Releases: webmd-health-services/Carbon.Cryptography
Releases · webmd-health-services/Carbon.Cryptography
3.4.4+341
3.4.3+338
3.4.2
3.4.1+331
3.4.0
Upgrade Instructions
If upgrading/switching from Carbon's Get-CPermission, Grant-CPermission, Revoke-CPermission, and/or
Test-CPermission to Get-CPrivateKeyPermission, Grant-CPrivateKeyPermission, Revoke-CPrivateKeyPermission, and/or
Test-CPrivateKeyPermission, respectively:
- Rename usages of
Get-CPermission,Grant-CPermission,Revoke-CPermission, and
Test-CPermissiontoGet-CPrivateKeyPermission,Grant-CPrivateKeyPermission,Revoke-CPrivateKeyPermission, and
Test-CPrivateKeyPermission, respectively. Get-CPrivateKeyPermission,Grant-CPrivateKeyPermission,Revoke-CPrivateKeyPermission, and
Test-CPrivateKeyPermissionnow write an error and return if passed an identity that does not exist. Add-ErrorAction SilentlyContinueor-ErrorAction Ignoreto preserve previous behavior.Grant-CPrivateKeyPermission(when using the-PassThruswitch) andGet-CPrivateKeyPermissionreturn
System.Security.AccessControl.CryptoKeyAccessRuleobjects if on Windows PowerShell and the .NET framework uses its RSA
or DSA crypto service provider to manage the private key. Otherwise, it returns
System.Security.AccessControl.FileSystemAccessRuleobjects. Update usages accordingly. The two objects have the same
properties, so most current usages that don't care about the object's type should work unchanged.Get-CPrivateKeyPermission,Grant-CPrivateKeyPermission,Revoke-CPrivateKeyPermission, and
Test-CPrivateKeyPermissionnow write warnings if the X509 certificate doesn't have a private key. Add
-WarningAction SilentlyContinueto usages to preserve previous behavior.- Ensure usages of
Grant-CPrivateKeyPermissionandTest-CPrivateKeyPermissiononly passReadandFullControl
values for thePermissionparameter. Those are the only values allowed by the Windows UI, and Carbon is following that
pattern. - Remove usages of the
Grant-CPrivateKeyPermissionfunction's-Appendswitch. Only two permissions are allowed on a
private key, and one of them is FullControl, so it doesn't make sense to allow bothReadandFullControl
permissions. - Remove usages of the
Grant-CPrivateKeyPermissionandTest-CPrivateKeyPermissionfunctions'-ApplyToparameter. - Remove usages of the
Grant-CPrivateKeyPermissionandRevoke-CPrivateKeyPermissionfunctions'Description
parameter.
Added
- Function
Get-CPrivateKeyfor getting an X509 certificate's private key (Windows only). - Function
Get-CPrivateKeyPermissionfor getting the permissions on an X509 certificate's private key (Windows only). - Function
Grant-CPrivateKeyPermissionfor granting permissions to an X509 certificate's private key (Windows only). - Function
Resolve-CPrivateKeyPathfor getting the path to an X509 certificate's private key (Windows only). - Function
Revoke-CPrivateKeyPermissionfor removing permissions to an X509 certificate's private key (Windows only). - Function
Test-CPrivateKeyPermissionfor testing permission on an X509 certificate's private key (Windows only).
3.3.0
Find-CCertificate and Find-CTlsCertificate now support finding certificates with a Subject Alternative Name that
contains a wildcard that matches the given HostName. For example: Passing test.example.com to the HostName parameter
will return a certificate whose Subject Alternative Name contains *.example.com.