Sample code

Python

import hmac
import re
import urllib

THUMBRIO_API_KEY = 'YOUR_API_KEY'
THUMBRIO_SECRET_KEY = 'YOUR_SECRET_KEY'
THUMBRIO_BASE_URLS = ('http://api.thumbr.io/', 'https://api.thumbr.io/', 'http://cdn.thumbr.io/', 'https://cdn.thumbr.io/')


def _thumbrio_quote(s):
    return urllib.quote(s, safe='/-_.')


def thumbrio(url, size, thumb_name='thumb.png', query_arguments=None,
             base_url=THUMBRIO_BASE_URLS[0]):
    # we take out the http:// protocol as that's our default protocol
    unprefixed_url = re.sub(r'^http://', '', url).encode('utf-8')
    encoded_url = _thumbrio_quote(unprefixed_url)
    encoded_size = _thumbrio_quote(size)
    encoded_thumb_name = _thumbrio_quote(thumb_name)
    path = '%s/%s/%s' % (encoded_url, encoded_size, encoded_thumb_name)

    if query_arguments:
        if isinstance(query_arguments, str):
            qs = query_arguments.lstrip('?')
        else:
            qs = urllib.urlencode(query_arguments)
        path += '?' + qs

    # We should add the API to the URL when we use the non customized
    # thumbr.io domains
    if base_url in THUMBRIO_BASE_URLS:
        path = '%s/%s' % (THUMBRIO_API_KEY, path)

    # some bots (msnbot-media) "fix" the url changing // by /, so even if
    # it's legal it's troublesome to use // in a URL.
    path = path.replace('//', '%2F%2F')
    token = hmac.new(THUMBRIO_SECRET_KEY, base_url + path).hexdigest()
    return '%s%s/%s' % (base_url, token, path)

Ruby

require 'openssl'

THUMBRIO_API_KEY = 'YOUR_API_KEY'
THUMBRIO_SECRET_KEY = 'YOUR_SECRET_KEY'
THUMBRIO_BASE_URLS = ['http://api.thumbr.io/', 'https://api.thumbr.io/', 'http://cdn.thumbr.io/', 'https://cdn.thumbr.io/']
THUMBRIO_DIGEST = OpenSSL::Digest::Digest.new('md5')

def thumbrio(url, size, thumb_name='thumb.png', query_arguments=nil, base_url=THUMBRIO_BASE_URLS[0])
    # NOTE: We assume all strings are UTF-8
    url = safe_url_escape(url.gsub(/^http:\/\//, ''))
    size = safe_url_escape(size)
    thumb_name = safe_url_escape(thumb_name)
    path = "#{url}/#{size}/#{thumb_name}"

    if query_arguments
        path << "?#{query_arguments}";
    end

    # We should add the API to the URL when we use the non customized
    # thumbr.io domains
    if THUMBRIO_BASE_URLS.include?(base_url)
        path = "#{THUMBRIO_API_KEY}/#{path}"
    end

    # some bots (msnbot-media) "fix" the url changing // by /, so even if
    # it's legal it's troublesome to use // in a URL.
    path.gsub!('//', '%2F%2F')
    token = OpenSSL::HMAC.hexdigest(THUMBRIO_DIGEST, THUMBRIO_SECRET_KEY, base_url + path)
    return "#{base_url}#{token}/#{path}"
end

def safe_url_escape(str)
    encoded_string = ''
    str.each_byte do |byte|
        if byte.chr.match(/^[a-zA-Z0-9_.\-\/]$/) 
            encoded_string << byte.chr && next 
        end
        encoded_string << sprintf('%%%02X', byte)
    end
    return encoded_string
end

Javascript

// In a browser use https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9/crypto-js.min.js
// In node.js: var crypto = require('crypto');
var THUMBRIO_API_KEY = 'YOUR_API_KEY';
var THUMBRIO_SECRET_KEY = 'YOUR_SECRET_KEY';
var THUMBRIO_BASE_URLS = [
    'http://api.thumbr.io/', 'https://api.thumbr.io/', 'http://cdn.thumbr.io/', 'https://cdn.thumbr.io/'
];

function thumbrio(url, size, thumbName, queryArguments, baseUrl) {
    thumbName = thumbName || 'thumb.png';
    baseUrl = baseUrl || THUMBRIO_BASE_URLS[0];

    var encodedUrl = _thumbrioUrlencode(url.replace(/^http:\/\//, ''));
    var encodedSize = _thumbrioUrlencode(size);
    var encodedThumbName = _thumbrioUrlencode(thumbName);
    var path = encodedUrl + '/' + encodedSize + '/' + encodedThumbName;

    if (queryArguments) {
        if (queryArguments[0] == '?') {
            path += queryArguments;
        }
        else {
            path += '?' + queryArguments;
        }
    }

