search

microsoft / Intune-Resource-Access

Sample code and scripts for interfacing with the Intune Resource Access APIs.
MIT License
55 stars 59 forks source link

Public key format #59

Closed pelegrim closed 4 years ago

pelegrim commented 4 years ago

Hi. Is it possible to extract Public Key from encProvider in pem format?

darba commented 4 years ago

I am assuming that you are talking about the PFX import public key that is used to encrypt the PFX passwords before they are uploaded to Intune.

In the provided scripts, you cannot currently export the public key in PEM format. Right now the Export-IntunePublicKey and the New-IntuneUserPfxCertificate cmdlets write out and read the raw RSA public key blob in bytes.

It may be possible to base64 encode the blobs and add the header and footer for the PEM file, but you would have to make sure the RSA blob format translates correctly to the ASN.1 format that would be encoded in the PEM.

darba commented 4 years ago

You can also use "certutil" to convert the raw byte file of the RSA blob into PEM. The command looks something like this:

certutil -encode {rawbyteinputfile} {pemoutputfile.pem}

https://www.sysadmins.lv/blog-en/certutil-tips-and-tricks-working-with-x509-file-format.aspx