c-hive.psm1
|
function Test-IsNumeric() { <# .SYNOPSIS Returns if a specific value is numeric or not .EXAMPLE Test-IsNumeric -value "1" >> output = $true .EXAMPLE Test-IsNumeric -value "a" >> output = $false #> param ($value) Write-Verbose "--Executing: IsNumeric" return ($($value.Trim()) -match "^[-]?[0-9]+$") } function Test-ifFileIsCR() { <# .SYNOPSIS Check if current file seems to be a certificate request .EXAMPLE Test-ifFileIsCR -ReqString "Subject: lorem ipsum...." >> output = $true .EXAMPLE Test-ifFileIsCR -ReqString "lorem ipsum...." >> output = $false #> param([Parameter(mandatory=$true)]$ReqString) write-Verbose "--Executing: Check-ifFileIsCR" $found=$false $x=0 foreach ($line in $ReqString){ if($line -match "Subject:"){ $x++} if($line -match "Certificate Request:"){ $x++} #if($line -match "Public Key Length:"){$x++} if ($x -eq 2){$found=$true} } return $found } function Test-Singature(){ <# .SYNOPSIS Check for String: Signature matches Public Key .EXAMPLE Test-Singature -ReqString "Signature matches Public Key... lorem ipsum...." >> output = $true .EXAMPLE Test-Singature -ReqString "lorem ipsum...." >> output = $false #> param([Parameter(mandatory=$true)]$ReqString) write-verbose "--Executing: Check-Singature" $line="" $found=$false foreach ($line in $ReqString){if($line -match "Signature matches Public Key"){$found=$true}} return $found } function Get-RequestAttributes { <# .SYNOPSIS Get all Request Attributes .EXAMPLE Get-RequestAttributes -ReqString $certificate_request_string #> param([Parameter(mandatory=$true)]$ReqString) write-verbose "--Executing: Get-RequestAttributes" $line="" $lineCount=0 $found=$false $fieldNum=0 $fieldLine="" $Attributes=@() $numCount=0 $Count=0 $obj="" | Select-Object AttributeName,AttribField1,AttribField2,AttribField3,AttribField4,AttribField5 foreach ($line in $ReqString){ $lineCount++ if($found){ if($line -match " Attribute"){ $obj="" | Select-Object AttributeName,AttribField1,AttribField2,AttribField3,AttribField4,AttribField5 $obj.AttributeName=($line.Split("(")[1]).Substring(0,($line.Split("(")[1]).length-1) $Count++ $fieldNum=0 $i=0 do{ $fieldLine=$ReqString[$lineCount+$i++] if(($fieldLine -notmatch "Value") -and ($fieldLine -notmatch "Unknown Attribute")){ switch(++$fieldNum) { 1 {$obj.AttribField1=$fieldLine.trim()} 2 {$obj.AttribField2=$fieldLine.trim()} 3 {$obj.AttribField3=$fieldLine.trim()} 4 {$obj.AttribField4=$fieldLine.trim()} 5 {$obj.AttribField5=$fieldLine.trim()} } } }until(($ReqString[$lineCount+$i].length -eq 0) -or !($ReqString[$lineCount+$i].StartsWith(" "))) $Attributes += $obj } } if($line -match "Request Attributes:") { [int32]$numCount=$line.Split(":")[1] if($numCount -gt 0){$found=$true} } if($found -and ($Count -eq $numCount)){$found=$false} } return $Attributes } function Get-CertExtensions() { <# .SYNOPSIS Get all Request Certificate Extensions .EXAMPLE Get-CertExtensions -ReqString $certificate_request_string #> param([Parameter(mandatory=$true)]$ReqString) write-verbose "--Executing: Get-CertExtensions" $line="" $lineCount=0 $found=$false #$fieldNum=0 $fieldLine="" $Extensions=@() $numCount=0 $Count=0 $obj="" | Select-Object ExtensionOID,ExtensionName,ExtensionField foreach ($line in $ReqString){ $lineCount++ if($found){ if(($line.length -gt 0) -and (Test-IsNumeric -value $line.substring(4,1))){ $obj="" | Select-Object ExtensionOID,ExtensionName,ExtensionField $obj.ExtensionOID=($line.Split(":")[0]).trim() $obj.ExtensionName=$ReqString[$lineCount].trim() $Count++ #$fieldNum=0 $i=1 do{ $fieldLine=$ReqString[$lineCount+$i++] $obj.ExtensionField+=$fieldLine.trim()+"`r`n" }until(($ReqString[$lineCount+$i].length -eq 0) -or !