Windows下CertUtil校验和编码文件
前言
CertUtil.exe是一个命令行程序,作为证书服务的一部分安装。可以使用CertUtil.exe转储和显示证书颁发机构(CA)配置信息、配置证书服务、备份和恢复CA组件,以及验证证书、密钥对和证书链。如果certutil在没有附加参数的证书颁发机构上运行,它将显示当前的证书颁发机构配置。如果certutil在非认证中心上运行,则该命令默认运行certutil [-dump]命令。
但是我只用了计算文件hash,以及编码解码文件功能,对我来说在Windows上不用安装额外软件就能实现这些功能很方便。详细说明可以参考【官方文档】
CertUtil计算文件hash
在Windows的cmd下执行CertUtil -hashfile -?
会出现帮助文档,根据Hash algorithms: MD2 MD4 MD5 SHA1 SHA256 SHA384 SHA512
可以得到常用计算文件hash方法,md5和sha1比较常用。
copyUsage:
CertUtil [Options] -hashfile InFile [HashAlgorithm]
Generate and display cryptographic hash over a file
Options:
-Unicode -- Write redirected output in Unicode
-gmt -- Display times as GMT
-seconds -- Display times with seconds and milliseconds
-v -- Verbose operation
-privatekey -- Display password and private key data
-pin PIN -- Smart Card PIN
-sid WELL_KNOWN_SID_TYPE -- Numeric SID
22 -- Local System
23 -- Local Service
24 -- Network Service
Hash algorithms: MD2 MD4 MD5 SHA1 SHA256 SHA384 SHA512
CertUtil -? -- Display a verb list (command list)
CertUtil -hashfile -? -- Display help text for the "hashfile" verb
CertUtil -v -? -- Display all help text for all verbs
计算MD2
copyCertUtil -hashfile test.txt MD2
MD2 hash of test.txt:
5892bec299b1bae578d5aff607f6eb61
CertUtil: -hashfile command completed successfully.
计算MD4
copyCertUtil -hashfile test.txt MD4
MD4 hash of test.txt:
a9c5d7b55b8173b39870bcdf919c71b7
CertUtil: -hashfile command completed successfully.
计算MD5
计算md5是比较常用的文件hash方式。
copyCertUtil -hashfile test.txt MD5
MD5 hash of test.txt:
02877f0b701bec19ed79911ccc7b20e3
CertUtil: -hashfile command completed successfully.
计算SHA1
copyCertUtil -hashfile test.txt SHA1
SHA1 hash of test.txt:
ae36676c8c6a617ed5d3a84b88c70cd5d9c362a5
CertUtil: -hashfile command completed successfully.
计算SHA256
copyCertUtil -hashfile test.txt SHA256
SHA256 hash of test.txt:
8df1da6d5c8b7a89ed3da070b652946d9db143fd22e98afdccf5d3d1ac3b29e9
CertUtil: -hashfile command completed successfully.
计算SHA384
copyCertUtil -hashfile test.txt SHA384
SHA384 hash of test.txt:
bc3cf094587ee7473fd460fac1f37db2d3fd7085cfe8d024cfb004d03824d555f46939bd8920a4db32d9e178da064560
CertUtil: -hashfile command completed successfully.
计算SHA512
copyCertUtil -hashfile test.txt SHA512
SHA512 hash of test.txt:
3b338d0a80a81f95cb8a654c2bcd9ec6385ee9da785708f8e5bb5eba37934d4c2b745faa823f3598fb56b32a32a833defdce3c195f7e4e3a1fa3b3b69f166969
CertUtil: -hashfile command completed successfully.
文件base64编码
在Windows的cmd执行CertUtil -encode -?
可以查看编码文件为base64格式文件。
copyUsage:
CertUtil [Options] -encode InFile OutFile
Encode file to Base64
Options:
-f -- Force overwrite
-Unicode -- Write redirected output in Unicode
-UnicodeText -- Write output file in Unicode
-gmt -- Display times as GMT
-seconds -- Display times with seconds and milliseconds
-v -- Verbose operation
-privatekey -- Display password and private key data
-pin PIN -- Smart Card PIN
-sid WELL_KNOWN_SID_TYPE -- Numeric SID
22 -- Local System
23 -- Local Service
24 -- Network Service
CertUtil -? -- Display a verb list (command list)
CertUtil -encode -? -- Display help text for the "encode" verb
CertUtil -v -? -- Display all help text for all verbs
下面是对一个文件进行base64编码。结果文件首行和末行会有特殊标记。
copyCertUtil -encode test.txt test.txt.out
Input Length = 8
Output Length = 70
CertUtil: -encode command completed successfully.
cat test.txt
test
cat test.txt.out
-----BEGIN CERTIFICATE-----
dGVzdCAgDQo=
-----END CERTIFICATE-----
文件base64解码
在Windows的cmd执行CertUtil -decode -?