    // We should add the API to the URL when we use the non customized
    // thumbr.io domains
    if (THUMBRIO_BASE_URLS.indexOf(baseUrl) != -1) {
        path = THUMBRIO_API_KEY + '/' + path;
    }

    // some bots (msnbot-media) "fix" the url changing // by /, so even if
    // it's legal it's troublesome to use // in a URL.
    path = path.replace(/\/\//g, '%2F%2F');

    // In node.js: var token = crypto.createHmac('md5', THUMBRIO_SECRET_KEY)
    //                  .update(baseUrl + path).digest('hex');
    var token = CryptoJS.HmacMD5(baseUrl + path, THUMBRIO_SECRET_KEY);
    return baseUrl + token + '/' + path;
}

function _thumbrioUrlencode(str) {
    var encodedStr = encodeURIComponent(str);
    return encodedStr.replace(/[~!'()\*]/g, _thumbrioEscapeSingle).replace(/%2F/g, '/');
}

function _thumbrioEscapeSingle(c) {
    return '%' + c.charCodeAt(0).toString(16).toUpperCase();
}

PHP

<?php
define('THUMBRIO_API_KEY', 'YOUR_API_KEY');
define('THUMBRIO_SECRET_KEY', 'YOUR_SECRET_KEY');
$THUMBRIO_BASE_URLS = array(
    'http://api.thumbr.io/', 'https://api.thumbr.io/', 'http://cdn.thumbr.io/', 'https://cdn.thumbr.io/'
);

/**
 * $url is the URL of the image that you want to process. This string should
 * be pure ASCII or UTF-8.
 */
function thumbrio($url, $size, $thumb_name='thumb.png', $query_arguments=NULL,
                  $base_url=NULL) {
    global $THUMBRIO_BASE_URLS;

    if (!$base_url) {
        $base_url = isset($THUMBRIO_BASE_URLS[0]) ? $THUMBRIO_BASE_URLS[0] : 'http://api.thumbr.io/';
    }
    if (substr($url, 0, 7) === 'http://') {
        $url = substr($url, 7);
    }
    $encoded_url = _thumbrio_urlencode($url);
    $encoded_size = _thumbrio_urlencode($size);
    $encoded_thumb_name = _thumbrio_urlencode($thumb_name);
    $path = "$encoded_url/$encoded_size/$encoded_thumb_name";

    if ($query_arguments) {
        $path .= "?$query_arguments";
    }

    // We should add the API to the URL when we use the non customized
    // thumbr.io domains
    if (in_array($base_url, $THUMBRIO_BASE_URLS)) {
        $path = THUMBRIO_API_KEY . "/$path";
    }

    // some bots (msnbot-media) "fix" the url changing // by /, so even if
    // it's legal it's troublesome to use // in a URL.
    $path = str_replace('//', '%2F%2F', $path);
    $token = hash_hmac('md5', $base_url . $path, THUMBRIO_SECRET_KEY);
    return "$base_url$token/$path";
}

/**
 * Encodes a string following RFC 3986, adding "/" to the safe characters.
 * Assumes the $str is encoded in UTF-8.
 */
function _thumbrio_urlencode($str) {
    $length = strlen($str);
    $encoded = '';
    for ($i = 0; $i < $length; $i++) {
        $c = $str[$i];
        if (($c >= 'a' && $c <= 'z') ||
            ($c >= 'A' && $c <= 'Z') ||
            ($c >= '0' && $c <= '9') ||
            $c == '/' || $c == '-' || $c == '_' || $c == '.')
            $encoded .= $c;
        else
            $encoded .= '%' . strtoupper(bin2hex($c));
    }
    return $encoded;
}
?>

Perl

use strict;
use Digest::HMAC_MD5 qw(hmac_md5_hex);
use List::Util qw(first);
use URI::Escape;
use Encode;
use constant THUMBRIO_API_KEY => "YOUR_API_KEY";
use constant THUMBRIO_SECRET_KEY => "YOUR_SECRET_KEY";
use constant THUMBRIO_BASE_URLS => "http://api.thumbr.io/", "https://api.thumbr.io/", "http://cdn.thumbr.io/", "https://cdn.thumbr.io/";


sub thumbrio {
    my ($url, $size, $thumb_name, $query_arguments, $base_url) = @_;
    my @thumbrio_base_urls = (+THUMBRIO_BASE_URLS);
    $thumb_name ||= "thumb.png";
    $base_url ||= $thumbrio_base_urls[0];
    $url =~ s/^http:\/\///;

    my $encoded_url = safe_url_escape($url);
    my $encoded_size = safe_url_escape($size);
    my $encoded_thumb_name = safe_url_escape($thumb_name);
    my $path = "$encoded_url/$encoded_size/$encoded_thumb_name";

