use new cert functions for save an lookup
This commit is contained in:
parent
c26fc7d43d
commit
381d0abf7d
@ -87,43 +87,7 @@ function Get-CredentialStoreItem {
|
|||||||
$CSMembers = Get-Member -InputObject $CS
|
$CSMembers = Get-Member -InputObject $CS
|
||||||
# Let's first check if the given remote host exists as object property
|
# Let's first check if the given remote host exists as object property
|
||||||
if (($CSMembers.MemberType -eq "NoteProperty") -and ($CSMembers.Name -contains $CredentialName)) {
|
if (($CSMembers.MemberType -eq "NoteProperty") -and ($CSMembers.Name -contains $CredentialName)) {
|
||||||
try {
|
$Cert = Get-CSCertificate -Type $CS.Type -Thumbprint $CS.Thumbprint
|
||||||
if ($null -eq $CS.PfxCertificate) {
|
|
||||||
if ($CS.Type -eq 'Private') {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint
|
|
||||||
}
|
|
||||||
elseif ($CS.Type -eq 'Shard') {
|
|
||||||
if (Test-CSCertificate -Thumbprint $CS.Thumbprint -StoreName My -StoreLocation LocalMachine) {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint -StoreName My -StoreLocation LocalMachine
|
|
||||||
}
|
|
||||||
elseif (Test-CSCertificate -Thumbprint $CS.Thumbprint -StoreName Root -StoreLocation LocalMachine) {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint -StoreName Root -StoreLocation LocalMachine
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$ErrorParams = @{
|
|
||||||
ErrorAction = 'Stop'
|
|
||||||
Exception = [System.Exception]::new(
|
|
||||||
('Could not find any certificate with thumbprint {0}' -f $CS.Thumbprint)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
Write-Error @ErrorParams
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$Cert = Get-PfxCertificate -FilePath $CS.PfxCertificate -ErrorAction Stop
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch {
|
|
||||||
$_.Exception.Message | Write-Error
|
|
||||||
$ErrorParams = @{
|
|
||||||
ErrorAction = 'Stop'
|
|
||||||
Exception = [System.Security.Cryptography.CryptographicException]::new(
|
|
||||||
'Could not read the given PFX certificate.'
|
|
||||||
)
|
|
||||||
}
|
|
||||||
Write-Error @ErrorParams
|
|
||||||
}
|
|
||||||
$DecryptedKey = $Cert.PrivateKey.Decrypt(
|
$DecryptedKey = $Cert.PrivateKey.Decrypt(
|
||||||
[Convert]::FromBase64String($CS.$CredentialName.EncryptedKey),
|
[Convert]::FromBase64String($CS.$CredentialName.EncryptedKey),
|
||||||
[System.Security.Cryptography.RSAEncryptionPadding]::Pkcs1
|
[System.Security.Cryptography.RSAEncryptionPadding]::Pkcs1
|
||||||
|
@ -116,43 +116,7 @@ function New-CredentialStoreItem {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($Credential.UserName) {
|
if ($Credential.UserName) {
|
||||||
try {
|
$Cert = Get-CSCertificate -Type $CSContent.Type -Thumbprint $CSContent.Thumbprint
|
||||||
if ($null -eq $CSContent.PfxCertificate) {
|
|
||||||
if ($CSContent.Type -eq 'Private') {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint
|
|
||||||
}
|
|
||||||
elseif ($CSContent.Type -eq 'Shard') {
|
|
||||||
if (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine) {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine
|
|
||||||
}
|
|
||||||
elseif (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine) {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$ErrorParams = @{
|
|
||||||
ErrorAction = 'Stop'
|
|
||||||
Exception = [System.Exception]::new(
|
|
||||||
('Could not find any certificate with thumbprint {0}' -f $CSContent.Thumbprint)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
Write-Error @ErrorParams
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch {
|
|
||||||
$_.Exception.Message | Write-Error
|
|
||||||
$ErrorParams = @{
|
|
||||||
ErrorAction = 'Stop'
|
|
||||||
Exception = [System.Security.Cryptography.CryptographicException]::new(
|
|
||||||
'Could not read the given PFX certificate.'
|
|
||||||
)
|
|
||||||
}
|
|
||||||
Write-Error @ErrorParams
|
|
||||||
}
|
|
||||||
|
|
||||||
if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) {
|
if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) {
|
||||||
$MessageParams = @{
|
$MessageParams = @{
|
||||||
|
@ -102,43 +102,7 @@ function Set-CredentialStoreItem {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($Credential.UserName) {
|
if ($Credential.UserName) {
|
||||||
try {
|
$Cert = Get-CSCertificate -Type $CSContent.Type -Thumbprint $CSContent.Thumbprint
|
||||||
if ($null -eq $CSContent.PfxCertificate) {
|
|
||||||
if ($CSContent.Type -eq 'Private') {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint
|
|
||||||
}
|
|
||||||
elseif ($CSContent.Type -eq 'Shard') {
|
|
||||||
if (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine) {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine
|
|
||||||
}
|
|
||||||
elseif (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine) {
|
|
||||||
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$ErrorParams = @{
|
|
||||||
ErrorAction = 'Stop'
|
|
||||||
Exception = [System.Exception]::new(
|
|
||||||
('Could not find any certificate with thumbprint {0}' -f $CSContent.Thumbprint)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
Write-Error @ErrorParams
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch {
|
|
||||||
$_.Exception.Message | Write-Error
|
|
||||||
$ErrorParams = @{
|
|
||||||
ErrorAction = 'Stop'
|
|
||||||
Exception = [System.Security.Cryptography.CryptographicException]::new(
|
|
||||||
'Could not read the given PFX certificate.'
|
|
||||||
)
|
|
||||||
}
|
|
||||||
Write-Error @ErrorParams
|
|
||||||
}
|
|
||||||
|
|
||||||
if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) {
|
if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) {
|
||||||
$RSAKey = Get-RandomAESKey
|
$RSAKey = Get-RandomAESKey
|
||||||
|
@ -141,7 +141,7 @@ function New-CredentialStore {
|
|||||||
OrganizationalUnitName = $PSCmdlet.ParameterSetName
|
OrganizationalUnitName = $PSCmdlet.ParameterSetName
|
||||||
CommonName = 'PSCredentialStore'
|
CommonName = 'PSCredentialStore'
|
||||||
}
|
}
|
||||||
$CRTAttribute = New-CRTAttribute @CRTParams
|
$CRTAttribute = New-CSCertAttribute @CRTParams
|
||||||
|
|
||||||
# If we are working with a ne shared store we have to create the location first.
|
# If we are working with a ne shared store we have to create the location first.
|
||||||
# Otherwise openssl fails with unknown path
|
# Otherwise openssl fails with unknown path
|
||||||
@ -171,7 +171,7 @@ function New-CredentialStore {
|
|||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
New-PfxCertificate @PfxParams
|
New-CSCertificate @PfxParams
|
||||||
}
|
}
|
||||||
catch {
|
catch {
|
||||||
$_.Exception.Message | Write-Error
|
$_.Exception.Message | Write-Error
|
||||||
|
Loading…
Reference in New Issue
Block a user