Microsoft.PowerShell.Security

A strongly-typed resource class, for looking up localized strings, etc.

constructor

Returns the cached ResourceManager instance used by this class.

Overrides the current threads CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Enter password:

Looks up a localized string similar to Command cannot find any of the specified files.

Looks up a localized string similar to The following file could not be found: {0}.

A strongly-typed resource class, for looking up localized strings, etc.

constructor

Returns the cached ResourceManager instance used by this class.

Overrides the current threads CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to X509 Certificate Provider

Looks up a localized string similar to Cannot find the X509 certificate at path {0}.

Looks up a localized string similar to Cannot find the X509 certificate store at path {0}.

Looks up a localized string similar to Cannot find the certificate store because the specified X509 store location {0} is not valid.

Looks up a localized string similar to Cannot process the path because path {0} is not a valid certificate provider path.

Looks up a localized string similar to Move certificate

Looks up a localized string similar to Remove certificate

Looks up a localized string similar to Remove certificate and its private key.

Looks up a localized string similar to Invoke Certificate Manager

Looks up a localized string similar to Item: {0} Destination: {1}

Looks up a localized string similar to You cannot move a certificate container.

Looks up a localized string similar to You cannot move a certificate from user store to or from machine.

Looks up a localized string similar to You cannot move a certificate to the same store.

Looks up a localized string similar to You cannot create an item other than certificate store.

Looks up a localized string similar to Creating certificate stores under CurrentUser is not supported.

Looks up a localized string similar to Deleting certificate stores under CurrentUser is not supported.

Looks up a localized string similar to The destination is not a valid store.

Looks up a localized string similar to Item: {0}

Looks up a localized string similar to The store {0} is a built-in system store and cannot be deleted.

Looks up a localized string similar to You cannot remove a certificate container.

Looks up a localized string similar to Private key skipped. The certificate has no private key association.

Looks up a localized string similar to The operation is on user root store and UI is not allowed.

Looks up a localized string similar to . The following error may be a result of user credentials required on the remote machine. See Enable-WSManCredSSP Cmdlet help on how to enable and use CredSSP for delegation with PowerShell remoting.

A strongly-typed resource class, for looking up localized strings, etc.

constructor

Returns the cached ResourceManager instance used by this class.

Overrides the current threads CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to The path '{0}' must refer to a single file system path.

Looks up a localized string similar to Cannot unprotect message. The input contained no encrypted content.

Looks up a localized string similar to Cannot unprotect message. The input contained no encrypted content. Specify the '{0}' parameter if you wish to output the original content when no encrypted content is detected.

A strongly-typed resource class, for looking up localized strings, etc.

constructor

Returns the cached ResourceManager instance used by this class.

Overrides the current threads CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to PowerShell updated your execution policy successfully, but the setting is overridden by a policy defined at a more specific scope. Due to the override, your shell will retain its current effective execution policy of {0}. Type "Get-ExecutionPolicy -List" to view your execution policy settings. For more information please see "Get-Help Set-ExecutionPolicy".

Looks up a localized string similar to Contact your system administrator.

Looks up a localized string similar to Cannot get execution policy. Specify only the List or Scope parameters.

Looks up a localized string similar to Cannot set execution policy. Execution policies at the MachinePolicy or UserPolicy scopes must be set through Group Policy.

Looks up a localized string similar to Execution Policy Change

Looks up a localized string similar to The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose you to the security risks described in the about_Execution_Policies help topic at https://go.microsoft.com/fwlink/?LinkID=135170. Do you want to change the execution policy?

Looks up a localized string similar to {0} To change the execution policy for the default (LocalMachine) scope, start PowerShell with the "Run as administrator" option. To change the execution policy for the current user, run "Set-ExecutionPolicy -Scope CurrentUser".

A strongly-typed resource class, for looking up localized strings, etc.

constructor

Returns the cached ResourceManager instance used by this class.