    $path .= "?$query_arguments" if $query_arguments;

    # We should add the API to the URL when we use the non customized
    # thumbr.io domains
    if (first { $_ == $base_url } @thumbrio_base_urls) {
        $path = THUMBRIO_API_KEY . "/$path";
    }

    # some bots (msnbot-media) "fix" the url changing // by /, so even if
    # it's legal it's troublesome to use // in a URL.
    $path =~ s,//,%2F%2F,g;
    my $token = hmac_md5_hex($base_url . $path, THUMBRIO_SECRET_KEY);
    return "$base_url$token/$path";
}

sub safe_url_escape {
    my ($url) = @_;
    $url = uri_escape(encode('utf-8', $url));
    $url =~ s/%2F/\//g;
    $url =~ s/~/%7E/g;
    return $url;
}

Java

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;


public class ThumbrIo
{
    private static final String THUMBRIO_API_KEY = "YOUR_API_KEY";
    private static final String THUMBRIO_SECRET_KEY = "YOUR_SECRET_KEY";
    private static final String[] THUMBRIO_BASE_URLS = {
        "http://api.thumbr.io/", "https://api.thumbr.io/", "http://cdn.thumbr.io/", "https://cdn.thumbr.io/"
    };

    private ThumbrIo() {
        throw new AssertionError();
    }

    private static final String toHex(byte bytes[]) {
        StringBuffer buf = new StringBuffer(bytes.length * 2);

        for (byte b: bytes)
            buf.append(Integer.toHexString(b + 0x800).substring(1));

        return buf.toString();
    }

    public static final String sign(String url, String size)
        throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
        return ThumbrIo.sign(url, size, "thumb.png", null, THUMBRIO_BASE_URLS[0]);
    }

    public static final String sign(String url, String size, String thumbName)
        throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
        return ThumbrIo.sign(url, size, thumbName, null, THUMBRIO_BASE_URLS[0]);
    }

    public static final String sign(String url, String size, String thumbName, String queryArguments)
        throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
        return ThumbrIo.sign(url, size, thumbName, queryArguments, THUMBRIO_BASE_URLS[0]);
    }

    public static final String sign(String url, String size, String thumbName, String queryArguments, String baseUrl)
        throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
        if (url.startsWith("http://")) {
            url = url.substring(7);
        }
        String encodedUrl = ThumbrIo.safe_url_escape(url);
        String encodedSize = ThumbrIo.safe_url_escape(size);
        String encodedThumbName = ThumbrIo.safe_url_escape(thumbName);
        String path = String.format("%s/%s/%s", encodedUrl, encodedSize, encodedThumbName);

        if (queryArguments != null && !queryArguments.isEmpty()) {
            if (queryArguments.startsWith("?")) {
                path = String.format("%s%s", path, queryArguments);
            }
            else {
                path = String.format("%s?%s", path, queryArguments);
            }
        }

        // We should add the API to the URL when we use the non customized
        // thumbr.io domains
        if (Arrays.asList(THUMBRIO_BASE_URLS).contains(baseUrl)) {
            path = String.format("%s/%s", THUMBRIO_API_KEY, path);
        }

        // some bots (msnbot-media) "fix" the url changing // by /, so even if
        // it's legal it's troublesome to use // in a URL.
        path = path.replace("//", "%2F%2F");

        SecretKeySpec keySpec = new SecretKeySpec(THUMBRIO_SECRET_KEY.getBytes(), "HmacMD5");
        Mac mac = Mac.getInstance("HmacMD5");
        mac.init(keySpec);
        byte[] hmacBytes = mac.doFinal((baseUrl + path).getBytes("UTF-8"));
        String token = ThumbrIo.toHex(hmacBytes);

        return String.format("%s%s/%s", baseUrl, token, path);
    }

    public static final String safe_url_escape(String url) throws UnsupportedEncodingException{
        String res = URLEncoder.encode(url, "UTF-8").toString();
        return res.replace("%2F", "/").replace("*", "%2A").replace("+", "%20");
    }

