使用 CREATEd ASSEMBLY 会导致 SQL Server 永久挂起

发布于 2024-10-28 10:07:50 字数 2336 浏览 0 评论 0原文

这个有点难以解释，特别是对于非英语母语人士来说：

我想使用 BouncyCastle 加密库。我编写了一个小型 C# 包装类，它具有以下方法：

public static void generateKeyPair(out byte[] private_key, out byte[] public_key)

public static void SignData(byte[] data, byte[] private_key, out byte[] signature)

public static void VerifyData(byte[] signature, byte[] data, byte[] public_key, out bool ok)

所有方法都访问实际的 BouncyCastle 库 BouncyCastle.Crypto.dll。然后我创建了一个“Visual Studio 强名称密钥文件”，并使用原始 BouncyCastle DLL 作为资源和刚刚创建的密钥文件编译了包装类文件。

在 SQL Server 中，我执行了以下操作：

USE ACS  
EXEC sp_configure 'show advanced options', 1;  
RECONFIGURE WITH OVERRIDE;  
EXEC sp_configure 'xp_cmdshell', 1  
EXEC sp_configure 'CLR enabled', 1;  
RECONFIGURE WITH OVERRIDE;  
ALTER DATABASE ACS SET TRUSTWORTHY OFF  

USE master  
CREATE ASYMMETRIC KEY CLR_Key_Wrapper FROM EXECUTABLE FILE = 'C:\Wrapper.dll'  
CREATE ASYMMETRIC KEY CLR_Key_BouncyCastle FROM EXECUTABLE FILE = 'C:\BouncyCastle.Crypto.dll'  
CREATE LOGIN CLR_Login_Wrapper FROM ASYMMETRIC KEY CLR_Key_Wrapper  
CREATE LOGIN CLR_Login_BouncyCastle FROM ASYMMETRIC KEY CLR_Key_BouncyCastle  
GRANT UNSAFE ASSEMBLY TO CLR_Login_Wrapper  
GRANT UNSAFE ASSEMBLY TO CLR_Login_BouncyCastle  

USE ACS  
CREATE ASSEMBLY CLR FROM 'C:\Wrapper.dll' WITH PERMISSION_SET = UNSAFE  
GO

CREATE PROCEDURE Generate_Keypair  
(  
  @BSI_or_NIST  BIT,  
  @Private_Key  VARBINARY(64)  OUTPUT,  
  @Public_Key  VARBINARY(128)  OUTPUT  
)  
AS EXTERNAL NAME CLR.Wrapper.generateKeyPair  
GO  

CREATE PROCEDURE Sign_Data  
(  
  @BSI_or_NIST  BIT,  
  @Data  VARBINARY(8000),  
  @Private_Key  VARBINARY(64),  
  @Signature  VARBINARY(128)  OUTPUT  
)  
AS EXTERNAL NAME CLR.Wrapper.SignData  
GO  

CREATE PROCEDURE Verify_Data  
(  
  @BSI_or_NIST  BIT,  
  @Signature  VARBINARY(128),  
  @Data  VARBINARY(8000),  
  @Public_Key  VARBINARY(128),  
  @OK  BIT  OUTPUT  
)  
AS EXTERNAL NAME CLR.Wrapper.VerifyData

现在，在 TSQL 批处理中或通过来自 .Net 客户端应用程序的过程调用使用三个过程Generate_Keypair、Sign_Data 和Verify_Data 有时工作正常，但有时会导致 MSSQLSERVER 服务进入某些状态就像使用 100% CPU 时的无限循环一样，尤其是当我尝试将所有这些安装在与我自己开发上述代码的机器不同的机器上时（尽管如此，在我自己的机器上也会发生这种情况，但频率较低）。

唯一能做的就是取消正在执行的查询并删除程序集，这在 CPU 100% 使用时需要很长时间。

谁能告诉我我做错了什么？预先感谢，
扬

原文

this one's a bit difficult to explain, especially for a non-native english speaker:

I want to use some elliptic-curve-based digital signature functions of the C# implementation of the BouncyCastle crypto library. I wrote a small C# wrapper class that has the following methods:

public static void generateKeyPair(out byte[] private_key, out byte[] public_key)

public static void SignData(byte[] data, byte[] private_key, out byte[] signature)

public static void VerifyData(byte[] signature, byte[] data, byte[] public_key, out bool ok)

which all access the actual BouncyCastle library, BouncyCastle.Crypto.dll. Then I
created a "Visual Studio Strong Name Key File" and compiled the wrapper class file with the original BouncyCastle DLL as resource and the just created keyfile.

In SQL Server I did the following:

USE ACS  
EXEC sp_configure 'show advanced options', 1;  
RECONFIGURE WITH OVERRIDE;  
EXEC sp_configure 'xp_cmdshell', 1  
EXEC sp_configure 'CLR enabled', 1;  
RECONFIGURE WITH OVERRIDE;  
ALTER DATABASE ACS SET TRUSTWORTHY OFF  

USE master  
CREATE ASYMMETRIC KEY CLR_Key_Wrapper FROM EXECUTABLE FILE = 'C:\Wrapper.dll'  
CREATE ASYMMETRIC KEY CLR_Key_BouncyCastle FROM EXECUTABLE FILE = 'C:\BouncyCastle.Crypto.dll'  
CREATE LOGIN CLR_Login_Wrapper FROM ASYMMETRIC KEY CLR_Key_Wrapper  
CREATE LOGIN CLR_Login_BouncyCastle FROM ASYMMETRIC KEY CLR_Key_BouncyCastle  
GRANT UNSAFE ASSEMBLY TO CLR_Login_Wrapper  
GRANT UNSAFE ASSEMBLY TO CLR_Login_BouncyCastle  

USE ACS  
CREATE ASSEMBLY CLR FROM 'C:\Wrapper.dll' WITH PERMISSION_SET = UNSAFE  
GO

CREATE PROCEDURE Generate_Keypair  
(  
  @BSI_or_NIST  BIT,  
  @Private_Key  VARBINARY(64)  OUTPUT,  
  @Public_Key  VARBINARY(128)  OUTPUT  
)  
AS EXTERNAL NAME CLR.Wrapper.generateKeyPair  
GO  

CREATE PROCEDURE Sign_Data  
(  
  @BSI_or_NIST  BIT,  
  @Data  VARBINARY(8000),  
  @Private_Key  VARBINARY(64),  
  @Signature  VARBINARY(128)  OUTPUT  
)  
AS EXTERNAL NAME CLR.Wrapper.SignData  
GO  

CREATE PROCEDURE Verify_Data  
(  
  @BSI_or_NIST  BIT,  
  @Signature  VARBINARY(128),  
  @Data  VARBINARY(8000),  
  @Public_Key  VARBINARY(128),  
  @OK  BIT  OUTPUT  
)  
AS EXTERNAL NAME CLR.Wrapper.VerifyData

Now, using the three procedures Generate_Keypair, Sign_Data and Verify_Data in a TSQL batch or via a procedure call from e.g. a .Net client application sometimes works fine, but sometimes it causes the MSSQLSERVER service to go into something like an endless loop while using 100% CPU, especially when I try to install all this on a different machine than my own where I developed the code above (nevertheless, on my own machine it happens too, but less often).

The only thing that can be done is to cancel the executing query and drop the assembly which takes quite long when the CPU is in 100% use.

Can anyone tell me what I have done wrong? Thanks in advance,
Jan

分享到QQ

分享到微博