Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Weird behavior of .NET class X509Certificate2 in Power Shell Core, Windows Power Shell and Windows Power Shell in elevated mode #10833

Closed
Akreddy123 opened this issue Oct 18, 2019 · 2 comments
Closed

Weird behavior of .NET class X509Certificate2 in Power Shell Core, Windows Power Shell and Windows Power Shell in elevated mode #10833

Akreddy123 opened this issue Oct 18, 2019 · 2 comments
Labels
Issue-Question ideally support can be provided via other mechanisms, but sometimes folks do open an issue to get a Resolution-Answered The question is answered.

Comments

@Akreddy123
Copy link

Akreddy123 commented Oct 18, 2019
edited

Steps to reproduce

$secPassword = (ConvertTo-SecureString -String "<>" -AsPlainText -Force)
[System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]$flags = 4 -bor 16 -bor 2
// 4 -> exportable
//16 ->Persist key
//2->MachinekeySet
$pfxFilePath = 'C:\Users\<>\DESKTOP\Cert.pfx'
$cert = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($pfxFilePath, $secPassword, $flags)

Expected behavior

Should create a CNG based certificate with an exportable private key.

Actual behavior

In Power Shell Core, it is working fine with an exportable private key like below
Key                  : System.Security.Cryptography.CngKey
LegalKeySizes        : {System.Security.Cryptography.KeySizes}
KeyExchangeAlgorithm : RSA
SignatureAlgorithm   : RSA
KeySize              : 2048

In Windows Power Shell, creating a CSP based certificate with an exportable private key like below.
PublicOnly           : False
CspKeyContainerInfo  : System.Security.Cryptography.CspKeyContainerInfo
KeySize              : 2048
KeyExchangeAlgorithm : RSA-PKCS1-KeyEx
SignatureAlgorithm   : http://www.w3.org/2000/09/xmldsig#rsa-sha1
PersistKeyInCsp      : True
LegalKeySizes        : {System.Security.Cryptography.KeySizes}

In Windows Power Shell elevated mode, creating a CSP based certificate with a null private key.

Environment data

Name Value

PSVersion 5.1.18362.145
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.18362.145
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1

PS Core:
Name Value

PSVersion 6.2.0
PSEdition Core
GitCommitId 6.2.0
OS Microsoft Windows 10.0.18362
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
@Akreddy123 Akreddy123 added the Issue-Question ideally support can be provided via other mechanisms, but sometimes folks do open an issue to get a label Oct 18, 2019
@iSazonov
Copy link
Collaborator

iSazonov commented Oct 19, 2019
edited by unfurl-links bot

@Akreddy123 It is not right repo to report an issue about Windows PowerShell. Use other channels like Windows 10 Feedback tool and Microsoft forums.
Also you call .Net method so it is not PowerShell issue, it is .Net issue, for .Net Framework you can use channels I mentioned above, for .Net Core you can report to CoreFX repo https://github.com/dotnet/corefx/.

GitHub
CoreFX is the foundational class libraries for .NET Core. It includes types for collections, file systems, console, JSON, XML, async and many others. - dotnet/corefx

@iSazonov iSazonov added the Resolution-Answered The question is answered. label Oct 19, 2019
@Akreddy123 Akreddy123 changed the title Weird behavior of of .NET class X509Certificate2 in Power Shell Core, Windows Power Shell and Windows Power Shell in elevated mode Weird behavior of .NET class X509Certificate2 in Power Shell Core, Windows Power Shell and Windows Power Shell in elevated mode Oct 20, 2019
@ghost
Copy link

ghost commented Oct 21, 2019

This issue has been marked as answered and has not had any activity for 1 day. It has been closed for housekeeping purposes.

@ghost ghost closed this as completed Oct 21, 2019
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Issue-Question ideally support can be provided via other mechanisms, but sometimes folks do open an issue to get a Resolution-Answered The question is answered.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@iSazonov @Akreddy123