}

C#

using System;
using System.Collections.ObjectModel;
using System.Security.Cryptography;
using System.Text;


public static class Thumbrio
{
    private static readonly ReadOnlyCollection<string> ThumbrioBaseUrls =
        new ReadOnlyCollection<string>(new[] {
            "http://api.thumbr.io/", "https://api.thumbr.io/", "http://cdn.thumbr.io/", "https://cdn.thumbr.io/"
        });

    public static string Sign(string url, string size, string thumbName = "thumb.png",
        string queryArguments = null, string baseUrl = "http://api.thumbr.io/")
    {
        const string ThumbrioApiKey = "YOUR_API_KEY";
        const string ThumbrioSecretKey = "YOUR_SECRET_KEY";

        string encodedUrl = UrlEncodePath(url.Replace("http://", ""));
        string encodedSize = UrlEncodePath(size);
        string encodedThumbName = UrlEncodePath(thumbName);
        string path = encodedUrl + '/' + encodedSize + '/' + encodedThumbName;

        if (!String.IsNullOrEmpty(queryArguments)) {
            if (queryArguments.StartsWith("?")) {
                path += queryArguments;
            }
            else {
                path += "?" + queryArguments;
            }
        }

        // We should add the API to the URL when we use the non customized
        // thumbr.io domains
        if (ThumbrioBaseUrls.Contains(baseUrl)) {
            path = ThumbrioApiKey + "/" + path;
        }

        // some bots (msnbot-media) "fix" the url changing // by /, so even if
        // it's legal it's troublesome to use // in a URL.
        path = path.Replace("//", "%2F%2F");
        string token = HmacMD5(baseUrl + path, ThumbrioSecretKey);
        return baseUrl + token + '/' + path;
    }

    public static string HmacMD5(string url, string secretKey)
    {
        System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding();
        byte[] keyByte = encoding.GetBytes(secretKey);
        HMACMD5 hmacmd5 = new HMACMD5(keyByte);
        byte[] messageBytes = encoding.GetBytes(url);
        byte[] hashMessage = hmacmd5.ComputeHash(messageBytes);
        return ToHexString(hashMessage);
    }

    public static string ToHexString(byte[] array)
    {
        StringBuilder hex = new StringBuilder(array.Length * 2);
        foreach (byte b in array)
        {
            hex.AppendFormat("{0:x2}", b);
        }
        return hex.ToString();
    }

    // Escapes a URL leaving the characters [a-z][A-Z][0-9] and -./_
    // Alternative: return Uri.EscapeDataString(s)
    // It will work, but we will not get the URL escaped exactly as with the other languages.
    public static string UrlEncodePath(string s)
    {
        string safeChars = "-./_";
        byte[] utf8Bytes = Encoding.UTF8.GetBytes(s);
        StringBuilder enc = new StringBuilder(s.Length * 3);

        foreach (byte b in utf8Bytes)
        {
            char c = Convert.ToChar(b);
            if (safeChars.IndexOf(c) != -1 || (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') ||
                (c >= '0' && c <= '9'))
            {
                enc.Append(c);
            }
            else
            {
                enc.AppendFormat("%{0:X2}", b);
            }
        }

        return enc.ToString();
    }
}

ASP Classic (Visual Basic)

<%
Private Const THUMBRIO_API_KEY = "YOUR_API_KEY"
Private Const THUMBRIO_SECRET_KEY = "YOUR_SECRET_KEY"
Private THUMBRIO_BASE_URLS(2)
THUMBRIO_BASE_URLS(0) = "http://api.thumbr.io/"
THUMBRIO_BASE_URLS(1) = "https://api.thumbr.io/"
THUMBRIO_BASE_URLS(2) = "http://cdn.thumbr.io/"
THUMBRIO_BASE_URLS(3) = "https://cdn.thumbr.io/"


Public Function ThumbrIo(sUrl, sSize, sThumbName, sQueryArguments, sBaseUrl)

    If IsNull(sThumbName) Or sThumbName = "" Then
        sThumbName = "thumb.png"
    End If

    If IsNull(sQueryArguments) Then
        sQueryArguments = ""
    End If

    If IsNull(sBaseUrl) Or sBaseUrl = "" Then
        sBaseUrl = THUMBRIO_BASE_URLS(0)
    End If

    If Left(sUrl, 7) = "http://" Then
        sUrl = Right(sUrl, Len(sUrl) - 7)
    End If

    sEncodedUrl = ThumbrIo_UrlEncode(sUrl)
    sEncodedSize = ThumbrIo_UrlEncode(sSize)
    sEncodedThumbName = ThumbrIo_UrlEncode(sThumbName)
    sPath = sEncodedUrl + "/" & sEncodedSize & "/" & sEncodedThumbName

    If sQueryArguments <> "" Then
        If StrComp(Left(sQueryArguments, 1), "?") = 0 Then
            sPath = sPath & sQueryArguments
        Else
            sPath = sPath & "?" & sQueryArguments
        End If
    End If

