我想计算一些内容的MD5校验和。如何在 PowerShell 中执行此操作?
19 回答
从 PowerShell 版本 4 开始,使用 cmdlet 可以轻松处理开箱即用的文件Get-FileHash
:
Get-FileHash <filepath> -Algorithm MD5
这当然是更可取的,因为它避免了旧 PowerShell 解决方案提供的问题,如注释中所述(使用流,关闭它,并支持大文件)。
如果内容是字符串:
$someString = "Hello, World!"
$md5 = New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
$utf8 = New-Object -TypeName System.Text.UTF8Encoding
$hash = [System.BitConverter]::ToString($md5.ComputeHash($utf8.GetBytes($someString)))
对于旧 PowerShell 版本
如果内容是文件:
$someFilePath = "C:\foo.txt"
$md5 = New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
$hash = [System.BitConverter]::ToString($md5.ComputeHash([System.IO.File]::ReadAllBytes($someFilePath)))
如果您使用的是PowerShell 社区扩展,则有一个 Get-Hash commandlet 可以轻松完成此操作:
C:\PS> "hello world" | Get-Hash -Algorithm MD5
Algorithm: MD5
Path :
HashString : E42B054623B3799CB71F0883900F2764
这是我使用的处理相对路径和绝对路径的函数:
function md5hash($path)
{
$fullPath = Resolve-Path $path
$md5 = new-object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
$file = [System.IO.File]::Open($fullPath,[System.IO.Filemode]::Open, [System.IO.FileAccess]::Read)
try {
[System.BitConverter]::ToString($md5.ComputeHash($file))
} finally {
$file.Dispose()
}
}
感谢上面的@davor 建议使用 Open() 而不是 ReadAllBytes() 并感谢 @jpmc26 建议使用 finally 块。
这是两行,只需将第 2 行中的“hello”更改为:
PS C:\> [Reflection.Assembly]::LoadWithPartialName("System.Web")
PS C:\> [System.Web.Security.FormsAuthentication]::HashPasswordForStoringInConfigFile("hello", "MD5")
另一个自 2003 年默认安装在 Windows 中的内置命令是Certutil,当然也可以从 PowerShell 调用它。
CertUtil -hashfile file.foo MD5
(警告:MD5 应该全部大写以获得最大的稳健性)
网上有很多使用 ComputeHash() 的例子。我的测试表明,通过网络连接运行时速度非常慢。下面的代码片段对我来说运行得更快,但是您的里程可能会有所不同:
$md5 = [System.Security.Cryptography.MD5]::Create("MD5")
$fd = [System.IO.File]::OpenRead($file)
$buf = New-Object byte[] (1024*1024*8) # 8 MB buffer
while (($read_len = $fd.Read($buf,0,$buf.length)) -eq $buf.length){
$total += $buf.length
$md5.TransformBlock($buf,$offset,$buf.length,$buf,$offset)
Write-Progress -Activity "Hashing File" `
-Status $file -percentComplete ($total/$fd.length * 100)
}
# Finalize the last read
$md5.TransformFinalBlock($buf, 0, $read_len)
$hash = $md5.Hash
# Convert hash bytes to a hexadecimal formatted string
$hash | foreach { $hash_txt += $_.ToString("x2") }
Write-Host $hash_txt
PowerShell One-Liners(字符串到哈希)
MD5
([System.BitConverter]::ToString((New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider).ComputeHash((New-Object -TypeName System.Text.UTF8Encoding).GetBytes("Hello, World!")))).Replace("-","")
SHA1
([System.BitConverter]::ToString((New-Object -TypeName System.Security.Cryptography.SHA1CryptoServiceProvider).ComputeHash((New-Object -TypeName System.Text.UTF8Encoding).GetBytes("Hello, World!")))).Replace("-","")
SHA256
([System.BitConverter]::ToString((New-Object -TypeName System.Security.Cryptography.SHA256CryptoServiceProvider).ComputeHash((New-Object -TypeName System.Text.UTF8Encoding).GetBytes("Hello, World!")))).Replace("-","")
SHA384
([System.BitConverter]::ToString((New-Object -TypeName System.Security.Cryptography.SHA384CryptoServiceProvider).ComputeHash((New-Object -TypeName System.Text.UTF8Encoding).GetBytes("Hello, World!")))).Replace("-","")
SHA512
([System.BitConverter]::ToString((New-Object -TypeName System.Security.Cryptography.SHA512CryptoServiceProvider).ComputeHash((New-Object -TypeName System.Text.UTF8Encoding).GetBytes("Hello, World!")))).Replace("-","")
现在有一个非常方便的 Get-FileHash 函数。
PS C:\> Get-FileHash C:\Users\Andris\Downloads\Contoso8_1_ENT.iso -Algorithm SHA384 | Format-List
Algorithm : SHA384
Hash : 20AB1C2EE19FC96A7C66E33917D191A24E3CE9DAC99DB7C786ACCE31E559144FEAFC695C58E508E2EBBC9D3C96F21FA3
Path : C:\Users\Andris\Downloads\Contoso8_1_ENT.iso
只需更改SHA384
为MD5
.