Overrides the current threads CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Enter secret:

Looks up a localized string similar to The system cannot protect plain text input. To suppress this warning and convert the plain text to a SecureString, reissue the command specifying the Force parameter. For more information, type: get-help ConvertTo-SecureString.

A strongly-typed resource class, for looking up localized strings, etc.

constructor

Returns the cached ResourceManager instance used by this class.

Overrides the current threads CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Cannot sign code. The specified certificate is not suitable for code signing.

Looks up a localized string similar to The Get-AuthenticodeSignature cmdlet does not support directories. Supply a path to a file and retry.

Looks up a localized string similar to File {0} was not found.

A strongly-typed resource class, for looking up localized strings, etc.

constructor

Returns the cached ResourceManager instance used by this class.

Overrides the current threads CurrentUICulture property for all resource lookups using this strongly typed resource class.

Looks up a localized string similar to Cannot digitally sign file because file {0} is smaller than 4 bytes in size. Files must be at least 4 bytes in order to be digitally signed.

Looks up a localized string similar to Cannot perform the operation because it is not supported on the object found in path {0}.

Looks up a localized string similar to Cannot get the ACL because the necessary method, GetSecurityDescriptor, does not exist.

Looks up a localized string similar to Cannot set the ACL because the method that it needs to invoke, SetSecurityDescriptor, does not exist.

Looks up a localized string similar to Could not perform operation because an exception was thrown during method invoke.

Looks up a localized string similar to Could not create a SACL with the specified central access policy.

Looks up a localized string similar to Could not create an empty SACL.

Looks up a localized string similar to Could not enable SeSecurityPrivilege.

Looks up a localized string similar to Could not set central access policy.

Looks up a localized string similar to ClearCentralAccessPolicy and CentralAccessPolicy parameters cannot be used at the same time.

Looks up a localized string similar to Central Access Policy identifier or name is not valid. If specifying an identifier, it must begin with S-1-17. If specifying a name, the policy must be applied on the target machine.

Looks up a localized string similar to PowerShell credential request

Looks up a localized string similar to Enter your credentials.

Defines the base class from which all Security Descriptor commands are derived.

Gets or sets the filter property. The filter property allows for provider-specific filtering of results.

Gets or sets the include property. The include property specifies the items on which the command will act.

Gets or sets the exclude property. The exclude property specifies the items on which the command will not act.

The context for the command that is passed to the core command providers.

Add brokered properties for easy access to important properties of security descriptor.

Gets the Path of the provided PSObject.

The PSObject for which to obtain the path. The path of the provided PSObject.

Gets the Owner of the provided PSObject.

The PSObject for which to obtain the Owner. The Owner of the provided PSObject.

Gets the Group of the provided PSObject.

The PSObject for which to obtain the Group. The Group of the provided PSObject.

Gets the access rules of the provided PSObject.

The PSObject for which to obtain the access rules. The access rules of the provided PSObject.

Gets the audit rules of the provided PSObject.

The PSObject for which to obtain the audit rules. The audit rules of the provided PSObject.

Gets the central access policy ID of the provided PSObject.

The PSObject for which to obtain the central access policy ID. The central access policy ID of the provided PSObject.

Gets the security descriptor (in SDDL form) of the provided PSObject. SDDL form is the Security Descriptor Definition Language.

The PSObject for which to obtain the security descriptor. The security descriptor of the provided PSObject, in SDDL form.

The filter to be used to when globbing to get the item.

The glob string used to determine which items are included.

The glob string used to determine which items are excluded.

Defines the implementation of the 'get-acl' cmdlet. This cmdlet gets the security descriptor of an item at the specified path.

Initializes a new instance of the GetAclCommand class. Sets the default path to the current location.

Gets or sets the path of the item for which to obtain the security descriptor. Default is the current location.

InputObject Parameter Gets or sets the inputObject for which to obtain the security descriptor.