($ReqString[$lineCount+$i].StartsWith(" "))) $Extensions += $obj } } if($line -match "Certificate Extensions:"){ [int32]$numCount=$line.Split(":")[1] if($numCount -gt 0){$found=$true} } if($found -and ($Count -eq $numCount)){$found=$false} } return $Extensions } function Get-SubjectName() { <# .SYNOPSIS Get Certificate Requests Subject Name .EXAMPLE Get-SubjectName -ReqString $certificate_request_string #> param([Parameter(mandatory=$true)]$ReqString) write-verbose "--Executing: get-SubjectName" $line="" #$lineCount=0 #$found=$false #$fieldNum=0 #$fieldLine="" #$Extensions=@() #$numCount=0 #$Count=0 #$i=0 $myobj = [PSCustomObject]@{ CN = $null OU = $null O = $null L = $null ST = $null S = $null STREET = $null C = $null E= $null } foreach ($line in $ReqString){ if ($line.contains(":")) { if ($line.Contains("Subject")) {$start_parsing = $true} else {$start_parsing = $false} } if ($start_parsing) { $SubjectType=$line.Split("=")[0].trim() try{$attrib = $line.Split("=")[1].trim()}catch{$attrib = $Null} switch($SubjectType) { "CN" {$myobj.CN=$attrib.trim()} "OU" {$myobj.OU=$attrib.trim()} "O" {$myobj.O=$attrib.trim()} "L" {$myobj.L=$attrib.trim()} "ST" {$myobj.ST=$attrib.trim()} "S" {$myobj.S=$attrib.trim()} "STREET" {$myobj.STREET=$attrib.trim()} "C" {$myobj.C=$attrib.trim()} "E" {$myobj.E=$attrib.trim()} } } } return $myobj } function Get-CertTemplate() { <# .SYNOPSIS Get Certificate Requests Certificate Template Name .EXAMPLE Get-CertTemplate -ReqString $certificate_request_string #> param( [Parameter(mandatory=$true)]$arrExt, [Parameter(mandatory=$true)]$arrAttrib ) write-verbose "--Executing: Get-CertTemplate" $arrCertTmpl=@() if($arrExt.count -ne 0) { Foreach($obj in $arrExt) { if($obj.ExtensionOID -match "1.3.6.1.4.1.311.21.7"){$arrCertTmpl+=$obj.ExtensionField.Split("`r`n")[0],"OID"} } Foreach($obj in $arrExt) { if($obj.ExtensionOID -match "1.3.6.1.4.1.311.20.2"){$arrCertTmpl+=$obj.ExtensionField.Split("`r`n")[0],"OID"} } } if($arrAttrib.count -ne 0) { Foreach($obj in $arrAttrib) { if($obj.AttribField1 -match "CertificateTemplate"){$arrCertTmpl+=$obj.AttribField1,"Name"} } } return $arrCertTmpl } function Get-CSP(){ <# .SYNOPSIS Get Certificate Requests CSP .EXAMPLE Get-CSP -arrExt Get-CertExtensions($certificate_Request_String) -arrAttrib Get-RequestAttributes($certificate_Request_String) #> param( [Parameter(mandatory=$true)]$arrExt, [Parameter(mandatory=$true)]$arrAttrib ) write-verbose "--Executing: Get-CSP" $CSP=@() if($arrAttrib.count -ne 0) { Foreach($obj in $arrAttrib) { if($obj.AttributeName -match "CSP"){ if($obj.AttribField1 -match "Provider ="){$CSP+=$obj.AttribField1.split("=")[1]} if($obj.AttribField2 -match "Provider ="){$CSP+=$obj.AttribField2.split("=")[1]} if($obj.AttribField3 -match "Provider ="){$CSP+=$obj.AttribField3.split("=")[1]} if($obj.AttribField4 -match "Provider ="){$CSP+=$obj.AttribField4.split("=")[1]} if($obj.AttribField5 -match "Provider ="){$CSP+=$obj.AttribField5.split("=")[1]} } } } return $CSP } function Get-EnhancedKeyUsage() { <# .SYNOPSIS Get Certificate Requests EnhancedKeyUsage .EXAMPLE Get-EnhancedKeyUsage -arrExt Get-CertExtensions($certificate_Request_String) #> param( [Parameter(mandatory=$true)]$arrExt ) write-verbose "--Executing: Get-EnhancedKeyUsage" $EnhKeyUsage=@() if($arrExt.count -ne 0) { Foreach($obj in $arrExt) { if($obj.ExtensionOID -match "2.5.29.37"){ $EnhKeyUsage+=$obj.ExtensionField } } } return $EnhKeyUsage } function Get-KeyUsage() { <# .SYNOPSIS Get Certificate Requests EnhancedKeyUsage .EXAMPLE Get-KeyUsage -arrExt Get-CertExtensions($certificate_Request_String) #> param([Parameter(mandatory=$true)]$arrExt) write-verbose "--Executing: Get-KeyUsage" $KeyUsage="" if($arrExt.count -ne 0) { Foreach($obj in $arrExt) { if($obj.ExtensionOID -match "2.5.29.15"){ $KeyUsage=$obj.ExtensionField } } } return $KeyUsage } function Get-SAN() { <# .SYNOPSIS Get Certificate Requests SAN .EXAMPLE Get-SAN -arrExt Get-CertExtensions($certificate_Request_String) #> param([Parameter(mandatory=$true)]$arrExt) write-verbose "--Executing: Get-SAN" $temp="" $SANTemp="" $SAN=@() $SANEntry="" | Select-Object Type, SAN if($arrExt.count -ne 0) { Foreach($obj in $arrExt) { if($obj.ExtensionOID -match "2.5.29.17"){ $temp=$obj.ExtensionField.trim().split("`n") foreach($SANTemp in $temp){ $SANEntry="" | Select-Object Type, SAN $SANEntry.Type=$SANTemp.split("=")[0] $SANEntry.SAN=$SANTemp.split("=")[1].trim() $SAN+=$SANEntry } } } } return $SAN } function Get-SignAlgorithm() { <# .SYNOPSIS Get Certificate Requests SignAlgorithm .EXAMPLE Get-SignAlgorithm -ReqString $certificate_Request_String #> param( [Parameter(mandatory=$true)]$ReqString ) write-verbose "--Executing: Get-SignAlgorithm" $line="" $found=$false $obj="" | Select-Object AlgoOID,AlgoName foreach ($line in $ReqString){ if($found){ if($line -match " Algorithm ObjectId:"){ $obj.AlgoOID=($line.Split(":")[1].trim()).Split(" ")[0] $obj.AlgoName=($line.Split(":")[1].trim()).Split(" ")[1] } $found=$false } if($line -match "Signature Algorithm:"){$found=$true} } return $obj } function Get-KeyAlgorithm() { <# .SYNOPSIS Get Certificate KeyAlgorithm .EXAMPLE Get-KeyAlgorithm -ReqString $certificate_Request_String #> param( [Parameter(mandatory=$true)]$ReqString ) write-verbose "--Executing: Get-KeyAlgorithm" $line="" $found=$false $obj="" | Select-Object AlgoOID,AlgoName foreach ($line in $ReqString){ if($found){ if($line -match " Algorithm ObjectId:"){ $obj.AlgoOID=($line.Split(":")[1].trim()).Split(" ")[0] $obj.AlgoName=($line.Split(":")[1].trim()).Split(" ")[1] } $found=$false } if($line -match "Public Key Algorithm:"){$found=$true} } return $obj } function Get-KeyLength() { <# .SYNOPSIS Get Certificate KeyLength .EXAMPLE Get-KeyLength -ReqString $certificate_Request_String #> param( [Parameter(mandatory=$true)]$ReqString ) write-verbose "--Executing: Get-KeyLength" $line="" #$found=$false $KeyLength="" foreach ($line in $ReqString){ if($line -match "Public Key Length:"){$KeyLength=$line.Split(":")[1].trim()} } return $KeyLength } Export-ModuleMember -Function Test-IsNumeric, Test-ifFileIsCR, Test-Singature, Get-RequestAttributes, Get-CertExtensions, Get-SubjectName, Get-CertTemplate, Get-CSP, Get-EnhancedKeyUsage, Get-KeyUsage, Get-SAN, Get-SignAlgorithm, Get-KeyAlgorithm, Get-KeyLength |