    ' We should add the API to the URL when we use the non customized
    ' thumbr.io domains
    If ThumbrIo_StrInArray(THUMBRIO_BASE_URLS, sBaseUrl) Then
        sPath = THUMBRIO_API_KEY & "/" & sPath
    End If

    ' some bots (msnbot-media) "fix" the url changing // by /, so even if
    ' it's legal it's troublesome to use // in a URL.
    sPath = Replace(sPath, "//", "%2F%2F")

    sToken = HexDigest(HmacMD5(sBaseUrl & sPath, THUMBRIO_SECRET_KEY))
    ThumbrIo = sBaseUrl & sToken & "/" & sPath
End Function


Private Function ThumbrIo_StrInArray(a, s)
    For Each x In a
        If x = s Then
            ThumbrIo_StrInArray = True
            Exit Function
        End If
    Next
    ThumbrIo_StrInArray = False
End Function


Private Function ThumbrIo_UrlEncode(sUrl)
    ThumbrIo_UrlEncode = Server.URLEncode(sUrl)
    ThumbrIo_UrlEncode = Replace(ThumbrIo_UrlEncode, "+", "%20")
    ThumbrIo_UrlEncode = Replace(ThumbrIo_UrlEncode, "%2D", "-")
    ThumbrIo_UrlEncode = Replace(ThumbrIo_UrlEncode, "%2E", ".")
    ThumbrIo_UrlEncode = Replace(ThumbrIo_UrlEncode, "%2F", "/")
    ThumbrIo_UrlEncode = Replace(ThumbrIo_UrlEncode, "%5F", "_")
End Function


' Source http://chayoung.tistory.com/entry/VBScript-MD5
' found via http://stackoverflow.com/questions/10198690/how-to-generate-md5-using-vb-in-classic-asp/10198875#10198875
' HmacMD5 code by Thumbr.io.
Private Const BITS_TO_A_BYTE = 8
Private Const BYTES_TO_A_WORD = 4
Private Const BITS_TO_A_WORD = 32
Private m_lOnBits(30)
Private m_l2Power(30)
m_lOnBits(0) = CLng(1)
m_lOnBits(1) = CLng(3)
m_lOnBits(2) = CLng(7)
m_lOnBits(3) = CLng(15)
m_lOnBits(4) = CLng(31)
m_lOnBits(5) = CLng(63)
m_lOnBits(6) = CLng(127)
m_lOnBits(7) = CLng(255)
m_lOnBits(8) = CLng(511)
m_lOnBits(9) = CLng(1023)
m_lOnBits(10) = CLng(2047)
m_lOnBits(11) = CLng(4095)
m_lOnBits(12) = CLng(8191)
m_lOnBits(13) = CLng(16383)
m_lOnBits(14) = CLng(32767)
m_lOnBits(15) = CLng(65535)
m_lOnBits(16) = CLng(131071)
m_lOnBits(17) = CLng(262143)
m_lOnBits(18) = CLng(524287)
m_lOnBits(19) = CLng(1048575)
m_lOnBits(20) = CLng(2097151)
m_lOnBits(21) = CLng(4194303)
m_lOnBits(22) = CLng(8388607)
m_lOnBits(23) = CLng(16777215)
m_lOnBits(24) = CLng(33554431)
m_lOnBits(25) = CLng(67108863)
m_lOnBits(26) = CLng(134217727)
m_lOnBits(27) = CLng(268435455)
m_lOnBits(28) = CLng(536870911)
m_lOnBits(29) = CLng(1073741823)
m_lOnBits(30) = CLng(2147483647)
m_l2Power(0) = CLng(1)
m_l2Power(1) = CLng(2)
m_l2Power(2) = CLng(4)
m_l2Power(3) = CLng(8)
m_l2Power(4) = CLng(16)
m_l2Power(5) = CLng(32)
m_l2Power(6) = CLng(64)
m_l2Power(7) = CLng(128)
m_l2Power(8) = CLng(256)
m_l2Power(9) = CLng(512)
m_l2Power(10) = CLng(1024)
m_l2Power(11) = CLng(2048)
m_l2Power(12) = CLng(4096)
m_l2Power(13) = CLng(8192)
m_l2Power(14) = CLng(16384)
m_l2Power(15) = CLng(32768)
m_l2Power(16) = CLng(65536)
m_l2Power(17) = CLng(131072)
m_l2Power(18) = CLng(262144)
m_l2Power(19) = CLng(524288)
m_l2Power(20) = CLng(1048576)
m_l2Power(21) = CLng(2097152)
m_l2Power(22) = CLng(4194304)
m_l2Power(23) = CLng(8388608)
m_l2Power(24) = CLng(16777216)
m_l2Power(25) = CLng(33554432)
m_l2Power(26) = CLng(67108864)
m_l2Power(27) = CLng(134217728)
m_l2Power(28) = CLng(268435456)
m_l2Power(29) = CLng(536870912)
m_l2Power(30) = CLng(1073741824)

