Microsoft安全目录格式文档和API示例 [英] Microsoft Security Catalog Format Documentation and API Samples

问题描述

我正在寻找有关用于Microsoft安全目录的API的任何文档，或者替代于此，有关文件格式的信息，以便我可以编写自己的解析器。

I'm looking for any documentation on the API for working with Microsoft Security Catalogs, or in lieu of that, information on the file format so that I may write my own parser.

简而言之，我有一些需要使用的.cat文件。在十六进制编辑器中查看文件时，它们显然具有不同的区域，这些区域以某种方式被分隔（看起来像典型的二进制保存结构）。我需要从中获取某些信息，而忽略其他信息。

In short, I have some .cat files that I need to be able to work with. Looking at the file in a hex editor, they obviously have different regions, which are delimited somehow (looks like typical binary saved structs). I need to get certain information out of them, and ignore other information.

我可能可以对格式进行逆向工程并解析出我需要的东西，但是我更愿意通过Win32 API来做到这一点，或者至少将解析器编写为格式正确，而不仅仅是能够做我需要做的事情。

I could probably reverse engineer the format and parse out what I need, but I'd prefer to do that either through the Win32 API, or at least write my parser to be correct for the format, instead of just "able to do what I need it to do".

MSCAT32.DLL似乎是重要的，但我不确定它是否具有导出功能来满足我的需要……有点神秘（无双关语） ）。

MSCAT32.DLL seems to be the signficant one, but I'm not sure it has exports to do what I need... It's a bit cryptic (no pun intended).

所有信息都是有帮助的。

Any information at all would be helpful.

只是在这里扔了几个关键字...

Just to toss a few more keywords in here...

MIME类型是：application / vnd .ms-pki.seccat
魔术头字节为：30 80 09 06
文件中的字段分隔符似乎为：EOT（04）和€（80）
一个程序生成它们的是：MakeCat.exe

The MIME type is: application/vnd.ms-pki.seccat The magic header bytes are: 30 80 09 06 The field delimiters in the file seem to be: EOT (04) and € (80) A program that generates them is: MakeCat.exe

推荐答案

Microsoft安全目录只不过是二进制文件，以ASN.1 DER格式编码。该文件内部是PKCS＃7签名的数据，带有Microsoft特定内容的其他字段（使用Microsoft OID编码）。
这些OID的列表可以在这里找到： https://support.microsoft .com / en-us / kb / 287547

Microsoft Security Catalogs are nothing more than binary files, coded in ASN.1 DER format. Inside the file is PKCS#7 signed data with additional fields for Microsoft specific stuff (coded with Microsoft OIDs). A list of these OIDs can be found here: https://support.microsoft.com/en-us/kb/287547

如果您想解码ASN.1 DER，请使用以下基于JavaScript的编码器： http://lapo.it/asn1js/

If you want to decode ASN.1 DER, use for example this JavaScript based encoder: http://lapo.it/asn1js/

方式： 30 80 09 06 并不是文件魔术，而是意味着有一个建设性的 SEQUENCE 从此处开始。 ASN.1 DER文件没有任何魔术，但是以 SEQUENCE （在DER中编码为 0x30 ）开头在很多情况下。

By the way: 30 80 09 06 is not the file magic, but means there is a constructive SEQUENCE with unknown length starting there. ASN.1 DER Files do not have any magic, but start with a SEQUENCE (which is coded in DER as 0x30 in many cases.

这篇关于Microsoft安全目录格式文档和API示例的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！