可以查看解码base64格式文件。
copyUsage:
CertUtil [Options] -decode InFile OutFile
Decode Base64-encoded file
Options:
-f -- Force overwrite
-Unicode -- Write redirected output in Unicode
-gmt -- Display times as GMT
-seconds -- Display times with seconds and milliseconds
-v -- Verbose operation
-privatekey -- Display password and private key data
-pin PIN -- Smart Card PIN
-sid WELL_KNOWN_SID_TYPE -- Numeric SID
22 -- Local System
23 -- Local Service
24 -- Network Service
CertUtil -? -- Display a verb list (command list)
CertUtil -decode -? -- Display help text for the "decode" verb
CertUtil -v -? -- Display all help text for all verbs
下面是对一个base64文件进行解码。
copyCertUtil -decode test.txt.out test.txt.de
Input Length = 70
Output Length = 8
CertUtil: -decode command completed successfully.
cat test.txt.out
-----BEGIN CERTIFICATE-----
dGVzdCAgDQo=
-----END CERTIFICATE-----
cat test.txt.de
test
文件hex编码
在Windows的cmd执行CertUtil -encodehex -?
可以查看编码文件为hex格式文件。
copyUsage:
CertUtil [Options] -encodehex InFile OutFile [type]
Encode file in hexadecimal
Options:
-f -- Force overwrite
-Unicode -- Write redirected output in Unicode
-UnicodeText -- Write output file in Unicode
-gmt -- Display times as GMT
-seconds -- Display times with seconds and milliseconds
-v -- Verbose operation
-privatekey -- Display password and private key data
-pin PIN -- Smart Card PIN
-sid WELL_KNOWN_SID_TYPE -- Numeric SID
22 -- Local System
23 -- Local Service
24 -- Network Service
CertUtil -? -- Display a verb list (command list)
CertUtil -encodehex -? -- Display help text for the "encodehex" verb
CertUtil -v -? -- Display all help text for all verbs
下面是对一个文件进行hex编码。结果类似Linux下的xxd格式,展示了文件hex的值。
copyCertUtil -encodehex test.txt test.hex
Input Length = 23
Output Length = 139
CertUtil: -encodehex command completed successfully.
cat test.txt
test1
test2
test3
cat test.hex
0000 74 65 73 74 31 0d 0a 74 65 73 74 32 0d 0a 74 65 test1..test2..te
0010 73 74 33 0d 0a 0d 0a st3....
文件hex解码
在Windows的cmd执行CertUtil -decodehex -?
可以查看解码hex格式文件。
copyUsage:
CertUtil [Options] -decodehex InFile OutFile [type]
Decode hexadecimal-encoded file
type -- numeric CRYPT_STRING_* encoding type
Options:
-f -- Force overwrite
-Unicode -- Write redirected output in Unicode
-gmt -- Display times as GMT
-seconds -- Display times with seconds and milliseconds
-v -- Verbose operation
-privatekey -- Display password and private key data
-pin PIN -- Smart Card PIN
-sid WELL_KNOWN_SID_TYPE -- Numeric SID
22 -- Local System
23 -- Local Service
24 -- Network Service
CertUtil -? -- Display a verb list (command list)
CertUtil -decodehex -? -- Display help text for the "decodehex" verb
CertUtil -v -? -- Display all help text for all verbs
下面是对一个hex文件进行解码。
copyCertUtil -decodehex test.hex test.hex.out
Input Length = 139
Output Length = 23
CertUtil: -decodehex command completed successfully.
cat test.hex
0000 74 65 73 74 31 0d 0a 74 65 73 74 32 0d 0a 74 65 test1..test2..te
0010 73 74 33 0d 0a 0d 0a st3....
cat test.hex.out
test1
test2
test3
结语
熟练使用这个命令,可以方便的在Windows电脑上校验文件,以及编码解码文件。特别是编码为hex格式文件,可以分析文件的二进制数据。我以前遇到过文件包含不可见字符导致代码编译报错,却找不到哪里错误,这时候分析文件的二进制数据一目了然了。
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· .NET Core 托管堆内存泄露/CPU异常的常见思路
· PostgreSQL 和 SQL Server 在统计信息维护中的关键差异
· C++代码改造为UTF-8编码问题的总结
· DeepSeek 解答了困扰我五年的技术问题
· 为什么说在企业级应用开发中,后端往往是效率杀手?
· 10亿数据,如何做迁移?
· 清华大学推出第四讲使用 DeepSeek + DeepResearch 让科研像聊天一样简单!
· 推荐几款开源且免费的 .NET MAUI 组件库
· 易语言 —— 开山篇
· Trae初体验