diff --git a/lib/win32/certstore.rb b/lib/win32/certstore.rb index 076fbf3..363297c 100644 --- a/lib/win32/certstore.rb +++ b/lib/win32/certstore.rb @@ -78,17 +78,6 @@ def get(certificate_thumbprint, store_name: @store_name, store_location: @store_ cert_get(certificate_thumbprint, store_name: store_name, store_location: store_location) end - # Returns a filepath to a PKCS12 container. The filepath is in a temporary folder so normal housekeeping by the OS should clear it. - # However, you should delete it yourself anyway. - # @param [certificate_thumbprint] Is the thumbprint of the pfx blob you want to capture - # @param [store_location:] A location in the Cert store where the pfx is located, typically 'LocalMachine' - # @param [store_name:] A store name from the approved list of stores : MY, ROOT, CA, etc. - # @return [Object] of certificate in OpenSSL::X509 format - # NOTE: This only works with .NET 5.0 and PowerShell 7.1.2 or later. - def get_key(certificate_thumbprint, store_location: @store_location, store_name: @store_name) - get_cert_key(certificate_thumbprint, store_location: store_location, store_name: store_name) - end - # Returns all the certificates in a store # @param [nil] # @return [Array] array of certificates list diff --git a/lib/win32/certstore/mixin/helper.rb b/lib/win32/certstore/mixin/helper.rb index 076dea8..8ebcb60 100644 --- a/lib/win32/certstore/mixin/helper.rb +++ b/lib/win32/certstore/mixin/helper.rb @@ -21,28 +21,6 @@ module Win32 class Certstore module Mixin module Helper - # PSCommand to search certificate from thumbprint and either turn it into a pem or return a path to a pfx object - def key_ps_cmd(thumbprint, store_location: "LocalMachine", store_name: "My") - <<-CMD - $Location = [Security.Cryptography.X509Certificates.StoreLocation]::#{store_location} - $StoreName = [Security.Cryptography.X509Certificates.StoreName]::#{store_name} - $Store = New-Object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList $Location - $OpenFlags = [System.Security.Cryptography.X509Certificates.OpenFlags]::ReadOnly - $Store.Open($OpenFlags) - $mycert = $Store.Certificates | Where-Object {$_.Thumbprint -eq "#{thumbprint}"} - $mykey = $mycert.PrivateKey - $decrypted_key = $mykey.ExportRSAPrivateKey() - if ($null -ne $decrypted_key){ - $content = @( - '-----BEGIN RSA PRIVATE KEY-----' - [System.Convert]::ToBase64String($decrypted_key, 'InsertLineBreaks') - '-----END RSA PRIVATE KEY-----' - ) - } - $content - CMD - end - def cert_ps_cmd(thumbprint, store_location: "LocalMachine", store_name: "My") <<-EOH $cert = Get-ChildItem Cert:\\#{store_location}\\#{store_name} -Recurse | Where { $_.Thumbprint -eq "#{thumbprint}" } diff --git a/lib/win32/certstore/store_base.rb b/lib/win32/certstore/store_base.rb index 2856888..0156a32 100644 --- a/lib/win32/certstore/store_base.rb +++ b/lib/win32/certstore/store_base.rb @@ -244,12 +244,6 @@ def get_cert_pem(thumbprint, store_name:, store_location:) get_data.stdout end - # Get Private Key, requires PowerShell 7.1.2 and .Net 5.o or later - def get_cert_key(thumbprint, store_location:, store_name: ) - get_data = powershell_exec!(key_ps_cmd(thumbprint, store_location: store_location, store_name: store_name)) - get_data.stdout - end - # Format pem def format_pem(cert_pem) cert_pem.delete("\r") diff --git a/spec/win32/unit/certstore_spec.rb b/spec/win32/unit/certstore_spec.rb index 60d701b..27af68c 100644 --- a/spec/win32/unit/certstore_spec.rb +++ b/spec/win32/unit/certstore_spec.rb @@ -259,7 +259,7 @@ before(:each) do allow_any_instance_of(certbase).to receive(:get_cert_pem).and_return("") end - it "returns nil" do + it "raises Error" do store = certstore.open(store_name) expect { store.get(thumbprint, store_location: CERT_SYSTEM_STORE_CURRENT_USER, store_name: store_name) }.to raise_error(ArgumentError, "Unable to retrieve the certificate") end