gdbarron · gdbarron · May 23, 2020 · May 23, 2020 · May 23, 2020 · May 23, 2020
diff --git a/RELEASE.md b/RELEASE.md
@@ -1 +1,5 @@
-- fix issue 89, -ProvisionCertificate not triggering a push
+- issue #92, add offset parameter to Find-TppCertificate
+- fix issue #95, allow inclusion of private key for format Base64 (PKCS #8) in Get-TppCertificate.  Earlier versions of Venafi documentation listed this incorrectly, but has been resolved.
+- fix issue #96, Get-TppCertificate failing when pipilining due to adding a key to a hashtable that already exists
+- fix issue #97, linux style paths which use / instead of \ were failing path check due to invalid regex
+- pssa fix for Read-TppLog
diff --git a/VenafiTppPS/Code/Private/Test-TppDnPath.ps1 b/VenafiTppPS/Code/Private/Test-TppDnPath.ps1
@@ -12,10 +12,10 @@ function Test-TppDnPath {
 
     process {
         if ( $PSBoundParameters.ContainsKey('AllowRoot') ) {
-            $_ -match '(^\\VED)(\\.+)*$'
+            $_ -match '^[\\|//]VED([\\|//].+)*$'
         }
         else {
-            $_ -match '(^\\VED)(\\.+)+$'
+            $_ -match '^[\\|//]VED([\\|//].+)+$'
         }
     }
 }
diff --git a/VenafiTppPS/Code/Public/Find-TppCertificate.ps1 b/VenafiTppPS/Code/Public/Find-TppCertificate.ps1
@@ -21,6 +21,9 @@ Search recursively starting from the search path.
 Limit how many items are returned.  Default is 0 for no limit.
 It is definitely recommended to filter on another property when searching with no limit.
 
+.PARAMETER Offset
+The number of results to skip.
+
 .PARAMETER Country
 Find certificates by Country attribute of Subject DN.
 
@@ -146,6 +149,10 @@ Find all certificates expiring before a certain date
 Find-TppCertificate -ExpireBefore "2018-01-01" -Limit 5
 Find 5 certificates expiring before a certain date
 
+.EXAMPLE
+Find-TppCertificate -ExpireBefore "2018-01-01" -Limit 5 -Offset 2
+Find 5 certificates expiring before a certain date, starting at the 3rd certificate found.
+
 .EXAMPLE
 Find-TppCertificate -Path '\VED\Policy\My Policy'
 Find all certificates in a specific path
@@ -224,6 +231,9 @@ function Find-TppCertificate {
         [Parameter()]
         [int] $Limit = 0,
 
+        [Parameter()]
+        [int] $Offset,
+
         [Parameter()]
         [Alias('C')]
         [String] $Country,
@@ -364,6 +374,9 @@ function Find-TppCertificate {
         }
 
         switch ($PSBoundParameters.Keys) {
+            'Offset' {
+                $params.Body.Add( 'Offset', $Offset )
+            }
             'Country' {
                 $params.Body.Add( 'C', $Country )
             }

diff --git a/VenafiTppPS/Code/Public/Get-TppCertificate.ps1 b/VenafiTppPS/Code/Public/Get-TppCertificate.ps1
@@ -13,7 +13,7 @@ TppObject which represents a unique object
 Path to the certificate object to retrieve
 
 .PARAMETER Format
-The format of the returned certificate.
+The format of the returned certificate.  Valid formats include Base64, Base64 (PKCS #8), DER, JKS, PKCS #7, PKCS #12.
 
 .PARAMETER OutPath
 Folder path to save the certificate to.  The name of the file will be determined automatically.
@@ -44,12 +44,10 @@ $certs | Get-TppCertificate -Format 'PKCS #7' -OutPath 'c:\temp'
 Get one or more certificates
 
 .EXAMPLE
-
 $certs | Get-TppCertificate -Format 'PKCS #7' -OutPath 'c:\temp' -IncludeChain
 Get one or more certificates with the certificate chain included
 
 .EXAMPLE
-
 $certs | Get-TppCertificate -Format 'PKCS #7' -OutPath 'c:\temp' -IncludeChain -FriendlyName 'MyFriendlyName'
 Get one or more certificates with the certificate chain included and friendly name attribute specified
 
