database/mariadb-connector-c
1
0
Fork 0
mirror of https://github.com/mariadb-corporation/mariadb-connector-c.git synced 2025-08-08 14:02:17 +03:00
Code Activity

Fix for bcrypt hash functions:

Browse Source 
Using a global crypt provider is not thread safe, so we need to load
provider via BCryptOpenProvider in ma_hash_new().
This commit is contained in:
Georg Richter
2023-08-23 16:18:50 +02:00
parent 5000bc790a
commit 4e3905c20a
3 changed files with 30 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
libmariadb/secure/win_crypt.c
View File

@@ -21,22 +21,19 @@
#include <ma_crypt.h>
#include <malloc.h>
BCRYPT_ALG_HANDLE Sha256Prov= 0;
BCRYPT_ALG_HANDLE Sha512Prov= 0;
BCRYPT_ALG_HANDLE RsaProv= 0;
static LPCWSTR ma_hash_get_algorithm(unsigned int alg, BCRYPT_ALG_HANDLE *algHdl)
static LPCWSTR ma_hash_get_algorithm(unsigned int alg)
{
switch(alg)
{
case MA_HASH_SHA1:
return BCRYPT_SHA1_ALGORITHM;
case MA_HASH_SHA256:
*algHdl= Sha256Prov;
return BCRYPT_SHA256_ALGORITHM;
case MA_HASH_SHA384:
return BCRYPT_SHA384_ALGORITHM;
case MA_HASH_SHA512:
*algHdl= Sha512Prov;
return BCRYPT_SHA512_ALGORITHM;
default:
*algHdl= 0;
return NULL;
}
}
@@ -48,27 +45,40 @@ MA_HASH_CTX *ma_hash_new(unsigned int algorithm, MA_HASH_CTX *ctx)
LPCWSTR alg;
BCRYPT_ALG_HANDLE algHdl= 0;
alg= ma_hash_get_algorithm(algorithm, &algHdl);
alg= ma_hash_get_algorithm(algorithm);
if (!alg || !algHdl)
if (!alg)
return NULL;
if (BCryptGetProperty(algHdl, BCRYPT_OBJECT_LENGTH,
(PBYTE)&cbObjSize, sizeof(DWORD),
&cbData, 0) < 0)
goto error;
if (!newctx)
{
newctx= (MA_HASH_CTX *)calloc(1, sizeof(MA_HASH_CTX));
newctx->free_me= 1;
} else {
char tmp_freeme= newctx->free_me;
BCRYPT_ALG_HANDLE tmp_alg= newctx->hAlg;
newctx->free_me= 0;
newctx->hAlg = 0;
ma_hash_free(newctx);
newctx->free_me= tmp_freeme;
newctx->hAlg= tmp_alg;
}
else
memset(newctx, 0, sizeof(MA_HASH_CTX));
if (!newctx->hAlg)
if (BCryptOpenAlgorithmProvider(&newctx->hAlg, alg, NULL, 0))
goto error;
if (BCryptGetProperty(newctx->hAlg, BCRYPT_OBJECT_LENGTH,
(PBYTE)&cbObjSize, sizeof(DWORD),
&cbData, 0) < 0)
goto error;
newctx->hashObject= (PBYTE)malloc(cbObjSize);
newctx->digest_len= (DWORD)ma_hash_digest_size(algorithm);
BCryptCreateHash(algHdl, &newctx->hHash, newctx->hashObject, cbObjSize, NULL, 0, 0);
BCryptCreateHash(newctx->hAlg, &newctx->hHash, newctx->hashObject, cbObjSize, NULL, 0, 0);
return newctx;
error:
@@ -85,6 +95,8 @@ void ma_hash_free(MA_HASH_CTX *ctx)
BCryptDestroyHash(ctx->hHash);
if (ctx->hashObject)
free(ctx->hashObject);
if (ctx->hAlg)
BCryptCloseAlgorithmProvider(ctx->hAlg, 0);
if (ctx->free_me)
free(ctx);
}