Private Function LShift(lValue, iShiftBits)
    If iShiftBits = 0 Then
        LShift = lValue
        Exit Function
    ElseIf iShiftBits = 31 Then
        If lValue And 1 Then
            LShift = &H80000000
        Else
            LShift = 0
        End If
        Exit Function
    ElseIf iShiftBits < 0 Or iShiftBits > 31 Then
        Err.Raise 6
    End If
    If (lValue And m_l2Power(31 - iShiftBits)) Then
        LShift = ((lValue And m_lOnBits(31 - (iShiftBits + 1))) * m_l2Power(iShiftBits)) Or &H80000000
    Else
        LShift = ((lValue And m_lOnBits(31 - iShiftBits)) * m_l2Power(iShiftBits))
    End If
End Function


Private Function RShift(lValue, iShiftBits)
    If iShiftBits = 0 Then
        RShift = lValue
        Exit Function
    ElseIf iShiftBits = 31 Then
        If lValue And &H80000000 Then
            RShift = 1
        Else
            RShift = 0
        End If
        Exit Function
    ElseIf iShiftBits < 0 Or iShiftBits > 31 Then
        Err.Raise 6
    End If
    RShift = (lValue And &H7FFFFFFE) \ m_l2Power(iShiftBits)
    If (lValue And &H80000000) Then
        RShift = (RShift Or (&H40000000 \ m_l2Power(iShiftBits - 1)))
    End If
End Function


Private Function RotateLeft(lValue, iShiftBits)
    RotateLeft = LShift(lValue, iShiftBits) Or RShift(lValue, (32 - iShiftBits))
End Function


Private Function AddUnsigned(lX, lY)
    Dim lX4
    Dim lY4
    Dim lX8
    Dim lY8
    Dim lResult
    lX8 = lX And &H80000000
    lY8 = lY And &H80000000
    lX4 = lX And &H40000000
    lY4 = lY And &H40000000
    lResult = (lX And &H3FFFFFFF) + (lY And &H3FFFFFFF)
    If lX4 And lY4 Then
        lResult = lResult Xor &H80000000 Xor lX8 Xor lY8
    ElseIf lX4 Or lY4 Then
        If lResult And &H40000000 Then
            lResult = lResult Xor &HC0000000 Xor lX8 Xor lY8
        Else
            lResult = lResult Xor &H40000000 Xor lX8 Xor lY8
        End If
    Else
        lResult = lResult Xor lX8 Xor lY8
    End If
    AddUnsigned = lResult
End Function


Private Function F(x, y, z)
    F = (x And y) Or ((Not x) And z)
End Function


Private Function G(x, y, z)
    G = (x And z) Or (y And (Not z))
End Function


Private Function H(x, y, z)
    H = (x Xor y Xor z)
End Function


Private Function I(x, y, z)
    I = (y Xor (x Or (Not z)))
End Function


Private Sub FF(a, b, c, d, x, s, ac)
    a = AddUnsigned(a, AddUnsigned(AddUnsigned(F(b, c, d), x), ac))
    a = RotateLeft(a, s)
    a = AddUnsigned(a, b)
End Sub


Private Sub GG(a, b, c, d, x, s, ac)
    a = AddUnsigned(a, AddUnsigned(AddUnsigned(G(b, c, d), x), ac))
    a = RotateLeft(a, s)
    a = AddUnsigned(a, b)
End Sub


Private Sub HH(a, b, c, d, x, s, ac)
    a = AddUnsigned(a, AddUnsigned(AddUnsigned(H(b, c, d), x), ac))
    a = RotateLeft(a, s)
    a = AddUnsigned(a, b)
End Sub


Private Sub II(a, b, c, d, x, s, ac)
    a = AddUnsigned(a, AddUnsigned(AddUnsigned(I(b, c, d), x), ac))
    a = RotateLeft(a, s)
    a = AddUnsigned(a, b)
End Sub


