Getting an exception/error when using Win32 API to create Hash string using Sha1 Algorithm

Question

void main ()

{

LPCTSTR pwd = "TNVBalaji";

CString sHashedPwd;
SHA1Hash(pwd, sHashedPwd.GetBuffer());

}

// plainText:      @parm input | Original text to be hash
// hashCode:    @parm output |  hashed text

bool CPwdMgrX::SHA1Hash(LPCTSTR plainText, LPTSTR hashCode)
{
bool rc = true; // Default is success
TCHAR rstData[256]= {0}; // Buffer to receive hashed result
ALG_ID algorithmID = CALG_SHA1; // Use SHA1 algorithm
HCRYPTPROV  hProv       = NULL;      // Handle to a cryptographic service provider (CSP). 
HCRYPTHASH  hHash       = NULL;      // Handle to the hash object needed to create a hash.
PBYTE       pbHash      = NULL;      // Pointer to the hash.
DWORD       dwDataLen   = 0;         // Length, in bytes, of the hash.


//--------------------------------------------------------------------
// Acquire a handle to the default RSA cryptographic service provider.
if (!CryptAcquireContext(
&hProv,                   // handle of the CSP
NULL,                     // key container name
NULL,                     // CSP name
PROV_RSA_FULL,            // provider type
CRYPT_VERIFYCONTEXT))     // no key access is requested
{
printf(" Error in AcquireContext 0x%08x \n", GetLastError());
rc = false;
goto ErrorExit;
}


if (!CryptCreateHash(
hProv,                    // handle of the CSP
algorithmID,              // hash algorithm to use
0,                        // hash key
0,                        // reserved
&hHash))                  // address of hash object handle
{
printf("Error in CryptCreateHash 0x%08x \n", GetLastError());
rc = false;
goto ErrorExit;
}


if (!CryptHashData(
hHash,                    // handle of the hash object
(const BYTE *) plainText, // text to be hash
_tcslen(plainText)*sizeof(TCHAR), // number of bytes of data
0))                       // flags
{
printf("Error in CryptHashData 0x%08x \n", GetLastError());
rc = false;
goto ErrorExit;
}


if (!CryptGetHashParam(
hHash,                 // handle of the HMAC hash object
HP_HASHVAL,                // query on the hash value
NULL,                    // pointer to the HMAC hash value
&dwDataLen,                // length,in bytes, of the hash
0))
{
printf("Error in CryptGetHashParam 0x%08x \n", GetLastError());
rc = false;
goto ErrorExit;
}


pbHash = (BYTE*)malloc(dwDataLen);
if(NULL == pbHash) 
{
  printf("unable to allocate memory\n");
  goto ErrorExit;
}


if (!CryptGetHashParam(
hHash,                 // handle of the HMAC hash object
HP_HASHVAL,                // query on the hash value
pbHash,                    // pointer to the HMAC hash value
&dwDataLen,                // length,in bytes, of the hash
0))
{
printf("Error in CryptGetHashParam 0x%08x \n", GetLastError());
rc = false;
goto ErrorExit;
}


//CString s = (char*)pbHash;
TCHAR tmpBuffer[3] = {0};
for (DWORD i = 0 ; i < dwDataLen ; i++) 
{
tmpBuffer[0] = 0; tmpBuffer[1] = 0; tmpBuffer[2] = 0; // clear
_stprintf_s(tmpBuffer, _T("%2.2x"),pbHash[i]);
_tcscat_s(rstData, tmpBuffer);
}
_tcscpy(hashCode, rstData);


// Free resources.
  ErrorExit:
if(hHash)
CryptDestroyHash(hHash);    
if(hProv)
CryptReleaseContext(hProv, 0);
if(pbHash)
       free(pbHash);

return rc;
}

Error Message

=================

---------------------------
Microsoft Visual C++ Debug Library
---------------------------
Debug Assertion Failed!


Program: C:\Program Files\Internet Explorer\IEXPLORE.EXE
File: f:\dd\vctools\crt_bld\self_x86\crt\src\dbgheap.c
Line: 1317


Expression: _CrtIsValidHeapPointer(pUserData)


For information on how your program can cause an assertion
failure, see the Visual C++ documentation on asserts.


(Press Retry to debug the application)
---------------------------
Abort   Retry   Ignore   
---------------------------

Please Help to resolve the issue.

---

www.tnvbalaji.com

Answer 1

On 2/21/2012 12:20 PM, tnvbalaji wrote:

void main (){

CString sHashedPwd = "TNVBalaji";
SHA1Hash(pwd, sHashedPwd.GetBuffer());



}// plainText:       Original text to be hash
// hashCode: text to store hashed code, which is 40 character long string.

... and yet you pass in a buffer that's only 10 characters large.

---

Igor Tandetnik

Answer 2

Hi Igor Tandetnik,

it is a typo error in the Questiion this is main() look likes

void main (){

LPCTSTR pwd = "TNVBalaji";

CString sHashedPwd;
SHA1Hash(pwd, sHashedPwd.GetBuffer());

}

---

www.tnvbalaji.com

Answer 3

On 2/21/2012 1:49 PM, tnvbalaji wrote:

it is a typo error in the Questiion this is main() look likes



void main (){

LPCTSTR pwd = "TNVBalaji";

CString sHashedPwd;
SHA1Hash(pwd, sHashedPwd.GetBuffer());

That's hardly an improvement: now you are passing a buffer that's one character large. Use the overload of GetBuffer that takes buffer size as a parameter.

---

Igor Tandetnik

Answer 4

I had solved the issue please the below link for the code

http://tnvbalaji.com/2012/03/15/hash-data-using-win32-api-through-a-chashdataprovider-class/

---

www.tnvbalaji.com