internal static bool RemoveItemThrow(string Id, string VaultName, string Name, bool Exact) { Data.KeyVaultCertificate result = GetItemThrow(Id, VaultName, Name, null, null, false, Exact); if (result == null) { return(false); } return(RemoveItems(Id, VaultName, Name, Exact)); }
internal static byte[] GetVaultKey(string VaultName) { Data.KeyVault KeyVault = KeyVaultHelper.GetItemThrow(null, VaultName, true); if ( String.IsNullOrEmpty(KeyVault.Thumbprint) ) return KeyVault.VaultKey; Data.KeyVaultCertificate Certificate = KeyVaultCertificateHelper.GetItemThrow(null, VaultName, null, KeyVault.Thumbprint, null, true, true); // Decrypt the Key X509Certificate2 x509 = (X509Certificate2)Certificate.Certificate; if ((x509.HasPrivateKey == false) || (x509.PrivateKey == null)) { throw new InvalidOperationException("Certificate does not contain PrivateKey"); } return ((RSACryptoServiceProvider)x509.PrivateKey).Decrypt(KeyVault.VaultKey, true); }
/// <summary> /// ProcessRecord /// </summary> protected override void ProcessRecord() { Data.KeyVault KeyVault = KeyVaultHelper.GetItemThrow(null, VaultName, true); if (String.IsNullOrEmpty(KeyVault.Thumbprint)) { WriteError( (new PSAdminException(PSAdminExceptionType.ParameterNotSet, String.Format("in KeyVault '{0}' with the name of '{1}'", VaultName, "Thumbprint"))).GetErrorRecord() ); return; } Data.KeyVaultCertificate Certificate = KeyVaultCertificateHelper.GetItemThrow(null, KeyVault.VaultName, null, KeyVault.Thumbprint, null, false, true); X509Certificate2 x509 = (X509Certificate2)Certificate.Certificate; if ((x509.HasPrivateKey == false) || (x509.PrivateKey == null)) { WriteError( (new PSAdminException(PSAdminExceptionType.CertificatePrivateKey, KeyVault.Thumbprint)).GetErrorRecord() ); return; } Hashtable filter = new Hashtable { { "Id", KeyVault.Id }, { "VaultName", KeyVault.VaultName }, }; Hashtable row = new Hashtable { { "Thumbprint", "" }, { "VaultKey", ((RSACryptoServiceProvider)x509.PrivateKey).Decrypt(KeyVault.VaultKey, true) } }; KeyVaultHelper.SetItemsThrow(row, filter, true); }