Private Function ConvertToWordArray(sMessage)
    Dim lMessageLength
    Dim lNumberOfWords
    Dim lWordArray()
    Dim lBytePosition
    Dim lByteCount
    Dim lWordCount
    Const MODULUS_BITS = 512
    Const CONGRUENT_BITS = 448
    lMessageLength = Len(sMessage)
    lNumberOfWords = (((lMessageLength + ((MODULUS_BITS - CONGRUENT_BITS) \ BITS_TO_A_BYTE)) \ (MODULUS_BITS \ BITS_TO_A_BYTE)) + 1) * (MODULUS_BITS \ BITS_TO_A_WORD)
    ReDim lWordArray(lNumberOfWords - 1)
    lBytePosition = 0
    lByteCount = 0
    Do Until lByteCount >= lMessageLength
        lWordCount = lByteCount \ BYTES_TO_A_WORD
        lBytePosition = (lByteCount Mod BYTES_TO_A_WORD) * BITS_TO_A_BYTE
        lWordArray(lWordCount) = lWordArray(lWordCount) Or LShift(Asc(Mid(sMessage, lByteCount + 1, 1)), lBytePosition)
        lByteCount = lByteCount + 1
    Loop
    lWordCount = lByteCount \ BYTES_TO_A_WORD
    lBytePosition = (lByteCount Mod BYTES_TO_A_WORD) * BITS_TO_A_BYTE
    lWordArray(lWordCount) = lWordArray(lWordCount) Or LShift(&H80, lBytePosition)
    lWordArray(lNumberOfWords - 2) = LShift(lMessageLength, 3)
    lWordArray(lNumberOfWords - 1) = RShift(lMessageLength, 29)
    ConvertToWordArray = lWordArray
End Function


Private Function HexDigest(sValue)
    Dim i
    Dim c
    For i = 1 To Len(sValue)
        c = Mid(sValue, i, 1)
        HexDigest = HexDigest & Right("0" & LCase(Hex(Asc(c))), 2)
    Next
End Function


Private Function WordToStr(lValue)
    Dim lByte
    Dim lCount
    WordToStr = ""
    For lCount = 0 To 3
        lByte = RShift(lValue, lCount * BITS_TO_A_BYTE) And m_lOnBits(BITS_TO_A_BYTE - 1)
        WordToStr = WordToStr & Chr(lByte)
    Next
End Function


