C# 获得;“指纹”;.cat文件中安全目录标记的值
我想比较2个安全目录(.cat)文件的每个标记的哈希值 我使用CryptCATEnumerateMember函数获取所有标记,并尝试使用CryptCATEnumerateAttr获取哈希值,但这不起作用C# 获得;“指纹”;.cat文件中安全目录标记的值,c#,winapi,cryptography,catalog,C#,Winapi,Cryptography,Catalog,我想比较2个安全目录(.cat)文件的每个标记的哈希值 我使用CryptCATEnumerateMember函数获取所有标记,并尝试使用CryptCATEnumerateAttr获取哈希值,但这不起作用 IntPtr pMemberPtr=CatalogFunctions.CryptCATEnumerateMember(hCatalog,IntPtr.Zero); while(pMemberPtr!=IntPtr.Zero) { CRYPTCATMEMBER cdf=(CRYPTCATMEMBE
IntPtr pMemberPtr=CatalogFunctions.CryptCATEnumerateMember(hCatalog,IntPtr.Zero);
while(pMemberPtr!=IntPtr.Zero)
{
CRYPTCATMEMBER cdf=(CRYPTCATMEMBER)Marshal.PtrToStructure(pMemberPtr,typeof(CRYPTCATMEMBER));
IntPtr pAttributePtr=CatalogFunctions.CryptCATEnumerateAttr(hCatalog、pMemberPtr、IntPtr.Zero);
while(pAttributePtr!=IntPtr.Zero)
{
cryptcattribute cdfa=(cryptcattribute)Marshal.PtrToStructure(pAttributePtr,typeof(cryptcattribute));
Add(cdfa.cbValue.ToString());
pAttributePtr=CatalogFunctions.CryptCATEnumerateAttr(hCatalog,pMemberPtr,pAttributePtr);
}
添加数据(cdf.pwszReferenceTag);
pMemberPtr=CatalogFunctions.CryptCATEnumerateMember(hCatalog,pMemberPtr);
}
//使用函数和类:
[DllImport(“Wintrust.dll”)]
公共静态外部不安全IntPtr CryptCATEnumerateMember(
IntPtr hCatalog,
IntPtr成员);
[DllImport(“Wintrust.dll”)]
公共静态外部不安全IntPtr CryptCATEnumerateAttr(
IntPtr hCatalog,
IntPtr PCAT成员,
IntPtr pPrevAttr);
[StructLayout(LayoutKind.Sequential)]
公共类CRYPTCATATTRIBUTE{
公共部门;
公共字符串pwszReferenceTag;
公共uint属性类型和操作;
公共价值;
公共不安全字节*pdValue;
公共单位保留;
}
[StructLayout(LayoutKind.Sequential)]
公共类加密成员
{
公共部门;
[Marshallas(UnmanagedType.LPWStr)]
公共字符串pwszReferenceTag;
[Marshallas(UnmanagedType.LPWStr)]
公共字符串pwszFileName;
公共GUID gSubjectType;
公众国旗;
公共IntPtr pIndirectData;
公共uint DWCERT版本;
公共单位保留;
公众参与;
公共加密API_BLOB sEncodedIndirectData;
公开加密API_BLOB sEncodedMemberInfo;
}
该项目可以编译,但pAttributePtr始终指向0。这对我来说很有效(在Windows 10上测试,VS 2015,使用C:\Program Files\USBPcap\usbpcapamd64.cat文件=>
公共部分类表单1:表单
{
[DllImport(“Wintrust.dll”,SetLastError=true,CharSet=CharSet.Auto)]
公共静态外部IntPtr CryptCATOpen(字符串pwszFileName、int-fdwOpenFlags、IntPtr-hProv、int-dwPublicVersion、int-dwEncodingType);
[DllImport(“Wintrust.dll”,SetLastError=true)]
公共静态外部bool CryptCATClose(IntPtr hCatalog);
[DllImport(“Wintrust.dll”,SetLastError=true)]
公共静态外部IntPtr CryptCATEnumerateMember(IntPtr hCatalog、IntPtr pPrevMember);
[DllImport(“Wintrust.dll”,SetLastError=true)]
公共静态外部IntPtr CryptCATEnumerateAttr(IntPtr hCatalog、IntPtr pCatMember、IntPtr pPrevAttr);
public const int无效的句柄值=-1;
[StructLayout(LayoutKind.Sequential)]
公共结构CRYPTCATMEMBER
{
public int cbStruct;/=sizeof(CRYPTCATMEMBER)
公共IntPtr pwszReferenceTag;
public IntPtr pwszFileName;//仅由CDF API使用
公共Guid gSubjectType;//可以是零——请参阅sEncodedMemberInfo
公共国旗;
public IntPtr pIndirectData;//可能为空--请参阅sEncodedIndirectData
public int dwCertVersion;//可能为零--请参阅sEncodedMemberInfo
public int dwReserved;//由枚举使用--不要使用!
