/
DHKE.ps1
68 lines (51 loc) · 1.84 KB
/
DHKE.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
$store = "cert:\CurrentUser\My"
$paramsAlice = @{
CertStoreLocation = $store
Subject = "CN=Alice"
KeyLength = 8192
KeyAlgorithm = "RSA"
KeyUsage = "DataEncipherment"
Type = "DocumentEncryptionCert"
}
$paramsBob = @{
CertStoreLocation = $store
Subject = "CN=Arno"
KeyLength = 4096
KeyAlgorithm = "RSA"
KeyUsage = "DataEncipherment"
Type = "DocumentEncryptionCert"
}
# generate new certificate and add it to certificate store
$certAlice = New-SelfSignedCertificate @paramsAlice
$certBob = New-SelfSignedCertificate @paramsBob
$bytes = [byte[]]($certAliceBytes)
$Endian = if([System.BitConverter]::IsLittleEndian){1,0}else{0,1};$bytes=[byte[]]($certAliceBytes[$Endian]);
[bitconverter]::ToInt16($bytes,0)
2014
$certBobBytes = $certBob.GetPublicKey()
[bitconverter]::ToInt32($certBobBytes,0)
# list all certs
Get-ChildItem -path $store
pause
# Encryption / Decryption
$message = "My secret message"
$cipher = $message | Protect-CmsMessage -To "CN=Bob"
Write-Host "Cipher:" -ForegroundColor Green
$cipher
Write-Host "Decrypted message:" -ForegroundColor Green
$cipher | Unprotect-CmsMessage
# Exporting/Importing certificate
$pwd = ("P@ssword" | ConvertTo-SecureString -AsPlainText -Force)
$privateKey = "$home\Documents\Test1.pfx"
$publicKey = "$home\Documents\Test1.cer"
# Export private key as PFX certificate, to use those Keys on different machine/user
Export-PfxCertificate -FilePath $privateKey -Cert $cert -Password $pwd
# Export Public key, to share with other users
Export-Certificate -FilePath $publicKey -Cert $cert
#Remove certificate from store
$cert | Remove-Item
# Add them back:
# Add private key on your machine
Import-PfxCertificate -FilePath $privateKey -CertStoreLocation $store -Password $pwd
# This is for other users (so they can send you encrypted messages)
Import-Certificate -FilePath $publicKey -CertStoreLocation $store