Windows下文件散列值的计算

在Windows平台下可以不借助第三方工具计算一个文件的散列值。

按Win+R调出“运行”对话框,输入powershell,启动Windows PowerShell。输入以下命令:

 

例如:Get-FileHash “C:\Users\Azure\Desktop\foo.apk” -Algorithm MD5
这将计算文件的MD5值。还可以使用SHA1、SHA256等算法。
当然 输入完Get-FileHash+一个空格之后,可以直接把文件拖进窗口内,会变成文件路径。

use-powershell-to-calc-md5

可以使用的算法参数有:

  • SHA1
  • SHA256
  • SHA384
  • SHA512
  • MACTripleDES
  • MD5
  • RIPEMD160

如果省略-Algorithm参数,则默认SHA256算法。

StartCom代码签名证书的坑

StartCom针对个人开发者的Class 2 “StartSSL™ Identity Validation”看上去很便宜,并且提供Object Code Signing和Time-Stamping,实际上是有问题的。

代码签名证书OID中有1.3.6.1.4.1.311.10.3.13 (szOID_KP_LIFETIME_SIGNING)。和字面意思不同的是,有这个标记意味着:即使有时间戳,在证书本体过期后,用该证书签名过的目标代码将不会被系统信任(例如,在UAC提权对话框中显示“未知的发布者”和黄色警告标记)。

我们来看一下微软Authenticode文档中的说明(Windows Authenticode Portable Executable Signature Format – 14):

Timestamp Processing

By default, timestamping an Authenticode signature extends the lifetime of the signature indefinitely, as long as that signature was timestamped, both:

  • During the validity period of the signing certificate.
  • Before the certificate revocation date, if applicable.

 

The signature lifetime is not extended if the “lifetime signer OID” (szOID_KP_LIFETIME_SIGNING) is present in the signing certificate or if WTD_LIFETIME_SIGNING_FLAG is set in the WINTRUST_DATA structure when calling WinVerifyTrust. For details, see “Timestamp Processing with Lifetime Signing Semantics.”

The certificates associated with the timestamp are in the PKCS #7 SignedData structure’s certificates field.

Timestamp chains are compared against the following criteria:

  • The certificate chain is built to a trusted root certificate by using X.509 chain-building rules.

The trusted root certificate is configured in the Trusted Root Certification Authorities certificate store. For more information on certificate stores, see “Certificates Stores.”

  • The TSA certificate that is used to sign the timestamp contains the following EKU:

szOID_PKIX_KP_TIMESTAMP_SIGNING 1.3.6.1.5.5.7.3.8

 

  • The signing certificate must not be in the Untrusted Certificates certificate store.

Note: If the certificate that is used to sign the timestamp is in the Untrusted Certificates certificate store, then the signature is not verified even if the software publisher certificate is still within its validity period.

  • Revocation checking is turned off by default for checking the validity of the timestamping certificate.

Timestamp Processing with Lifetime Signing Semantics

Applications or certification authorities that do not want timestamped signatures to verify successfully for an indefinite period of time have two options:

  • Set the lifetime signer OID in the publisher’s signing certificate.

If the publisher’s signing certificate contains the lifetime signer OID in addition to the PKIX code signing OID, the signature becomes invalid when the publisher’s signing certificate expires, even if the signature is timestamped. The lifetime signer OID is defined as follows:

szOID_KP_LIFETIME_SIGNING 1.3.6.1.4.1.311.10.3.13

 

  • Set the WTD_LIFETIME_SIGNING_FLAG in the WINTRUST_DATA structure when calling WinVerifyTrust.

If a WinVerifyTrust caller sets WTD_LIFETIME_SIGNING_FLAG in the WINTRUST_DATA structure and the publisher’s signing certificate has expired, WinVerifyTrust reports the signature as invalid even if the signature is timestamped.

至于为什么会这样,我在某个没有域名的页面找到了如下说法:

As I understand it, the Lifetime Signing OID is present in StartCom code signing certificates because Microsoft required promises about the availability of OCSP and CRLs that StartCom did not think were reasonable to make. The compromise was that Microsoft allowed the StartSSL root into their certificate store, but required the Lifetime Signing OID to be present in StartSSL code-signing certificates.

是真是假无从考证,不过想考虑StartCom的代码签名证书的话还是掂量一下吧。