public IntPtr hReserved;//pStack(attrs)(如果init为null)INTERNAL!
公共密码\u ATTR\u BLOB sEncodedIndirectData;//延迟解码
公共密码\u ATTR\u BLOB sEncodedMemberInfo;//延迟解码
}
[StructLayout(LayoutKind.Sequential)]
公共结构CRYPT\u ATTR\u BLOB
{
公共数据;
公共IntPtr数据;
}
[StructLayout(LayoutKind.Sequential)]
公共结构SIP_间接_数据
{
公共密码\u属性\u类型\u值数据;//编码属性
public CRYPT\u ALGORITHM\u IDENTIFIER DigestAlgorithm;//用于散列的摘要算法
公开密码摘要;
}
[StructLayout(LayoutKind.Sequential)]
公共结构加密算法标识符
{
公共IntPtr pszObjId;
公共CRYPT_OBJID_BLOB参数;
}
[StructLayout(LayoutKind.Sequential)]
公共结构加密属性类型值
{
公共IntPtr pszObjId;
公共密码\u OBJID\u BLOB值;
}
[StructLayout(LayoutKind.Sequential)]
公共结构CRYPT\u OBJID\u BLOB
{
公共数据;
公共IntPtr数据;
}
[StructLayout(LayoutKind.Sequential)]
公共结构CRYPT\u HASH\u BLOB
{
公共数据;
公共IntPtr数据;
}
[StructLayout(LayoutKind.Sequential)]
公共结构CRYPTCATATTRIBUTE
{
public int cbStruct;/=sizeof(cryptcattribute)
公共IntPtr pwszReferenceTag;
公共int DWATTRIPEANDACTION;
公共价值;
public IntPtr pbValue;//编码的CAT_NAMEVALU
public partial class Form1 : Form
{
[DllImport("Wintrust.dll", SetLastError = true, CharSet = CharSet.Auto)]
public static extern IntPtr CryptCATOpen(string pwszFileName, int fdwOpenFlags, IntPtr hProv, int dwPublicVersion, int dwEncodingType);
[DllImport("Wintrust.dll", SetLastError = true)]
public static extern bool CryptCATClose(IntPtr hCatalog);
[DllImport("Wintrust.dll", SetLastError = true)]
public static extern IntPtr CryptCATEnumerateMember(IntPtr hCatalog, IntPtr pPrevMember);
[DllImport("Wintrust.dll", SetLastError = true)]
public static extern IntPtr CryptCATEnumerateAttr(IntPtr hCatalog, IntPtr pCatMember, IntPtr pPrevAttr);
public const int INVALID_HANDLE_VALUE = -1;
[StructLayout(LayoutKind.Sequential)]
public struct CRYPTCATMEMBER
{
public int cbStruct; // = sizeof(CRYPTCATMEMBER)
public IntPtr pwszReferenceTag;
public IntPtr pwszFileName; // used only by the CDF APIs
public Guid gSubjectType; // may be zeros -- see sEncodedMemberInfo
public int fdwMemberFlags;
public IntPtr pIndirectData; // may be null -- see sEncodedIndirectData
public int dwCertVersion; // may be zero -- see sEncodedMemberInfo
public int dwReserved; // used by enum -- DO NOT USE!
public IntPtr hReserved; // pStack(attrs) (null if init) INTERNAL!