该示例来自 PowerShell 5.1 的官方文档。该文档有更多示例。
如接受的答案所述,Get-FileHash
很容易与文件一起使用,但也可以将其与字符串一起使用:
$s = "asdf"
Get-FileHash -InputStream ([System.IO.MemoryStream]::New([System.Text.Encoding]::ASCII.GetBytes($s)))
该站点有一个示例:Using Powershell for MD5 Checksums。它使用 .NET 框架实例化 MD5 哈希算法的实例来计算哈希。
这是文章中的代码,包含斯蒂芬的评论:
param
(
$file
)
$algo = [System.Security.Cryptography.HashAlgorithm]::Create("MD5")
$stream = New-Object System.IO.FileStream($Path, [System.IO.FileMode]::Open,
[System.IO.FileAccess]::Read)
$md5StringBuilder = New-Object System.Text.StringBuilder
$algo.ComputeHash($stream) | % { [void] $md5StringBuilder.Append($_.ToString("x2")) }
$md5StringBuilder.ToString()
$stream.Dispose()
如果您从 Microsoft 下载 File Checksum Integrity Verifier (FCIV),这将成为单行程序。
我从这里下载了 FCIV: Availability and description of the File Checksum Integrity Verifier utility
运行以下命令。我有十个文件要检查。
Get-ChildItem WTAM*.tar | % {.\fciv $_.Name}
右键单击菜单选项的示例:
[HKEY_CLASSES_ROOT\*\shell\SHA1 PS check\command]
@="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\powershell.exe -NoExit -Command Get-FileHash -Algorithm SHA1 '%1'"
这是我用来获取给定字符串的 MD5 的片段:
$text = "text goes here..."
$md5 = [Security.Cryptography.MD5CryptoServiceProvider]::new()
$utf8 = [Text.UTF8Encoding]::UTF8
$bytes= $md5.ComputeHash($utf8.GetBytes($text))
$hash = [string]::Concat($bytes.foreach{$_.ToString("x2")})
这将返回远程计算机上文件的 MD5 哈希:
Invoke-Command -ComputerName RemoteComputerName -ScriptBlock {
$fullPath = Resolve-Path 'c:\Program Files\Internet Explorer\iexplore.exe'
$md5 = new-object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
$file = [System.IO.File]::OpenRead($fullPath)
$hash = [System.BitConverter]::ToString($md5.ComputeHash($file))
$hash -replace "-", ""
$file.Dispose()
}
团队!看看我的哈希计算函数。
Function Get-StringHash {
<#
.DESCRIPTION
Get string persistant hash.
#>
[OutputType([string])]
[CmdletBinding()]
Param(
[Parameter( Mandatory = $True, Position = 0, HelpMessage = "String to calculate hash." )]
[string] $String,
[Parameter( Mandatory = $false, Position = 0, HelpMessage = "String encoding." )]
[ValidateSet( 'UTF8' )]
[string] $StringEncoding = 'UTF8',
[Parameter( Mandatory = $false, Position = 2, HelpMessage = "Hash algoritm." )]
[ValidateSet( 'md5', 'sha256', 'sha512' )]
[string] $Algoritm = 'sha256'
)
try {
#region functions
#endregion
$Result = $null
switch ( $Algoritm ) {
'md5' {
$HashProvider = New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
}
'sha256' {
$HashProvider = New-Object -TypeName System.Security.Cryptography.SHA256CryptoServiceProvider
}
'sha512' {
$HashProvider = New-Object -TypeName System.Security.Cryptography.SHA512CryptoServiceProvider
}
Default {}
}
switch ( $StringEncoding ) {
'UTF8' {
$Encoding = New-Object -TypeName System.Text.UTF8Encoding
}
Default {}
}
$Result = [System.BitConverter]::ToString( $HashProvider.ComputeHash( $Encoding.GetBytes( $String ) )).replace('-','')
}
catch {
Get-ErrorReporting -Trap $_
}
return $Result
}
$String = 'Some text'
$Algoritm = 'MD5'
$Hash = Get-StringHash -String $String -Algoritm $Algoritm
write-host "$String has $Algoritm hash $hash"
这是一个尝试验证 SHA256 指纹的漂亮打印示例。我使用 PowerShell v4(需要)下载了 gpg4win v3.0.3 Get-FileHash
。
从https://www.gpg4win.org/download.html下载包,打开 PowerShell,从下载页面获取哈希,然后运行:
cd ${env:USERPROFILE}\Downloads
$file = "gpg4win-3.0.3.exe"
# Set $hash to the hash reference from the download page:
$hash = "477f56212ee60cc74e0c5e5cc526cec52a069abff485c89c2d57d1b4b6a54971"
# If you have an MD5 hash: # $hashAlgo="MD5"
$hashAlgo = "SHA256"