@@ -86,8 +84,7 @@ function Get-TppCertificate {
         [ValidateScript( {
                 if ( $_ | Test-TppDnPath ) {
                     $true
-                }
-                else {
+                } else {
                     throw "'$_' is not a valid path"
                 }
             })]
@@ -103,8 +100,7 @@ function Get-TppCertificate {
         [ValidateScript( {
                 if (Test-Path $_ -PathType Container) {
                     $true
-                }
-                else {
+                } else {
                     Throw "Output path '$_' does not exist"
                 }
             })]
@@ -137,71 +133,64 @@ function Get-TppCertificate {
             Method     = 'Post'
             UriLeaf    = 'certificates/retrieve'
             Body       = @{
-                CertificateDN = $Path
-                Format        = $Format
+                Format = $Format
             }
         }
-    }
-
-    process {
-
-        if ( $PSBoundParameters.ContainsKey('InputObject') ) {
-            $path = $InputObject.Path
-        }
-
-        $params.Body.CertificateDN = $Path
 
         if ($IncludePrivateKey) {
 
             # validate format to be able to export the private key
-            if ( $Format -in @("Base64 (PKCS #8)", "DER", "PKCS #7") ) {
-                Write-Error "Format '$Format' does not support private keys"
-                Return
+            if ( $Format -in @("Base64", "DER", "PKCS #7") ) {
+                throw "Format '$Format' does not support private keys"
             }
 
-            $params.Body.Add('IncludePrivateKey', $true)
+            $params.Body.IncludePrivateKey = $true
             $plainTextPassword = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecurePassword))
-            $params.Body.Add('Password', $plainTextPassword)
+            $params.Body.Password = $plainTextPassword
         }
 
         if ($Format -in @("Base64 (PKCS #8)", "DER", "PKCS #7")) {
             if (-not ([string]::IsNullOrEmpty($FriendlyName))) {
-                Write-Error "Only Base64, JKS, PKCS #12 formats support FriendlyName parameter"
-                Return
+                throw "Only Base64, JKS, PKCS #12 formats support FriendlyName parameter"
             }
-        }
-        else {
+        } else {
             if ($Format -ieq 'JKS' -and [string]::IsNullOrEmpty($FriendlyName)) {
-                Write-Error "JKS format requires FriendlyName parameter to be set"
-                Return
+                throw "JKS format requires FriendlyName parameter to be set"
             }
         }
 
         if (-not [string]::IsNullOrEmpty($FriendlyName)) {
-            $params.Body.Add('FriendlyName', $FriendlyName)
+            $params.Body.FriendlyName = $FriendlyName
         }
 
         if ($IncludeChain) {
-            if ($Format -in @("Base64 (PKCS #8)", "DER"))
-            {
-                Write-Error "IncludeChain is only supported when Format is Base64, JKS, PKCS #7, or PKCS #12"
-                Return
+            if ( $Format -in @("Base64 (PKCS #8)", "DER") ) {
+                throw "IncludeChain is only supported when Format is Base64, JKS, PKCS #7, or PKCS #12"
             }
 
-            $params.Body.Add('IncludeChain', $true)
+            $params.Body.IncludeChain = $true
+        }
+
+    }
+
+    process {
+
+        if ( $PSBoundParameters.ContainsKey('InputObject') ) {
+            $path = $InputObject.Path
         }
 
+        $params.Body.CertificateDN = $Path
+
         $response = Invoke-TppRestMethod @params
 
         if ( $PSBoundParameters.ContainsKey('OutPath') ) {
             if ( $response.PSobject.Properties.name -contains "CertificateData" ) {
-                $outFile = join-path $OutPath ($response.FileName)
+                $outFile = Join-Path $OutPath ($response.FileName)
                 $bytes = [Convert]::FromBase64String($response.CertificateData)
                 [IO.File]::WriteAllBytes($outFile, $bytes)
-                write-verbose ('Saved {0} of format {1}' -f $outFile, $response.Format)
+                Write-Verbose ('Saved {0} of format {1}' -f $outFile, $response.Format)
             }
-        }
-        else {
+        } else {
             $response
         }
     }

diff --git a/VenafiTppPS/Code/Public/New-TppObject.ps1 b/VenafiTppPS/Code/Public/New-TppObject.ps1
@@ -102,8 +102,8 @@ function New-TppObject {
     }
 