Public Function MD5(sMessage)
    Dim x
    Dim k
    Dim AA
    Dim BB
    Dim CC
    Dim DD
    Dim a
    Dim b
    Dim c
    Dim d
    Const S11 = 7
    Const S12 = 12
    Const S13 = 17
    Const S14 = 22
    Const S21 = 5
    Const S22 = 9
    Const S23 = 14
    Const S24 = 20
    Const S31 = 4
    Const S32 = 11
    Const S33 = 16
    Const S34 = 23
    Const S41 = 6
    Const S42 = 10
    Const S43 = 15
    Const S44 = 21
    x = ConvertToWordArray(sMessage)
    a = &H67452301
    b = &HEFCDAB89
    c = &H98BADCFE
    d = &H10325476
    For k = 0 To UBound(x) Step 16
        AA = a
        BB = b
        CC = c
        DD = d
        FF a, b, c, d, x(k + 0), S11, &HD76AA478
        FF d, a, b, c, x(k + 1), S12, &HE8C7B756
        FF c, d, a, b, x(k + 2), S13, &H242070DB
        FF b, c, d, a, x(k + 3), S14, &HC1BDCEEE
        FF a, b, c, d, x(k + 4), S11, &HF57C0FAF
        FF d, a, b, c, x(k + 5), S12, &H4787C62A
        FF c, d, a, b, x(k + 6), S13, &HA8304613
        FF b, c, d, a, x(k + 7), S14, &HFD469501
        FF a, b, c, d, x(k + 8), S11, &H698098D8
        FF d, a, b, c, x(k + 9), S12, &H8B44F7AF
        FF c, d, a, b, x(k + 10), S13, &HFFFF5BB1
        FF b, c, d, a, x(k + 11), S14, &H895CD7BE
        FF a, b, c, d, x(k + 12), S11, &H6B901122
        FF d, a, b, c, x(k + 13), S12, &HFD987193
        FF c, d, a, b, x(k + 14), S13, &HA679438E
        FF b, c, d, a, x(k + 15), S14, &H49B40821
        GG a, b, c, d, x(k + 1), S21, &HF61E2562
        GG d, a, b, c, x(k + 6), S22, &HC040B340
        GG c, d, a, b, x(k + 11), S23, &H265E5A51
        GG b, c, d, a, x(k + 0), S24, &HE9B6C7AA
        GG a, b, c, d, x(k + 5), S21, &HD62F105D
        GG d, a, b, c, x(k + 10), S22, &H2441453
        GG c, d, a, b, x(k + 15), S23, &HD8A1E681
        GG b, c, d, a, x(k + 4), S24, &HE7D3FBC8
        GG a, b, c, d, x(k + 9), S21, &H21E1CDE6
        GG d, a, b, c, x(k + 14), S22, &HC33707D6
        GG c, d, a, b, x(k + 3), S23, &HF4D50D87
        GG b, c, d, a, x(k + 8), S24, &H455A14ED
        GG a, b, c, d, x(k + 13), S21, &HA9E3E905
        GG d, a, b, c, x(k + 2), S22, &HFCEFA3F8
        GG c, d, a, b, x(k + 7), S23, &H676F02D9
        GG b, c, d, a, x(k + 12), S24, &H8D2A4C8A
        HH a, b, c, d, x(k + 5), S31, &HFFFA3942
        HH d, a, b, c, x(k + 8), S32, &H8771F681
        HH c, d, a, b, x(k + 11), S33, &H6D9D6122
        HH b, c, d, a, x(k + 14), S34, &HFDE5380C
        HH a, b, c, d, x(k + 1), S31, &HA4BEEA44
        HH d, a, b, c, x(k + 4), S32, &H4BDECFA9
        HH c, d, a, b, x(k + 7), S33, &HF6BB4B60
        HH b, c, d, a, x(k + 10), S34, &HBEBFBC70
        HH a, b, c, d, x(k + 13), S31, &H289B7EC6
        HH d, a, b, c, x(k + 0), S32, &HEAA127FA
        HH c, d, a, b, x(k + 3), S33, &HD4EF3085
        HH b, c, d, a, x(k + 6), S34, &H4881D05
        HH a, b, c, d, x(k + 9), S31, &HD9D4D039
        HH d, a, b, c, x(k + 12), S32, &HE6DB99E5
        HH c, d, a, b, x(k + 15), S33, &H1FA27CF8
        HH b, c, d, a, x(k + 2), S34, &HC4AC5665
        II a, b, c, d, x(k + 0), S41, &HF4292244
        II d, a, b, c, x(k + 7), S42, &H432AFF97
        II c, d, a, b, x(k + 14), S43, &HAB9423A7
        II b, c, d, a, x(k + 5), S44, &HFC93A039
        II a, b, c, d, x(k + 12), S41, &H655B59C3
        II d, a, b, c, x(k + 3), S42, &H8F0CCC92
        II c, d, a, b, x(k + 10), S43, &HFFEFF47D
        II b, c, d, a, x(k + 1), S44, &H85845DD1
        II a, b, c, d, x(k + 8), S41, &H6FA87E4F
        II d, a, b, c, x(k + 15), S42, &HFE2CE6E0
        II c, d, a, b, x(k + 6), S43, &HA3014314
        II b, c, d, a, x(k + 13), S44, &H4E0811A1
        II a, b, c, d, x(k + 4), S41, &HF7537E82
        II d, a, b, c, x(k + 11), S42, &HBD3AF235
        II c, d, a, b, x(k + 2), S43, &H2AD7D2BB
        II b, c, d, a, x(k + 9), S44, &HEB86D391
        a = AddUnsigned(a, AA)
        b = AddUnsigned(b, BB)
        c = AddUnsigned(c, CC)
        d = AddUnsigned(d, DD)
    Next

    MD5 = WordToStr(a) & WordToStr(b) & WordToStr(c) & WordToStr(d)
End Function


Private Function Rpad(sValue, sPadchar, iLength)
    Rpad = sValue & String(iLength - Len(sValue), sPadchar)
End Function


Private Function HmacMD5(sMessage, sSecret)
    Dim i

    ' Shortcuts
    Const HASHER_BLOCK_SIZE = 16
    Const HASHER_BLOCK_SIZE_BYTES = 64

    ' Allow arbitrary length keys
    If (Len(sSecret) > HASHER_BLOCK_SIZE_BYTES) Then
        sSecret = MD5(sSecret)
    Else
        ' Clamp excess bits
        sSecret = Rpad(sSecret, 0, HASHER_BLOCK_SIZE_BYTES)
    End If

    ' Clone key for inner and outer pads
    sOKey = ""
    sIKey = ""

    ' XOR keys with pad constants
    For i = 1 To HASHER_BLOCK_SIZE_BYTES
        iK = Asc(Mid(sSecret, i, 1))
        sOKey = sOKey & Chr(iK Xor &H5C)
        sIKey = sIKey & Chr(iK Xor &H36)
    Next

    HmacMD5 = MD5(sOKey & MD5(sIKey & sMessage))
End Function
%>