RubyGems - win32-certstore - Versions diffs - 0.5.3 → 0.6.1 - Mend

win32-certstore 0.5.3 → 0.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/win32/certstore.rb +12 -0
data/lib/win32/certstore/mixin/helper.rb +44 -12
data/lib/win32/certstore/store_base.rb +12 -2
data/lib/win32/certstore/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b391e4d81e324162538a2a3644aea74f0da1f8679409733a58dcf4c590734a6c
-  data.tar.gz: 5ed7821ec5bffe58cb09608cfc008b287874b5ddafe8556662fa27f42a25c1b1
+  metadata.gz: 63c8c4f2aaa89a78a8123d98079710df407a3930b0f4b5a6ef3ff2232c11ba05
+  data.tar.gz: 8641dfff337fe7b702783becfcfbfbba6b2a66af189eeb511897c2f0cb5e7d6c
 SHA512:
-  metadata.gz: fc5c77cd659695ac3a58480ab875a6c5daa2b93cd83e45f1fcdfcd1bd89e0cf9653d38d63ae9e5260ecff90a7277f6ee600b91137665d53e672fbb77e1543cfb
-  data.tar.gz: 5b6a8025b85ae8ce026a9a7b603a35137000525ba182bbbcc8fc9667fb78dd6cf179ad1cfbb1cbdcdf582dd4749f82795a17df01181720d7f77a36a4477dc639
+  metadata.gz: 4f255e439feee57642565bd9fca87f19140b5f95c38eed0a1e8621326749dd5274c0b72c8211bddfbec265820bff4b8d2ad9460ebbf5c30fa1d6607a7e81f204
+  data.tar.gz: 4efd363fb264fc8501f0f9e105e79f7537319838aafc0cb751387a73360386186d326dedd51522907aa131fe74c1b3ba07bd7b3f6f16a1283f5f59203d96a6a7

data/lib/win32/certstore.rb CHANGED Viewed

@@ -78,6 +78,18 @@ module Win32
       cert_get(certificate_thumbprint)
     end
+    # Returns a filepath to a PKCS12 container. The filepath is in a temporary folder so normal housekeeping by the OS should clear it.
+    # However, you should delete it yourself anyway.
+    # @param certificate_thumbprint [String] Is the thumbprint of the pfx blob you want to capture
+    # @param store_location: [String] A location in the Cert store where the pfx is located, typically 'LocalMachine'
+    # @param export_password: [String] The password to export with. P12 objects are an encrypted container that have a private key in \
+    # them and a password is required to export them.
+    # @param output_path: [String] The path where the you want P12 exported to.
+    # @return [Object] of certificate set in PKSC12 format at the path specified above
+    def get_pfx(certificate_thumbprint, store_location: @store_location, export_password:, output_path: "")
+      get_cert_pfx(certificate_thumbprint, store_location: store_location, export_password: export_password, output_path: output_path)
+    end
     # Returns all the certificates in a store
     # @param [nil]
     # @return [Array] array of certificates list

data/lib/win32/certstore/mixin/helper.rb CHANGED Viewed

@@ -21,20 +21,52 @@ module Win32
   class Certstore
     module Mixin
       module Helper
-        # PSCommand to search certificate from thumbprint and convert in pem
-        def cert_ps_cmd(thumbprint, store_name, store_location: CERT_SYSTEM_STORE_LOCAL_MACHINE)
+        # PSCommand to search certificate from thumbprint and either turn it into a pem or return a path to a pfx object
+        def cert_ps_cmd(thumbprint, store_location: "LocalMachine", export_password: "1234", output_path: "")
           <<-EOH
-            $content = $null
-            $cert = Get-ChildItem Cert:\\'#{store_location}'\\'#{store_name}' -Recurse | Where { $_.Thumbprint -eq '#{thumbprint}' }
-            if($cert -ne $null)
-            {
-            $content = @(
-              '-----BEGIN CERTIFICATE-----'
-              [System.Convert]::ToBase64String($cert.RawData, 'InsertLineBreaks')
-              '-----END CERTIFICATE-----'
-            )
+            $cert = Get-ChildItem Cert:\'#{store_location}' -Recurse | Where { $_.Thumbprint -eq '#{thumbprint}' }
+            # The function and the code below test to see if a) the cert has a private key and b) it has a
+            # Enhanced Usage of Client Auth. Those 2 attributes would mean this is a pfx-able object
+            function test_cert_values{
+              $usagelist = ($cert).EnhancedKeyUsageList
+              foreach($use in $usagelist){
+                if($use.FriendlyName -like "Client Authentication" ){
+                    return $true
+                }
+              }
+              return $false
+            }
+            $result = test_cert_values
+            $output_path = "#{output_path}"
+            if([string]::IsNullOrEmpty($output_path)){
+              $temproot = [System.IO.Path]::GetTempPath()
+            }
+            else{
+              $temproot = $output_path
+            }
+            if((($cert).HasPrivateKey) -and ($result -eq $true)){
+              $file_name = '#{thumbprint}'
+              $file_path = $(Join-Path -Path $temproot -ChildPath "$file_name.pfx")
+              $mypwd = ConvertTo-SecureString -String '#{export_password}' -Force -AsPlainText
+              $cert | Export-PfxCertificate -FilePath $file_path -Password $mypwd | Out-Null
+              $file_path
+            }
+            else {
+              $content = $null
+              if($cert -ne $null)
+              {
+              $content = @(
+                '-----BEGIN CERTIFICATE-----'
+                [System.Convert]::ToBase64String($cert.RawData, 'InsertLineBreaks')
+                '-----END CERTIFICATE-----'
+              )
+              }
+              $content
             }
-            $content
           EOH
         end

data/lib/win32/certstore/store_base.rb CHANGED Viewed

@@ -236,9 +236,19 @@ module Win32
                           else
                             "CurrentUser"
                           end
-        get_data = powershell_exec!(cert_ps_cmd(thumbprint, store_name, store_location: converted_store))
+        get_data = powershell_exec!(cert_ps_cmd(thumbprint, store_location: converted_store))
+        get_data.stdout
+      end
+      # Get PFX object
+      def get_cert_pfx(thumbprint, store_location: CERT_SYSTEM_STORE_LOCAL_MACHINE, export_password:, output_path: )
+        converted_store = if store_location == CERT_SYSTEM_STORE_LOCAL_MACHINE
+                            "LocalMachine"
+                          else
+                            "CurrentUser"
+                          end
+        get_data = powershell_exec!(cert_ps_cmd(thumbprint, export_password: export_password, store_location: converted_store, output_path: output_path))
         get_data.stdout
-        # get_data.result
       end
       # Format pem

data/lib/win32/certstore/version.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 module Win32
   class Certstore
-    VERSION = "0.5.3".freeze
+    VERSION = "0.6.1".freeze
     MAJOR, MINOR, TINY = VERSION.split(".")
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: win32-certstore
 version: !ruby/object:Gem::Version
-  version: 0.5.3
+  version: 0.6.1
 platform: ruby
 authors:
 - Chef Software
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-02-01 00:00:00.000000000 Z
+date: 2021-03-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler