vdbtools

1.5

vdbtools.psm1

                                #Region '.\private\Get-VdbIssuingCaName.ps1' 0

function Get-VdbIssuingCaName {

    "CN=HP Inc Private Root CA, OU=Infrastructure Services, O=HP Inc, C=US"

}

#EndRegion '.\private\Get-VdbIssuingCaName.ps1' 4

#Region '.\private\Get-VdbReaderFriendlyName.ps1' 0

function Get-VdbReaderFriendlyName {

    "VSC for SMARTCARD DB"

}

#EndRegion '.\private\Get-VdbReaderFriendlyName.ps1' 4

#Region '.\private\Test-Administrator.ps1' 0

function Test-Administrator  {

    $user = [Security.Principal.WindowsIdentity]::GetCurrent();

    (New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)

}

#EndRegion '.\private\Test-Administrator.ps1' 5

#Region '.\public\Get-VDB.ps1' 0

function Get-VDB {

    [CmdletBinding()]

    param(

        [Parameter(HelpMessage="Friendly name of the VDB smartcard reader pnp device")]

        $FriendlyName = (Get-VdbReaderFriendlyName)

    )

    $device = Get-VdbReader $FriendlyName

    $cert = Get-ChildItem Cert:\CurrentUser\My | Where-Object Issuer -eq (Get-VdbIssuingCaName)

    $status = switch ($device.Status) {

        {$_ -eq 'Ok' -and $cert} {'On'}

        {$_ -ne 'Ok' -and -not $cert} {'Off'}

        {$_ -eq 'Ok' -and -not $cert} {'Error: Reader but no certificate'}

        {$_ -ne 'Ok' -and $cert} {'Error: Certificate but no reader'}

        default {'Error: Unknown state'}

    }

    [PSCustomObject]@{

        Status = $status

        SmartcardReader = $device

        Certificate = $cert

    }

}

#EndRegion '.\public\Get-VDB.ps1' 23

#Region '.\public\Get-VdbReader.ps1' 0

function Get-VdbReader {

    param (

        $FriendlyName = (Get-VdbReaderFriendlyName)

    )

    $device = Get-PnpDevice | Where-Object FriendlyName -eq $FriendlyName

    if ($device.Class -eq "SmartCardReader") {

        $device

    } else {

        write-error "$FriendlyName not a SmartCardReader"

    }

}

#EndRegion '.\public\Get-VdbReader.ps1' 12

#Region '.\public\Set-VDB.ps1' 0

<#

.DESCRIPTION

Controls the state of the Virtual Digital Badge.

.PARAMETER State

On - Enables the VDB smartcard reader pnp device - windows automatically adds the certificate from the smartcard.

Off - Disables the VDB smartcard reader pnp device, and removes associated certificates from current user's personal cert store.

.PARAMETER FriendlyName

Friendly name of the VDB smartcard reader pnp device, as shown by get-pnpdevice, default is normally correct.

.PARAMETER Passthru

Return the VDB object after setting the state

.EXAMPLE

Enable VDB for use:

PS> Set-VDB -State On

using shorthand function:

PS> vdb on

getting the VDB object after setting:

PS> Set-VDB -State On -Passthru

#>

function Set-VDB {

    [CmdletBinding(SupportsShouldProcess)]

    param(

        [Parameter(Mandatory, HelpMessage="Desired state of the Virtual Digital Badge")]

        [ValidateSet("On","Off")]

        [String]$State,

        [Parameter(HelpMessage="Friendly name of the VDB smartcard reader pnp device")]

        $FriendlyName = (Get-VdbReaderFriendlyName),

        [Switch]$Passthru

    )

    if (Test-Administrator) {

        $ConfirmParam = if ($ConfirmPreference -eq "High") {@{Confirm = $false}} else {@{}}

        $device = Get-VdbReader $FriendlyName

        switch ($State) {

            "On" {

                $device | Enable-PnpDevice @ConfirmParam

            }

            "Off" {

                $device | Disable-PnpDevice @ConfirmParam

                Get-ChildItem Cert:\CurrentUser\My | Where-Object Issuer -eq (Get-VdbIssuingCaName) |

                    Remove-Item @ConfirmParam

            }

        }

        if ($Passthru) { Get-Vdb -FriendlyName $FriendlyName }

    } else {

        write-warning "Setting VDB state requires elevation, run as administrator"

    }

}

#EndRegion '.\public\Set-VDB.ps1' 49

#Region '.\public\Switch-VDB.ps1' 0

# Switch (toggle) Virtual smartcard reader on and off

function Switch-VDB {

    param (

        $FriendlyName = (Get-VdbReaderFriendlyName)

    )

    switch ((Get-Vdb @PSBoundParameters).Status) {

        "On" { Set-Vdb -State Off @PSBoundParameters }

        "Off" { Set-Vdb -State On @PSBoundParameters }

        Default { write-warning "Unknown VDB state" }

    }

    Get-Vdb @PSBoundParameters

}

#EndRegion '.\public\Switch-VDB.ps1' 15

#Region '.\public\vdb.ps1' 0

<#

.DESCRIPTION

Get the status of the VDB reader, or set the state of the VDB reader.

Call with no parameters to get status of VDB (Get-VDB)

.PARAMETER State

On - Enables the VDB smartcard reader pnp device - windows automatically adds the certificate from the smartcard.

Off - Disables the VDB smartcard reader pnp device, and removes associated certificates from current user's personal cert store.

.PARAMETER FriendlyName

Friendly name of the VDB smartcard reader pnp device, as shown by get-pnpdevice, default is normally correct.

.EXAMPLE

Enable VDB for use:

PS> vdb on

Get VDB status:

PS> vdb

#>

function vdb {

    [CmdletBinding()]

    param(

        [Parameter(HelpMessage="Desired state of the Virtual Digital Badge")]

        [ValidateSet("On","Off")]

        [String]$State,

        [Parameter(HelpMessage="Friendly name of the VDB smartcard reader pnp device")]

        [String]$FriendlyName = (Get-VdbReaderFriendlyName)

    )

    if ($State) {

        Set-VDB -State $State -FriendlyName $FriendlyName

    } else {

        Get-VDB -FriendlyName $FriendlyName

    }

}

#EndRegion '.\public\vdb.ps1' 32