Gets or sets the literal path of the item for which to obtain the security descriptor. Default is the current location.

Gets or sets the audit flag of the command. This flag determines if audit rules should also be retrieved.

Parameter '-AllCentralAccessPolicies' is not supported in OneCore powershell, because function 'LsaQueryCAPs' is not available in OneCoreUAP and NanoServer.

Processes records from the input pipeline. For each input file, the command retrieves its corresponding security descriptor.

Defines the implementation of the 'set-acl' cmdlet. This cmdlet sets the security descriptor of an item at the specified path.

Gets or sets the path of the item for which to set the security descriptor.

InputObject Parameter Gets or sets the inputObject for which to set the security descriptor.

Gets or sets the literal path of the item for which to set the security descriptor.

Gets or sets the security descriptor object to be set on the target item(s).

Parameter '-CentralAccessPolicy' is not supported in OneCore powershell, because function 'LsaQueryCAPs' is not available in OneCoreUAP and NanoServer.

Clears the central access policy applied on the target item(s).

Gets or sets the Passthru flag for the operation. If true, the security descriptor is also passed down the output pipeline.

Returns a newly allocated SACL with no ACEs in it. Free the returned SACL by calling Marshal.FreeHGlobal.

Returns a newly allocated SACL with the supplied CAPID in it. Free the returned SACL by calling Marshal.FreeHGlobal.

Function 'LsaQueryCAPs' is not available in OneCoreUAP and NanoServer. So the parameter "-CentralAccessPolicy" is not supported on OneCore powershell, and thus this method won't be hit in OneCore powershell.

Returns the current thread or process token with the specified privilege enabled and the previous state of this privilege. Free the returned token by calling NativeMethods.CloseHandle.

Processes records from the input pipeline. For each input file, the command sets its security descriptor to the specified Access Control List (ACL).

Defines the base class from which all catalog commands are derived.

Path of folder/file to generate or validate the catalog file.

Path of folder/file to generate or validate the catalog file.

Initializes a new instance of the CatalogCommandsBase class, using the given command name.

The name of the command.

Processes records from the input pipeline. For each input object, the command either generate the Catalog or Validates the existing Catalog.

Performs the action i.e. Generate or Validate the Windows Catalog File.

The name of the Folder or file on which to perform the action. Path to Catalog

Defines the implementation of the 'New-FileCatalog' cmdlet. This cmdlet generates the catalog for File or Folder.

Initializes a new instance of the New-FileCatalog class.

Catalog version.

Generate the Catalog for the Path.

File or Folder Path Path to Catalog True if able to Create Catalog or else False

Defines the implementation of the 'Test-FileCatalog' cmdlet. This cmdlet validates the Integrity of catalog.

Initializes a new instance of the New-FileCatalog class.

Patterns used to exclude files from DiskPaths and Catalog.

Validate the Integrity of given Catalog.

File or Folder Path Path to Catalog True if able to Validate the Catalog and its not tampered or else False

Defines the implementation of the get-pfxcertificate cmdlet.

Gets or sets the path of the item for which to obtain the certificate.

Gets or sets the literal path of the item for which to obtain the certificate.

Gets or sets the password for unlocking the certificate.

Do not prompt for password if not given.

Initializes a new instance of the GetPfxCertificateCommand class.

Processes records from the input pipeline. For each input file, the command retrieves its corresponding certificate.

Defines the Certificate Provider dynamic parameters. We only support one dynamic parameter for Win 7 and earlier: CodeSigningCert If provided, we only return certificates valid for signing code or scripts.

Gets or sets a switch that controls whether we only return code signing certs.

Gets or sets a filter that controls whether we only return data encipherment certs.

Gets or sets a filter that controls whether we only return server authentication certs.

Gets or sets a filter by DNSName. Expected content is a single DNS Name that may start and/or end with '*': "contoso.com" or "*toso.c*". All WildcardPattern class features supported.

