2005 4:13 pm
Location: Buenos Aires, Argentina
Contact:

Re: JScript function: MD5 hash of string

Post by David de Argentina »

How to get original value ?

Thanks in advance,
David de Argentina
Tony Kroos
Posts: 419
Joined: Thu Oct 15, 2009 3:43 pm

Re: JScript function: MD5 hash of string

Post by Tony Kroos »

u cannot get original value, it's by design and meaning of hash.
User avatar
dpayer
Posts: 1394
Joined: Mon Apr 11, 2005 5:55 am
Location: Iowa - USA

Re: JScript function: MD5 hash of string

Post by dpayer »

David de Argentina wrote:How to get original value ?

Thanks in advance,
David de Argentina
encrypting something allows you to decrypt if you know the passcode or salt/method used.

Hashing is a unique symbolic representation of something. You can verify identity using A=C & B=C Therefore A=B

David P.
David Payer
Des Moines, Iowa
USA
Tony Kroos
Posts: 419
Joined: Thu Oct 15, 2009 3:43 pm

Re: JScript function: MD5 hash of string

Post by Tony Kroos »

no, u cannot restore original string (or whatever) from it's hash. It is a fundamental point in security when u use hash.
David de Argentina
Posts: 1596
Joined: Mon Apr 04, 2005 4:13 pm
Location: Buenos Aires, Argentina
Contact:

Re: JScript function: MD5 hash of string

Post by David de Argentina »

Thanks DavidP & Tony

I must go for another way...

Greetings from Buenos Aires,
David de Argentina
Tony Kroos
Posts: 419
Joined: Thu Oct 15, 2009 3:43 pm

Re: JScript function: MD5 hash of string

Post by Tony Kroos »

u have to use cipher algorithms with public/private keys such as AES, RC4, Blowfish etc... There are some implementations in JScript/VBS (but not strict) that I can share.
Locked