目录 前言CertUtil计算文件hash 计算MD2计算MD4计算MD5计算SHA1计算SHA256计算SHA384计算SHA512文件base64编码文件base64解码文件hex编码文件hex解码结语 前言
CertUtil.exe是一个命令行程序,作为证书服务的一部分安装。可以使用CertUtil.exe转储和显示证书颁发机构(CA)配置信息、配置证书服务、备份和恢复CA组件,以及验证证书、密钥对和证书链。如果certutil在没有附加参数的证书颁发机构上运行,它将显示当前的证书颁发机构配置。如果certutil在非认证中心上运行,则该命令默认运行certutil [-dump]命令。
但是我只用了计算文件hash,以及编码解码文件功能,对我来说在Windows上不用安装额外软件就能实现这些功能很方便。详细说明可以参考【官方文档】
CertUtil计算文件hash
在Windows的cmd下执行CertUtil -hashfile -?会出现帮助文档,根据Hash algorithms: MD2 MD4 MD5 SHA1 SHA256 SHA384 SHA512可以得到常用计算文件hash方法,md5和sha1比较常用。
Usage: CertUtil [Options] -hashfile InFile [HashAlgorithm] Generate and display cryptographic hash over a fileOptions: -Unicode — Write redirected output in Unicode -gmt — Display times as GMT -seconds — Display times with seconds and milliseconds -v — Verbose operation -privatekey — Display password and private key data -pin PIN — Smart Card PIN -sid WELL_KNOWN_SID_TYPE — Numeric SID 22 — Local System 23 — Local Service 24 — Network ServiceHash algorithms: MD2 MD4 MD5 SHA1 SHA256 SHA384 SHA512CertUtil -? — Display a verb list (command list)CertUtil -hashfile -? — Display help text for the “hashfile” verbCertUtil -v -? — Display all help text for all verbs 计算MD2 CertUtil -hashfile test.txt MD2MD2 hash of test.txt:5892bec299b1bae578d5aff607f6eb61CertUtil: -hashfile command completed successfully. 计算MD4 CertUtil -hashfile test.txt MD4MD4 hash of test.txt:a9c5d7b55b8173b39870bcdf919c71b7CertUtil: -hashfile command completed successfully. 计算MD5
计算md5是比较常用的文件hash方式。
CertUtil -hashfile test.txt MD5MD5 hash of test.txt:02877f0b701bec19ed79911ccc7b20e3CertUtil: -hashfile command completed successfully. 计算SHA1 CertUtil -hashfile test.txt SHA1SHA1 hash of test.txt:ae36676c8c6a617ed5d3a84b88c70cd5d9c362a5CertUtil: -hashfile command completed successfully. 计算SHA256 CertUtil -hashfile test.txt SHA256SHA256 hash of test.txt:8df1da6d5c8b7a89ed3da070b652946d9db143fd22e98afdccf5d3d1ac3b29e9CertUtil: -hashfile command completed successfully. 计算SHA384 CertUtil -hashfile test.txt SHA384SHA384 hash of test.txt:bc3cf094587ee7473fd460fac1f37db2d3fd7085cfe8d024cfb004d03824d555f46939bd8920a4db32d9e178da064560CertUtil: -hashfile command completed successfully. 计算SHA512 CertUtil -hashfile test.txt SHA512SHA512 hash of test.txt:3b338d0a80a81f95cb8a654c2bcd9ec6385ee9da785708f8e5bb5eba37934d4c2b745faa823f3598fb56b32a32a833defdce3c195f7e4e3a1fa3b3b69f166969CertUtil: -hashfile command completed successfully. 文件base64编码
在Windows的cmd执行CertUtil -encode -?可以查看编码文件为base64格式文件。
Usage: CertUtil [Options] -encode InFile OutFile Encode file to Base64Options: -f — Force overwrite -Unicode — Write redirected output in Unicode -UnicodeText — Write output file in Unicode -gmt — Display times as GMT -seconds — Display times with seconds and milliseconds -v — Verbose operation -privatekey — Display password and private key data -pin PIN — Smart Card PIN -sid WELL_KNOWN_SID_TYPE — Numeric SID 22 — Local System 23 — Local Service 24 — Network ServiceCertUtil -? — Display a verb list (command list)CertUtil -encode -? — Display help text for the “encode” verbCertUtil -v -? — Display all help text for all verbs
下面是对一个文件进行base64编码。结果文件首行和末行会有特殊标记。
