MrWinSecureBoot.psm1
|
#Requires -Version 4.0 #Requires -RunAsAdministrator #Requires -Modules SecureBoot function Test-MrWinSecureBootCa2023 { <# .SYNOPSIS Check Secure Boot for CA 2023. .DESCRIPTION Queries ActiveDb and DefaultDb for Windows UEFI CA 2023. .PARAMETER Store ActiveDb or DefaultDb. Defaults to both stores. .EXAMPLE Test-MrWinSecureBootCa2023 .EXAMPLE Test-MrWinSecureBootCa2023 -Store ActiveDb .NOTES Author: Mike F. Robbins Website: https://mikefrobbins.com/ #> [CmdletBinding()] param( [Parameter()] [ValidateSet('ActiveDb','DefaultDb')] [string[]]$Store = @('ActiveDb','DefaultDb'), [Parameter(DontShow)] [ValidateNotNullOrEmpty()] [string]$Pattern = 'Windows UEFI CA 2023' ) foreach ($storeName in $Store) { $present = $null if ($storeName -eq 'ActiveDb') { $uefiName = 'db' } else { $uefiName = 'dbdefault' } try { $bytes = (Get-SecureBootUEFI -Name $uefiName -ErrorAction Stop).bytes } catch { $bytes = $null } if ($bytes) { $present = [System.Text.Encoding]::ASCII.GetString($bytes) -match $Pattern } [pscustomobject]@{ Store = $storeName UefiCa2023 = $present } } } |