     # ensure the parent folder exists
-    if ( -not (Test-TppObject -Path (Split-Path $Path -Parent) -ExistOnly -TppSession $TppSession) ) {
-        throw ("The parent folder, {0}, of your new object does not exist" -f (Split-Path $Path -Parent))
+    if ( -not (Test-TppObject -Path (Split-Path -Path $Path -Parent) -ExistOnly -TppSession $TppSession) ) {
+        throw ("The parent folder, {0}, of your new object does not exist" -f (Split-Path -Path $Path -Parent))
     }
 
     if ( $PSBoundParameters.ContainsKey('ProvisionCertificate') -and (-not $Attribute.Certificate) ) {

diff --git a/VenafiTppPS/Code/Public/Read-TppLog.ps1 b/VenafiTppPS/Code/Public/Read-TppLog.ps1
@@ -87,8 +87,7 @@ function Read-TppLog {
         [ValidateScript( {
                 if ( $_ | Test-TppDnPath ) {
                     $true
-                }
-                else {
+                } else {
                     throw "'$_' is not a valid DN path"
                 }
             })]
@@ -125,57 +124,65 @@ function Read-TppLog {
         [TppSession] $TppSession = $Script:TppSession
     )
 
-    $TppSession.Validate()
+    begin {
 
-    $params = @{
-        TppSession = $TppSession
-        Method     = 'Get'
-        UriLeaf    = 'Log'
-        Body       = @{ }
-    }
+        $TppSession.Validate()
 
-    switch ($PSBoundParameters.Keys) {
-        'InputObject' {
-            $params.Body.Add('Component', $InputObject.Path)
+        $params = @{
+            TppSession = $TppSession
+            Method     = 'Get'
+            UriLeaf    = 'Log'
+            Body       = @{ }
         }
 
-        'Path' {
-            $params.Body.Add('Component', $Path)
-        }
+        switch ($PSBoundParameters.Keys) {
 
-        'Severity' {
-            $params.Body.Add('Severity', $Severity)
-        }
+            'Severity' {
+                $params.Body.Add('Severity', $Severity)
+            }
 
-        'StartTime' {
-            $params.Body.Add('FromTime', ($StartTime | ConvertTo-UtcIso8601) )
-        }
+            'StartTime' {
+                $params.Body.Add('FromTime', ($StartTime | ConvertTo-UtcIso8601) )
+            }
 
-        'EndTime' {
-            $params.Body.Add('ToTime', ($EndTime | ConvertTo-UtcIso8601) )
-        }
+            'EndTime' {
+                $params.Body.Add('ToTime', ($EndTime | ConvertTo-UtcIso8601) )
+            }
 
-        'Text1' {
-            $params.Body.Add('Text1', $Text1)
-        }
+            'Text1' {
+                $params.Body.Add('Text1', $Text1)
+            }
 
-        'Text2' {
-            $params.Body.Add('Text2', $Text2)
-        }
+            'Text2' {
+                $params.Body.Add('Text2', $Text2)
+            }
 
-        'Value1' {
-            $params.Body.Add('Value1', $Value1)
-        }
+            'Value1' {
+                $params.Body.Add('Value1', $Value1)
+            }
 
-        'Value2' {
-            $params.Body.Add('Value2', $Value2)
-        }
+            'Value2' {
+                $params.Body.Add('Value2', $Value2)
+            }
 
-        'Limit' {
-            $params.Body.Add('Limit', $Limit)
+            'Limit' {
+                $params.Body.Add('Limit', $Limit)
+            }
         }
     }
 
-    Invoke-TppRestMethod @params | Select-Object -ExpandProperty LogEvents
+    process {
+
+        switch ($PSBoundParameters.Keys) {
+            'InputObject' {
+                $params.Body.Component = $InputObject.Path
+            }
 
+            'Path' {
+                $params.Body.Component = $Path
+            }
+        }
+
+        Invoke-TppRestMethod @params | Select-Object -ExpandProperty LogEvents
+    }
 }