Gets or sets a filter by EKU. Expected content is one or more OID strings: "1.3.6.1.5.5.7.3.1", "*Server*", etc. For a cert to match, it must be valid for all listed OIDs. All WildcardPattern class features supported.

Gets or sets a filter by the number of valid days. Expected content is a non-negative integer. "0" matches all certs that have already expired. "1" matches all certs that are currently valid and will expire by next day (local time).

Defines the type of DNS string The structure contains punycode name and unicode name.

Punycode version of DNS name.

Unicode version of DNS name.

Ambiguous constructor of a DnsNameRepresentation.

Specific constructor of a DnsNameRepresentation.

Value comparison.

Get property of Punycode.

Get property of Unicode.

Get display string.

Defines the Certificate Provider remove-item dynamic parameters. Currently, we only support one dynamic parameter: DeleteKey If provided, we will delete the private key when we remove a certificate.

Switch that controls whether we should delete private key when remove a certificate.

Defines the safe handle class for native cert store handles, HCERTSTORE.

Defines the Certificate Provider store handle class.

Initializes a new instance of the X509NativeStore class.

Native IntPtr store handle.

X509StoreLocation store location.

String store name.

True if a real store is open.

Defines the types of items supported by the certificate provider.

An unknown item.

An X509 Certificate.

A certificate store location. For example, cert:\CurrentUser.

A certificate store. For example, cert:\CurrentUser\My.

Defines the implementation of a Certificate Store Provider. This provider allows for stateless namespace navigation of the computer's certificate store.

Tracer for certificate provider.

Indicate if we already have attempted to load the PKI module.

Lock that guards access to the following static members -- storeLocations -- pathCache.

List of store locations. They do not change once initialized. Synchronized on staticLock.

Cache that stores paths and their associated objects. key is full path to store-location/store/certificate value is X509StoreLocation/X509NativeStore/X509Certificate2 object Synchronized on staticLock.

We allow either / or \ to be the path separator.

Regex pattern that defines a valid cert path.

Cache the store handle to avoid repeated CertOpenStore calls.

On demand create the Regex to avoid a hit to startup perf.

Note, its OK that staticLock is being used here because only IsValidPath is calling this static property so we shouldn't have any deadlocks due to other locked static members calling this property.

Initializes a new instance of the CertificateProvider class. This initializes the default certificate store locations.

Removes an item at the specified path.

The path of the item to remove. Recursively remove. Nothing. path is null or empty. destination is null or empty.

Gets the dynamic parameters for remove-item on the Certificate Provider. We currently only support one dynamic parameter, "DeleteKey," that delete private key when we delete a certificate.

If the path was specified on the command line, this is the path to the item for which to get the dynamic parameters. Ignored. An object that has properties and fields decorated with parsing attributes similar to a cmdlet class.

Moves an item at the specified path to the given destination.

The path of the item to move. The path of the destination. Nothing. Moved items are written to the context's pipeline. path is null or empty. destination is null or empty.

Creates a certificate store with the given path.

New-Item doesn't go through the method "ItemExists". But for the CertificateProvider, New-Item can create an X509Store and return it, and the user can access the certificates within the store via its property "Certificates". We want the extra new properties of the X509Certificate2 objects to be shown to the user, so we also need to import the PKI module in this method, if we haven't tried it yet. The path of the certificate store to create. Ignored. Only support store. Ignored Nothing. The new certificate store object is written to the context's pipeline. path is null or empty.

Initializes the cert: drive.

A collection that contains the PSDriveInfo object that represents the cert: drive.

Determines if the item at the given path is a store-location or store with items in it.

The full path to the item. True if the path refers to a store location, or store that contains certificates. False otherwise. Path is null This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Some example reasons include: -- certificate is invalid -- certificate has no private key -- certificate password mismatch

Determines if the specified path is syntactically and semantically valid. An example path looks like this: cert:\CurrentUser\My\5F98EBBFE735CDDAE00E33E0FD69050EF9220254.

