TheThing/sql_hashers
1
0
Fork 0
Code Issues Pull requests Projects Releases1 Packages Wiki Activity Actions
sql_hashers/README.md

73 lines
No EOL
2.1 KiB
Markdown
Raw Permalink Blame History

# SQL Hashers
A collection of new and secure hashing algorithms for Microsoft SQL Servers using CLR to bring Microsoft SQL into the 21st century.
# Features
### Hashing Algorithms:
* **Argon2id** (with salt and verification)
# Installation
Build yourself or grab the combined dll from releases.
Copy it to a path on the server with a running MS SQL.
Run following SQL Script:
```sql
DROP PROCEDURE IF EXISTS argon2id_hash;
GO
DROP PROCEDURE IF EXISTS argon2id_hash_custom;
GO
DROP PROCEDURE IF EXISTS argon2id_verify;
GO
DROP ASSEMBLY IF EXISTS clr_hashers;
GO
ALTER DATABASE [your_database_name_here] SET TRUSTWORTHY ON;
go
CREATE ASSEMBLY clr_hashers from 'C:\clr\MsSQL2019_hashers.dll' WITH PERMISSION_SET = unsafe;
GO
-- Taken from https://sqlquantumleap.com/2017/09/29/sqlclr-vs-sql-server-2017-part-6-trusted-assemblies-cant-do-module-signing/
DECLARE @Hash BINARY(64),
@ClrName NVARCHAR(4000),
@AssemblySize INT,
@MvID UNIQUEIDENTIFIER;
SELECT @Hash = HASHBYTES(N'SHA2_512', af.[content]),
@ClrName = CONVERT(NVARCHAR(4000), ASSEMBLYPROPERTY(af.[name],
N'CLRName')),
@AssemblySize = DATALENGTH(af.[content]),
@MvID = CONVERT(UNIQUEIDENTIFIER, ASSEMBLYPROPERTY(af.[name], N'MvID'))
FROM sys.assembly_files af
JOIN sys.assemblies a ON (af.assembly_id = a.assembly_id)
WHERE a.name = 'clr_hashers'
AND af.[file_id] = 1;
SELECT @ClrName, @AssemblySize, @MvID, @Hash;
EXEC sys.sp_add_trusted_assembly @Hash, @ClrName;
GO
ALTER DATABASE [your_database_name_here] SET TRUSTWORTHY OFF;
go
CREATE PROCEDURE argon2id_hash(@password NVARCHAR (256), @hash NVARCHAR (256) OUTPUT)
AS EXTERNAL NAME clr_hashers.SqlHashers.Argon2id_hash;
GO
CREATE PROCEDURE argon2id_hash_custom(@password NVARCHAR (256), @parallel SMALLINT, @memory SMALLINT, @iterations SMALLINT, @bc SMALLINT, @output NVARCHAR (256) OUTPUT)
AS EXTERNAL NAME clr_hashers.SqlHashers.Argon2id_hash_custom;
GO
CREATE PROCEDURE argon2id_verify(@i NVARCHAR (256), @h NVARCHAR (256))
AS EXTERNAL NAME clr_hashers.SqlHashers.Argon2id_verify;
GO
```
Reference in a new issue View git blame Copy permalink