$computed_hash = (Get-FileHash -Algorithm $hashAlgo $file).Hash.ToUpper()
if ($computed_hash.CompareTo($hash.ToUpper()) -eq 0 ) {
Write-Output "Hash matches for file $file"
}
else {
Write-Output ("Hash DOES NOT match for file {0}: `nOriginal hash: {1} `nComputed hash: {2}" -f ($file, $hash.ToUpper(), $computed_hash))
}
输出:
Hash matches for file gpg4win-3.0.3.exe
这是一个单行命令示例,它计算文件的正确校验和,就像您刚刚下载的一样,并将其与原始文件的已发布校验和进行比较。
例如,我写了一个从 Apache JMeter 项目下载的示例。在这种情况下,您有:
- 下载的二进制文件
- 在file.md5中作为一个字符串发布的原始校验和,格式如下:
3a84491f10fb7b147101cf3926c4a855 *apache-jmeter-4.0.zip
然后使用这个 PowerShell 命令,您可以验证下载文件的完整性:
PS C:\Distr> (Get-FileHash .\apache-jmeter-4.0.zip -Algorithm MD5).Hash -eq (Get-Content .\apache-jmeter-4.0.zip.md5 | Convert-String -Example "hash path=hash")
输出:
True
解释:
operator的第一个操作数-eq
是计算文件校验和的结果:
(Get-FileHash .\apache-jmeter-4.0.zip -Algorithm MD5).Hash
第二个操作数是发布的校验和值。我们首先获取 file.md5 的内容,它是一个字符串,然后我们根据字符串格式提取哈希值:
Get-Content .\apache-jmeter-4.0.zip.md5 | Convert-String -Example "hash path=hash"
file和file.md5必须在同一个文件夹中才能运行此命令。
这是我用来获得一致哈希值的方法:
function New-CrcTable {
[uint32]$c = $null
$crcTable = New-Object 'System.Uint32[]' 256
for ($n = 0; $n -lt 256; $n++) {
$c = [uint32]$n
for ($k = 0; $k -lt 8; $k++) {
if ($c -band 1) {
$c = (0xEDB88320 -bxor ($c -shr 1))
}
else {
$c = ($c -shr 1)
}
}
$crcTable[$n] = $c
}
Write-Output $crcTable
}
function Update-Crc ([uint32]$crc, [byte[]]$buffer, [int]$length, $crcTable) {
[uint32]$c = $crc
for ($n = 0; $n -lt $length; $n++) {
$c = ($crcTable[($c -bxor $buffer[$n]) -band 0xFF]) -bxor ($c -shr 8)
}
Write-Output $c
}
function Get-CRC32 {
<#
.SYNOPSIS
Calculate CRC.
.DESCRIPTION
This function calculates the CRC of the input data using the CRC32 algorithm.
.EXAMPLE
Get-CRC32 $data
.EXAMPLE
$data | Get-CRC32
.NOTES
C to PowerShell conversion based on code in https://www.w3.org/TR/PNG/#D-CRCAppendix
Author: Øyvind Kallstad
Date: 06.02.2017
Version: 1.0
.INPUTS
byte[]
.OUTPUTS
uint32
.LINK
https://communary.net/
.LINK
https://www.w3.org/TR/PNG/#D-CRCAppendix
#>
[CmdletBinding()]
param (
# Array of Bytes to use for CRC calculation
[Parameter(Position = 0, ValueFromPipeline = $true)]
[ValidateNotNullOrEmpty()]
[byte[]]$InputObject
)
$dataArray = @()
$crcTable = New-CrcTable
foreach ($item in $InputObject) {
$dataArray += $item
}
$inputLength = $dataArray.Length
Write-Output ((Update-Crc -crc 0xffffffffL -buffer $dataArray -length $inputLength -crcTable $crcTable) -bxor 0xffffffffL)
}
function GetHash() {
[CmdletBinding()]
param(
[Parameter(Position = 0, ValueFromPipeline = $true)]
[ValidateNotNullOrEmpty()]
[string]$InputString
)
$bytes = [System.Text.Encoding]::UTF8.GetBytes($InputString)
$hasCode = Get-CRC32 $bytes
$hex = "{0:x}" -f $hasCode
return $hex
}
function Get-FolderHash {
[CmdletBinding()]
param(
[Parameter(Position = 0, ValueFromPipeline = $true)]
[ValidateNotNullOrEmpty()]
[string]$FolderPath
)
$FolderContent = New-Object System.Collections.ArrayList
Get-ChildItem $FolderPath -Recurse | Where-Object {
if ([System.IO.File]::Exists($_)) {
$FolderContent.AddRange([System.IO.File]::ReadAllBytes($_)) | Out-Null
}
}
$hasCode = Get-CRC32 $FolderContent
$hex = "{0:x}" -f $hasCode
return $hex.Substring(0, 8).ToLower()
}
(
[System.Security.Cryptography.MD5CryptoServiceProvider]::new().ComputeHash(
[System.Text.UTF8Encoding]::new().GetBytes($yourText)
) `
| %{ [Convert]::ToString($_, 16) }
) -join ''
$yourText = 'hello'
产量5d41402abc4b2a76b9719d911017c592