CertUtil -encode test.txt test.txt.outInput Length = 8Output Length = 70CertUtil: -encode command completed successfully.cat test.txttestcat test.txt.out—–BEGIN CERTIFICATE—–dGVzdCAgDQo=—–END CERTIFICATE—– 文件base64解码
在Windows的cmd执行CertUtil -decode -?可以查看解码base64格式文件。
Usage: CertUtil [Options] -decode InFile OutFile Decode Base64-encoded fileOptions: -f — Force overwrite -Unicode — Write redirected output in Unicode -gmt — Display times as GMT -seconds — Display times with seconds and milliseconds -v — Verbose operation -privatekey — Display password and private key data -pin PIN — Smart Card PIN -sid WELL_KNOWN_SID_TYPE — Numeric SID 22 — Local System 23 — Local Service 24 — Network ServiceCertUtil -? — Display a verb list (command list)CertUtil -decode -? — Display help text for the “decode” verbCertUtil -v -? — Display all help text for all verbs
下面是对一个base64文件进行解码。
CertUtil -decode test.txt.out test.txt.deInput Length = 70Output Length = 8CertUtil: -decode command completed successfully.cat test.txt.out—–BEGIN CERTIFICATE—–dGVzdCAgDQo=—–END CERTIFICATE—–cat test.txt.detest 文件hex编码
在Windows的cmd执行CertUtil -encodehex -?可以查看编码文件为hex格式文件。
Usage: CertUtil [Options] -encodehex InFile OutFile [type] Encode file in hexadecimalOptions: -f — Force overwrite -Unicode — Write redirected output in Unicode -UnicodeText — Write output file in Unicode -gmt — Display times as GMT -seconds — Display times with seconds and milliseconds -v — Verbose operation -privatekey — Display password and private key data -pin PIN — Smart Card PIN -sid WELL_KNOWN_SID_TYPE — Numeric SID 22 — Local System 23 — Local Service 24 — Network ServiceCertUtil -? — Display a verb list (command list)CertUtil -encodehex -? — Display help text for the “encodehex” verbCertUtil -v -? — Display all help text for all verbs
下面是对一个文件进行hex编码。结果类似Linux下的xxd格式,展示了文件hex的值。
CertUtil -encodehex test.txt test.hexInput Length = 23Output Length = 139CertUtil: -encodehex command completed successfully.cat test.txttest1test2test3cat test.hex0000 74 65 73 74 31 0d 0a 74 65 73 74 32 0d 0a 74 65 test1..test2..te0010 73 74 33 0d 0a 0d 0a st3…. 文件hex解码
在Windows的cmd执行CertUtil -decodehex -?可以查看解码hex格式文件。
Usage: CertUtil [Options] -decodehex InFile OutFile [type] Decode hexadecimal-encoded file type — numeric CRYPT_STRING_* encoding typeOptions: -f — Force overwrite -Unicode — Write redirected output in Unicode -gmt — Display times as GMT -seconds — Display times with seconds and milliseconds -v — Verbose operation -privatekey — Display password and private key data -pin PIN — Smart Card PIN -sid WELL_KNOWN_SID_TYPE — Numeric SID 22 — Local System 23 — Local Service 24 — Network ServiceCertUtil -? — Display a verb list (command list)CertUtil -decodehex -? — Display help text for the “decodehex” verbCertUtil -v -? — Display all help text for all verbs
下面是对一个hex文件进行解码。
CertUtil -decodehex test.hex test.hex.outInput Length = 139Output Length = 23CertUtil: -decodehex command completed successfully.cat test.hex0000 74 65 73 74 31 0d 0a 74 65 73 74 32 0d 0a 74 65 test1..test2..te0010 73 74 33 0d 0a 0d 0a st3….cat test.hex.outtest1test2test3 结语
熟练使用这个命令,可以方便的在Windows电脑上校验文件,以及编码解码文件。特别是编码为hex格式文件,可以分析文件的二进制数据。我以前遇到过文件包含不可见字符导致代码编译报错,却找不到哪里错误,这时候分析文件的二进制数据一目了然了。