Powershell密码学对象无文件输入

huangapple
go评论45阅读模式
英文:

Powershell Cryptographic Object without file input

问题

我确实有一个包含Base64字符串(证书)的变量。我想通过PowerShell将其转换为一个密码学对象,就像这样:

$cert_object = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(".\tmp.txt")

但我无法在没有这个 hack 的情况下创建这个对象,因为我找不到直接将字符串传递给密码对象的方法...

$cert.value | Out-File -FilePath ".\tmp.txt"

这解析了Base64并创建了一个证书对象

$cert_object = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(".\tmp.txt")

移除临时文件

Remove-Item -Path ".\tmp.txt"


有人知道是否有一种方法可以避免使用磁盘操作吗?


<details>
<summary>英文:</summary>

i do have a variable which contains a base64 string (a certificate).I want to convert this to an cryptoggraphic object via powershell, like this:

$cert_object = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(".\tmp.txt")

But i&#180;m unable to create this object without this hack because i did not find a way to directly pipe the string to the crypto object...

$cert.value | Out-File -FilePath ".\tmp.txt"
#This parses the base64 and createa a certificate object
$cert_object = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2(".\tmp.txt")
#Remove the uglyness
Remove-Item -Path ".\tmp.txt"


Does anyone now a solution without touching disk?



</details>


# 答案1
**得分**: 1

```sh
假设`$cert.value`包含Base64字符串,您可以将其从Base64转换并使用这些字节来定位[`X509Certificate2(Byte[])`构造函数](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.x509certificate2.-ctor?view=net-7.0#system-security-cryptography-x509certificates-x509certificate2-ctor(system-byte())):

```sh
[System.Security.Cryptography.X509Certificates.X509Certificate2]::new(
    [Convert]::FromBase64String($cert.value)
)

作为一个示例,在My中使用证书:

$bytes = (Get-ChildItem Cert:\CurrentUser\My | Select-Object -First 1).RawData
$cert  = [Convert]::ToBase64String($bytes)
[System.Security.Cryptography.X509Certificates.X509Certificate2]::new(
    [Convert]::FromBase64String($cert)
)


<details>
<summary>英文:</summary>

Assuming `$cert.value` contains the Base64 string you could convert it from Base64 and use those bytes to target the [`X509Certificate2(Byte[])` Constructor](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.x509certificate2.-ctor?view=net-7.0#system-security-cryptography-x509certificates-x509certificate2-ctor(system-byte())):

```sh
[System.Security.Cryptography.X509Certificates.X509Certificate2]::new(
    [Convert]::FromBase64String($cert.value)
)

As an example using a Cert in My:

$bytes = (Get-ChildItem Cert:\CurrentUser\My | Select-Object -First 1).RawData
$cert  = [Convert]::ToBase64String($bytes)
[System.Security.Cryptography.X509Certificates.X509Certificate2]::new(
    [Convert]::FromBase64String($cert)
)

huangapple
  • 本文由 发表于 2023年2月18日 02:01:58
  • 转载请务必保留本文链接:https://go.coder-hub.com/75487793.html
  • certificate
  • powershell
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定