capi-fpc

playing with crypto api aka capi. allowing one to export non exportable private key.

The following command line options are valid:

--export export to a pfx file, use store and fitler on subject or sha1
--force will hook cpexportkey to export non exportable pvk
--dumpcert dump from registry to a cer file, use store and sha1
--import import a cert from filename to store
--mkcert make a cert, read from store/subject for issuer, and cn
--enumcerts enumerate certificates in a store
--enumstores enumerate stores
--delete use store and filter on subject or sha1
--pvk2pem encode/convert a pvk to pem
--rsa2pvk export a decrypted rsa blob/raw capi key to pvk
--rsa2pem convert a decrypted rsa blob to a base64 pem
--der2pem convert a binary cert to base64 pem
--pem2der convert a base64 pem to der
--bin2base64 convert data to base64
--bin2hex convert data to hexadecimal
--hash hash data
--store= certificate store (default: MY)
--subject= subject used when exporting or deleting or making
--cn= used by mkcert (default: CN=localhost)
--sha1= sha1 used when exporting or deleting
--profile= user or machine (default: user)
--password= cert password
--filename= cert filename
--data= anything you want
--algo= SHA512 SHA284 SHA256 SHA1 MD5 MD4 MD2