use new cert functions for save an lookup

This commit is contained in:
OCram85 2019-04-05 11:21:25 +02:00
parent c26fc7d43d
commit 381d0abf7d
4 changed files with 5 additions and 113 deletions

View File

@ -87,43 +87,7 @@ function Get-CredentialStoreItem {
$CSMembers = Get-Member -InputObject $CS $CSMembers = Get-Member -InputObject $CS
# Let's first check if the given remote host exists as object property # Let's first check if the given remote host exists as object property
if (($CSMembers.MemberType -eq "NoteProperty") -and ($CSMembers.Name -contains $CredentialName)) { if (($CSMembers.MemberType -eq "NoteProperty") -and ($CSMembers.Name -contains $CredentialName)) {
try { $Cert = Get-CSCertificate -Type $CS.Type -Thumbprint $CS.Thumbprint
if ($null -eq $CS.PfxCertificate) {
if ($CS.Type -eq 'Private') {
$Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint
}
elseif ($CS.Type -eq 'Shard') {
if (Test-CSCertificate -Thumbprint $CS.Thumbprint -StoreName My -StoreLocation LocalMachine) {
$Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint -StoreName My -StoreLocation LocalMachine
}
elseif (Test-CSCertificate -Thumbprint $CS.Thumbprint -StoreName Root -StoreLocation LocalMachine) {
$Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint -StoreName Root -StoreLocation LocalMachine
}
else {
$ErrorParams = @{
ErrorAction = 'Stop'
Exception = [System.Exception]::new(
('Could not find any certificate with thumbprint {0}' -f $CS.Thumbprint)
)
}
Write-Error @ErrorParams
}
}
}
else {
$Cert = Get-PfxCertificate -FilePath $CS.PfxCertificate -ErrorAction Stop
}
}
catch {
$_.Exception.Message | Write-Error
$ErrorParams = @{
ErrorAction = 'Stop'
Exception = [System.Security.Cryptography.CryptographicException]::new(
'Could not read the given PFX certificate.'
)
}
Write-Error @ErrorParams
}
$DecryptedKey = $Cert.PrivateKey.Decrypt( $DecryptedKey = $Cert.PrivateKey.Decrypt(
[Convert]::FromBase64String($CS.$CredentialName.EncryptedKey), [Convert]::FromBase64String($CS.$CredentialName.EncryptedKey),
[System.Security.Cryptography.RSAEncryptionPadding]::Pkcs1 [System.Security.Cryptography.RSAEncryptionPadding]::Pkcs1

View File

@ -116,43 +116,7 @@ function New-CredentialStoreItem {
} }
if ($Credential.UserName) { if ($Credential.UserName) {
try { $Cert = Get-CSCertificate -Type $CSContent.Type -Thumbprint $CSContent.Thumbprint
if ($null -eq $CSContent.PfxCertificate) {
if ($CSContent.Type -eq 'Private') {
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint
}
elseif ($CSContent.Type -eq 'Shard') {
if (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine) {
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine
}
elseif (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine) {
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine
}
else {
$ErrorParams = @{
ErrorAction = 'Stop'
Exception = [System.Exception]::new(
('Could not find any certificate with thumbprint {0}' -f $CSContent.Thumbprint)
)
}
Write-Error @ErrorParams
}
}
}
else {
$Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop
}
}
catch {
$_.Exception.Message | Write-Error
$ErrorParams = @{
ErrorAction = 'Stop'
Exception = [System.Security.Cryptography.CryptographicException]::new(
'Could not read the given PFX certificate.'
)
}
Write-Error @ErrorParams
}
if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) { if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) {
$MessageParams = @{ $MessageParams = @{

View File

@ -102,43 +102,7 @@ function Set-CredentialStoreItem {
} }
if ($Credential.UserName) { if ($Credential.UserName) {
try { $Cert = Get-CSCertificate -Type $CSContent.Type -Thumbprint $CSContent.Thumbprint
if ($null -eq $CSContent.PfxCertificate) {
if ($CSContent.Type -eq 'Private') {
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint
}
elseif ($CSContent.Type -eq 'Shard') {
if (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine) {
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine
}
elseif (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine) {
$Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine
}
else {
$ErrorParams = @{
ErrorAction = 'Stop'
Exception = [System.Exception]::new(
('Could not find any certificate with thumbprint {0}' -f $CSContent.Thumbprint)
)
}
Write-Error @ErrorParams
}
}
}
else {
$Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop
}
}
catch {
$_.Exception.Message | Write-Error
$ErrorParams = @{
ErrorAction = 'Stop'
Exception = [System.Security.Cryptography.CryptographicException]::new(
'Could not read the given PFX certificate.'
)
}
Write-Error @ErrorParams
}
if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) { if (Get-Member -InputObject $CSContent -Name $CredentialName -Membertype Properties) {
$RSAKey = Get-RandomAESKey $RSAKey = Get-RandomAESKey

View File

@ -141,7 +141,7 @@ function New-CredentialStore {
OrganizationalUnitName = $PSCmdlet.ParameterSetName OrganizationalUnitName = $PSCmdlet.ParameterSetName
CommonName = 'PSCredentialStore' CommonName = 'PSCredentialStore'
} }
$CRTAttribute = New-CRTAttribute @CRTParams $CRTAttribute = New-CSCertAttribute @CRTParams
# If we are working with a ne shared store we have to create the location first. # If we are working with a ne shared store we have to create the location first.
# Otherwise openssl fails with unknown path # Otherwise openssl fails with unknown path
@ -171,7 +171,7 @@ function New-CredentialStore {
} }
try { try {
New-PfxCertificate @PfxParams New-CSCertificate @PfxParams
} }
catch { catch {
$_.Exception.Message | Write-Error $_.Exception.Message | Write-Error