从USB EV证书中检索私钥

发布于 2025-02-01 11:25:55 字数 1225 浏览 5 评论 0原文

我正在尝试使用PowerShell从存储在个人商店中的证书中提取私钥。这是一个EV代码签名证书，带有USB设备上的密钥。

我发现的大多数工具似乎都与本地机器证书有关，并且无法正常工作，我在这篇文章的步骤中达到了： https://hope.mx/2019/recovering-a-covering-a-certificate-where-where-the-private-private-private-key-key-- key-- key------------------ 我的理解是，

我试图使用这些步骤：

PS Cert:\CurrentUser\My> $a = Get-Item Cert:\CurrentUser\My\A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0

PS Cert:\CurrentUser\My> $a.PrivateKey.CspKeyContainerInfo


MachineKeyStore        : False
ProviderName           : eToken Base Cryptographic Provider
ProviderType           : 1
KeyContainerName       : te-cd6cd72c-da9c-4862-b02d-419e7ac19123
UniqueKeyContainerName : te-cd6cd72c-da9c-4862-b02d-419e7ac19123
KeyNumber              : Exchange
Exportable             : False
HardwareDevice         : True
Removable              : True
Accessible             : True
Protected              : True
CryptoKeySecurity      :
RandomlyGenerated      : False

我应该能够在C下找到该文件：实际上，RSA目录中的任何文件甚至都没有以“ TE-”开头，

该值是否真的代表了系统中某个地方的私有密钥文件的名称？如果是这样，在哪里？

原文

I'm trying to use PowerShell to extract a private key from a certificate stored in the personal store. This is an EV Code signing certificate that came with the key on a USB device.

Most of the tools I've found seem related to Local Machine certificates and are not working, and I hit on the steps in this post: https://hope.mx/2019/recovering-a-certificate-where-the-private-key-is-marked-as-non-exportable/

I tried to use those steps:

PS Cert:\CurrentUser\My> $a = Get-Item Cert:\CurrentUser\My\A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0A0

PS Cert:\CurrentUser\My> $a.PrivateKey.CspKeyContainerInfo


MachineKeyStore        : False
ProviderName           : eToken Base Cryptographic Provider
ProviderType           : 1
KeyContainerName       : te-cd6cd72c-da9c-4862-b02d-419e7ac19123
UniqueKeyContainerName : te-cd6cd72c-da9c-4862-b02d-419e7ac19123
KeyNumber              : Exchange
Exportable             : False
HardwareDevice         : True
Removable              : True
Accessible             : True
Protected              : True
CryptoKeySecurity      :
RandomlyGenerated      : False

It was my understanding that I should be able to find that file under C:\ProgramData\Microsoft\Crypto\RSA, but it is not there and in fact none of the files in the RSA directories even start with "te-"

Does that value really represent the name of the private key file someplace in the system? If so, where?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

紫罗兰の梦幻 2025-02-08 11:25:55

它是一个用于保护私钥的代币（硬件设备），这意味着它不得导出。抱歉：您不能。

回复收藏 0 原文

通知家属抬走 2025-02-08 11:25:55

该值确实代表了系统中某个地方的私有密钥文件的名称？

是的

如果是，在哪里？

$ a.thumbprint是存储密钥文件的唯一容器。

这对应于％appData％\ Microsoft \ SystemCertificates \ My \ CERTIFATES

这应该是您想要的东西的好开始。

    #!/usr/bin/env powershell
$a = Get-Item -Path Cert:\CurrentUser\My\10EDAD11F3A6F39FBA5E38A2480D96979D33ABD0

$thumb = $a.Thumbprint
$path = "$env:APPDATA/Microsoft/SystemCertificates/My/Certificates/" + $thumb
Write-Output -InputObject $path
Test-Path -Path $path
& "$env:windir/system32/certutil.exe" $path

我从此处。

Does that value really represent the name of the private key file someplace in the system?

Yes

If so, where?

$a.Thumbprint is the unique container where the key file is stored.

This corresponds to %APPDATA%\Microsoft\SystemCertificates\My\Certificates

This should be a good start to what you're looking for.

    #!/usr/bin/env powershell
$a = Get-Item -Path Cert:\CurrentUser\My\10EDAD11F3A6F39FBA5E38A2480D96979D33ABD0

$thumb = $a.Thumbprint
$path = "$env:APPDATA/Microsoft/SystemCertificates/My/Certificates/" + $thumb
Write-Output -InputObject $path
Test-Path -Path $path
& "$env:windir/system32/certutil.exe" $path

I've taken some info from here.

回复收藏 0 原文

~没有更多了~