1

I'm using Microsoft's CNG Cryptography API's to compute the hash of a file, so far all works fine except that computed hash is wrong comparing to hash computed with external 3rd party program.

I'm not 100% sure but I think the problem is that I read the file into signed char array instead of into BYTE (unsigned char) array.

Bellow code is how I read the file now: (note: I omitted error checking code)

std::ifstream file;
file.open("sample.txt", std::ifstream::binary | std::ifstream::in | std::ifstream::ate);
const int file_length = file.tellg();

char* data = new char[file_length];
file.seekg(file.beg);
file.read(data, file_length);

Problem with above code is that data is read into signed char array but crypto functions expect unsigned char / BYTE and I'm guessing this is why my computed hash is wrong.

Bellow code is what I would like to do but it doesn't work (added comment) since ifstream::read() method expects char array not unsigned char / BYTE

std::ifstream file;
file.open("sample.txt", std::ifstream::binary | std::ifstream::in | std::ifstream::ate);
const int file_length = file.tellg();

PBYTE data = new BYTE[file_length];
file.seekg(file.beg);
file.read(data, file_length); // error PBYTE is incompatibe with char*

So my question is: how do I read data as BYTE not char do I need to use CreateFile API or is there a way with std::ifstream?

Maybe there is something else causing bad computed hash, I don't know if so tell me.

EDIT: Below is fully working code to compute the SHA256 hash for given file name, but the hash is bad. (ie. not the same as if done with 3rd party hash utility)

#include <windows.h>
#include <bcrypt.h>
#include <iostream>
#include <sstream>
#include <iomanip>
#include <fstream>


#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#define STATUS_UNSUCCESSFUL ((NTSTATUS)0xC0000001L)

std::string ByteToHex(PBYTE data, size_t len)
{
    std::stringstream ss;
    ss << std::hex << std::setfill('0') << std::uppercase;

    for (size_t i = 0; i < len; ++i)
    {
        ss << std::setw(2) << static_cast<short>(data[i]);
    }

    return ss.str();
}

int main()
{
    BCRYPT_ALG_HANDLE hAlg = nullptr;
    BCRYPT_HASH_HANDLE hHash = nullptr;
    DWORD cbHash, cbObject, cbData;
    PBYTE pbHash, pbObject;
    NTSTATUS status = STATUS_UNSUCCESSFUL;

    std::ifstream file;
    file.open("sample.exe", std::ifstream::binary | std::ifstream::in | std::ifstream::ate);
    const int file_length = file.tellg();

    if (!file.is_open())
    {
        abort();
    }

    PBYTE data = new BYTE[file_length];
    file.seekg(file.beg);
    file.read(reinterpret_cast<char*>(data), file_length);

    status = BCryptOpenAlgorithmProvider(
        &hAlg,
        BCRYPT_SHA256_ALGORITHM,
        nullptr,
        0);

    if (NT_SUCCESS(status))
    {
        status = BCryptGetProperty(
            hAlg,
            BCRYPT_OBJECT_LENGTH,
            reinterpret_cast<PBYTE>(&cbObject),
            sizeof(DWORD),
            &cbData,
            0);
    }
    else
    {
        abort();
    }

    pbObject = reinterpret_cast<PBYTE>(
        HeapAlloc(GetProcessHeap(), 0, cbObject));

    if (!pbObject)
    {
        abort();
    }

    if (NT_SUCCESS(status))
    {
        status = BCryptGetProperty(
            hAlg,
            BCRYPT_HASH_LENGTH,
            reinterpret_cast<PBYTE>(&cbHash),
            sizeof(DWORD),
            &cbData,
            0);
    }
    else
    {
        abort();
    }

    pbHash = reinterpret_cast<PBYTE>(
        HeapAlloc(GetProcessHeap(), 0, cbHash));

    if (!pbHash)
    {
        abort();
    }

    if (NT_SUCCESS(status))
    {
        status = BCryptCreateHash(
            hAlg,
            &hHash,
            pbObject,
            cbObject,
            nullptr,
            0,
            0);
    }
    else
    {
        abort();
    }

    if (NT_SUCCESS(status))
    {
        status = BCryptHashData(
            hHash,
            (PBYTE)(data),
            sizeof(data),
            0);
    }
    else
    {
        abort();
    }

    if (NT_SUCCESS(status))
    {
        status = BCryptFinishHash(
            hHash,
            pbHash,
            cbHash,
            0);
    }
    else
    {
        abort();
    }

    std::cout << ByteToHex(pbHash, cbHash).c_str();
    delete[] data;

    if(hAlg) BCryptCloseAlgorithmProvider(hAlg, 0);
    if(hHash) BCryptDestroyHash(hHash);
    if(pbHash) HeapFree(GetProcessHeap(), 0, pbHash);
    if(pbObject) HeapFree(GetProcessHeap(), 0, pbObject);
    return 0;
}
Ian Boyd
  • 246,734
  • 253
  • 869
  • 1,219

1 Answers1

2

When calling read or write, that's one of the few situations where it's considered okay to use reinterpret_cast. In some cases there's no other viable solution.

So for your case:

file.read(reinterpret_cast<char*>(data), file_length);
Some programmer dude
  • 400,186
  • 35
  • 402
  • 621
  • Computed hash is still wrong, same as if I read as char, Do you know why computed hash is wrong? –  Apr 08 '19 at 07:19
  • @zebanovich Perhaps the problem isn't with the reading? Perhaps the problem is the data? Perhaps the problem is with the has-computation? Please post a *new* question about that. – Some programmer dude Apr 08 '19 at 07:25
  • 1
    Thank you! Your solution works, and I found the issue wiht my code was that I hashed only the first BYTE instead of entry file_lenght :) –  Apr 08 '19 at 07:37