PoshCode Logo PowerShell Code Repository

Get-PrivateKeyPath by HQJaTu 25 months ago
View followups from Francisco Daniel | embed code: <script type="text/javascript" src="http://PoshCode.org/embed/3637"></script>download | new post

Improved version of http://poshcode.org/2352. Nobody seems to know how that should be used. See also MSDN for FindPrivateKey documentation.

  1. #requires -Version 2.0
  2. #
  3. # Example 1:
  4. # Get-PrivateKeyPath CN=DO_NOT_TRUST_FiddlerRoot -StoreName My -StoreScope CurrentUser
  5. # Example 2:
  6. # Get-PrivateKeyPath D359ECDC338CFDDCE86DDDA99BE36286BAE2018A
  7. function Get-PrivateKeyPath
  8. {
  9.         param
  10.         (
  11.                 [Parameter(Mandatory = $true, Position = 0)]
  12.                 [string]
  13.                 $CertificateInput,
  14.                
  15.                 [string]
  16.                 [ValidateSet('TrustedPublisher','Remote Desktop','Root','REQUEST','TrustedDevices','CA','Windows Live ID Token Issuer','AuthRoot','TrustedPeople','AddressBook','My','SmartCardRoot','Trust','Disallowed')]
  17.                 $StoreName = 'My',
  18.                
  19.                 [string]
  20.                 [ValidateSet('LocalMachine','CurrentUser')]
  21.                 $StoreScope = 'CurrentUser'
  22.         )
  23.         begin
  24.         {
  25.                 Add-Type -AssemblyName System.Security
  26.         }
  27.        
  28.         process
  29.         {
  30.                 if ($CertificateInput -match "^CN=") {
  31.                         # Common name given
  32.                         # Extract thumbprint(s) of possible certificate(s) with matching common name
  33.                         $MatchingThumbprints = Get-ChildItem cert:\$StoreScope\$StoreName |
  34.                                                 Where-Object { $_.Subject -match "^" + $CertificateInput + ",?" } |
  35.                                                 Select-Object Thumbprint
  36.                 } else {
  37.                         # Assuming thumbprint
  38.                         # Create array of hashes, similar to output of Select-Object
  39.                         $MatchingThumbprints = @(@{"Thumbprint" = $CertificateInput})
  40.                 }
  41.                 if ($MatchingThumbprints.count -eq 0) {
  42.                         write-error ("Could not find any matching certificates.") -ErrorAction:Stop
  43.                 }
  44.                
  45.                 $CertificateStore = new-object System.Security.Cryptography.X509Certificates.X509Store([System.Security.Cryptography.X509Certificates.StoreLocation]$StoreScope)
  46.                 $CertificateStore.open([System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly")
  47.                 $CertCollection = $CertificateStore.Certificates
  48.                 Foreach ($Thumbprint in $MatchingThumbprints) {
  49.                         $MatchingCertificates = $CertCollection.Find([System.Security.Cryptography.X509Certificates.X509FindType]"FindByThumbprint", $Thumbprint.Thumbprint, $false)
  50.                         $stat = $?
  51.                         if ($stat -eq $false -or $MatchingCertificates.count -eq 0) {
  52.                                 write-error ("Internal error: Could not find certificate by thumbprint " + $Thumbprint.Thumbprint) -ErrorAction:Stop
  53.                         }
  54.                        
  55.                         Foreach ($Certificate in $MatchingCertificates) {
  56.                                 if ($Certificate.PrivateKey -eq $null) {
  57.                                         Write-Error ("Certificate doesn't have Private Key") -ErrorAction:Stop
  58.                                 }
  59.  
  60.                                 Switch ($StoreScope)
  61.                                 {
  62.                                         "LocalMachine" { $PrivateKeysPath = [System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::CommonApplicationData) + "\Microsoft\Crypto\RSA\MachineKeys"        }
  63.                                         "CurrentUser" { $PrivateKeysPath = [System.Environment]::GetFolderPath([System.Environment+SpecialFolder]::ApplicationData) + "\Microsoft\Crypto\RSA" }
  64.                                 }
  65.  
  66.                                 $PrivateKeyPath = $PrivateKeysPath + "\" + $Certificate.PrivateKey.CspKeyContainerInfo.UniqueKeyContainerName
  67.                                 $PrivateKeyPath
  68.                         }
  69.                 }
  70.         }
  71.  
  72.         end
  73.         {
  74.         }
  75. }

Submit a correction or amendment below (
click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting:


Remember me