TheThing/sql_hashers
1
0
Fork 0
Code Issues Pull requests Projects Releases1 Packages Wiki Activity Actions
MS SQL CLR implementation of Argon2id hasher for secure password hashing in database
3 commits 1 branch 1 tag 43 KiB
C# 100%
Find a file
TheThing a2977541e0 Update readme with installation instructions
2025-02-09 06:51:15 +00:00
Hashers Initial working implementation, version 1.0.0.0 2025-02-09 06:41:18 +00:00
MsSQL2019_hashers Initial working implementation, version 1.0.0.0 2025-02-09 06:41:18 +00:00
Testing Initial working implementation, version 1.0.0.0 2025-02-09 06:41:18 +00:00
.gitignore Initial commit 2025-02-09 06:39:38 +00:00
LICENSE Initial commit 2025-02-09 06:39:38 +00:00
MsSQL2019_hashers.sln Initial working implementation, version 1.0.0.0 2025-02-09 06:41:18 +00:00
README.md Update readme with installation instructions 2025-02-09 06:51:15 +00:00

README.md

SQL Hashers

A collection of new and secure hashing algorithms for Microsoft SQL Servers using CLR to bring Microsoft SQL into the 21st century.

Features

Hashing Algorithms:

  • Argon2id (with salt and verification)

Installation

Build yourself or grab the combined dll from releases. Copy it to a path on the server with a running MS SQL.

Run following SQL Script:

DROP PROCEDURE IF EXISTS argon2id_hash;
GO

DROP PROCEDURE IF EXISTS argon2id_hash_custom;
GO

DROP PROCEDURE IF EXISTS argon2id_verify;
GO

DROP ASSEMBLY IF EXISTS clr_hashers;
GO

ALTER DATABASE [your_database_name_here] SET TRUSTWORTHY ON;
go

CREATE ASSEMBLY clr_hashers from 'C:\clr\MsSQL2019_hashers.dll' WITH PERMISSION_SET = unsafe;
GO

-- Taken from https://sqlquantumleap.com/2017/09/29/sqlclr-vs-sql-server-2017-part-6-trusted-assemblies-cant-do-module-signing/
DECLARE @Hash BINARY(64),
        @ClrName NVARCHAR(4000),
        @AssemblySize INT,
        @MvID UNIQUEIDENTIFIER;

SELECT  @Hash = HASHBYTES(N'SHA2_512', af.[content]),
        @ClrName = CONVERT(NVARCHAR(4000), ASSEMBLYPROPERTY(af.[name],
                N'CLRName')),
        @AssemblySize = DATALENGTH(af.[content]),
        @MvID = CONVERT(UNIQUEIDENTIFIER, ASSEMBLYPROPERTY(af.[name], N'MvID'))
FROM    sys.assembly_files af
  JOIN  sys.assemblies a ON (af.assembly_id = a.assembly_id)
WHERE   a.name = 'clr_hashers'
AND     af.[file_id] = 1;

SELECT  @ClrName, @AssemblySize, @MvID, @Hash;

EXEC sys.sp_add_trusted_assembly @Hash, @ClrName;
GO

ALTER DATABASE [your_database_name_here] SET TRUSTWORTHY OFF;
go

CREATE PROCEDURE argon2id_hash(@password NVARCHAR (256), @hash NVARCHAR (256) OUTPUT)
  AS EXTERNAL NAME clr_hashers.SqlHashers.Argon2id_hash;
GO

CREATE PROCEDURE argon2id_hash_custom(@password NVARCHAR (256), @parallel SMALLINT, @memory SMALLINT, @iterations SMALLINT, @bc SMALLINT, @output NVARCHAR (256) OUTPUT)
  AS EXTERNAL NAME clr_hashers.SqlHashers.Argon2id_hash_custom;
GO

CREATE PROCEDURE argon2id_verify(@i NVARCHAR (256), @h NVARCHAR (256))
  AS EXTERNAL NAME clr_hashers.SqlHashers.Argon2id_verify;
GO