public CRYPT_ATTR_BLOB sEncodedIndirectData; // lazy decode
public CRYPT_ATTR_BLOB sEncodedMemberInfo; // lazy decode
}
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_ATTR_BLOB
{
public int cbData;
public IntPtr pbData;
}
[StructLayout(LayoutKind.Sequential)]
public struct SIP_INDIRECT_DATA
{
public CRYPT_ATTRIBUTE_TYPE_VALUE Data; // Encoded attribute
public CRYPT_ALGORITHM_IDENTIFIER DigestAlgorithm; // Digest algorithm used to hash
public CRYPT_HASH_BLOB Digest;
}
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_ALGORITHM_IDENTIFIER
{
public IntPtr pszObjId;
public CRYPT_OBJID_BLOB Parameters;
}
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_ATTRIBUTE_TYPE_VALUE
{
public IntPtr pszObjId;
public CRYPT_OBJID_BLOB Value;
}
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_OBJID_BLOB
{
public int cbData;
public IntPtr pbData;
}
[StructLayout(LayoutKind.Sequential)]
public struct CRYPT_HASH_BLOB
{
public int cbData;
public IntPtr pbData;
}
[StructLayout(LayoutKind.Sequential)]
public struct CRYPTCATATTRIBUTE
{
public int cbStruct; // = sizeof(CRYPTCATATTRIBUTE)
public IntPtr pwszReferenceTag;
public int dwAttrTypeAndAction;
public int cbValue;
public IntPtr pbValue; // encoded CAT_NAMEVALUE struct
public int dwReserved; // used by enum -- DO NOT USE!
}
public Form1()
{
InitializeComponent();
}
private void Form1_Load(object sender, EventArgs e)
{
IntPtr hCatalog = CryptCATOpen("C:\\Program Files\\USBPcap\\usbpcapamd64.cat", 0, IntPtr.Zero, 0, 0);
if (hCatalog != (IntPtr)INVALID_HANDLE_VALUE)
{
IntPtr pMember = IntPtr.Zero;
while ((pMember = CryptCATEnumerateMember(hCatalog, pMember)) != IntPtr.Zero)
{
CRYPTCATMEMBER pCRYPTCATMEMBER = (CRYPTCATMEMBER)Marshal.PtrToStructure(pMember, typeof(CRYPTCATMEMBER));
SIP_INDIRECT_DATA pSIP_INDIRECT_DATA = (SIP_INDIRECT_DATA)Marshal.PtrToStructure(pCRYPTCATMEMBER.pIndirectData, typeof(SIP_INDIRECT_DATA));
StringBuilder sbData = new StringBuilder();
IntPtr pData = pSIP_INDIRECT_DATA.Digest.pbData;
for (int i = 0; i < pSIP_INDIRECT_DATA.Digest.cbData; i++)
{
byte byteValue = Marshal.ReadByte(pData);
sbData.Append(string.Format("{0:X}", byteValue));
pData += 1;
}
Console.WriteLine("Data = " + sbData.ToString());
IntPtr pAttr = IntPtr.Zero;
while ((pAttr = CryptCATEnumerateAttr(hCatalog, pMember, pAttr)) != IntPtr.Zero)
{
CRYPTCATATTRIBUTE pCRYPTCATATTRIBUTE = (CRYPTCATATTRIBUTE)Marshal.PtrToStructure(pAttr, typeof(CRYPTCATATTRIBUTE));
string sReferenceTag = Marshal.PtrToStringUni(pCRYPTCATATTRIBUTE.pwszReferenceTag);
Console.WriteLine("\tReferenceTag = " + sReferenceTag);
StringBuilder sbValue = new StringBuilder();
IntPtr pValue = pCRYPTCATATTRIBUTE.pbValue;
for (int i = 0; i < pCRYPTCATATTRIBUTE.cbValue; i++)
{
byte byteValue = Marshal.ReadByte(pValue);
sbValue.Append(string.Format("{0:X}", byteValue));
pValue += 1;
}
Console.WriteLine("\tValue = " + sbValue.ToString());
}
}
CryptCATClose(hCatalog);
}
else throw new Win32Exception(Marshal.GetLastWin32Error());
}
}