The path of the item to check. True if the path is valid, false otherwise.

Determines if the store location, store, or certificate exists at the specified path.

The method ItemExists will be hit by all built-in cmdlets that interact with the CertificateProvider except for the New-Item. They are: Get-ChildItem Set-Location Push-Location Pop-Location Move-Item Invoke-Item Get-Item Remove-Item So we import the PKI module in this method if we haven't tried yet. The path of the item to check. True if a the store location, store, or certificate exists at the specified path. False otherwise. Path is null This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Gets the store location, store, or certificate at the specified path.

The path of the item to retrieve. Path is null This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Gets the parent of the given path.

The path of which to get the parent. The root of the drive. The parent of the given path.

Gets the name of the leaf element of the specified path.

The fully qualified path to the item. The leaf element of the specified path.

We want to import the PKI module explicitly because a type for X509Certificate is defined in the PKI module that add new properties to the X509Certificate2 objects. We want to show those new properties to the user without requiring someone to force the loading of this module.

Invokes the certificate management UI (certmgr.msc) for any path.

Ignored.

Delete private key.

Key prov info. No return.

Delete the cert store; if -DeleteKey is specified, we also delete the associated private key.

The store name. Boolean to specify whether or not to delete private key. Source path. No return.

Delete the a single cert from the store; if -DeleteKey is specified, we also delete the associated private key.

An X509Certificate2 object. Boolean to specify whether or not to delete private key. Machine context or user. Source path. No return.

Delete the cert from the store; if -DeleteKey is specified, we also delete the associated private key.

An X509Certificate2 object. Boolean to specify whether or not to delete private key. Machine context or user. Source path. No return.

Commit store for UserDS store.

An IntPtr for store handle. No return.

Delete the cert from the original store and add to the destination store.

Destination path. An X509Certificate2. An X509NativeStore. Source path. No return.

Fetches the store-location/store/certificate at the specified path.

Path to the item. True if this is to only for an ItemExists call. Returns True / False. Set to true if item exists and is a container. Item at the path.

Gets the child items of a given store, or location.

The full path of the store or location to enumerate. If true, recursively enumerates the child items as well. Path is null or empty. This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Gets the child names of a given store, or location.

The full path of the store or location to enumerate. Determines if all containers should be returned or only those containers that match the filter(s). Path is null or empty. This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Determines if the item at the specified path is a store or location.

True if the item at the specified path is a store or location. False otherwise. Path is null or empty. This exception can be thrown if any cryptographic error occurs. It is not possible to know exactly what went wrong. This is because of the way CryptographicException is designed. Possible reasons: -- certificate is invalid -- certificate has no private key -- certificate password mismatch -- etc

Gets the dynamic parameters for get-item on the Certificate Provider. We currently support the following dynamic parameters: "CodeSigning," that returns only certificates good for signing code or scripts.

If the path was specified on the command line, this is the path to the item for which to get the dynamic parameters. An object that has properties and fields decorated with parsing attributes similar to a cmdlet class.

Gets the dynamic parameters for get-childitem on the Certificate Provider. We currently only support one dynamic parameter, "CodeSigning," that returns only certificates good for signing code or scripts.

If the path was specified on the command line, this is the path to the item for which to get the dynamic parameters. Ignored. An object that has properties and fields decorated with parsing attributes similar to a cmdlet class.

Helper function to get store-location/store/cert at the specified path.

Path to the item. Whether we need to recursively find all. Determines if all containers should be returned or only those containers that match the filter(s). Whether we only need the names. Filter info. Does not return a value.

Get the name of the specified certificate.

Cert name . we use Thumbprint as the name

Get cert objects or their name at the specified path.

Path to cert. Path elements. Whether we should return only the names (instead of objects). Filter info. Does not return a value.

Get X509StoreLocation object at path.

X509StoreLocation object.

Get the X509NativeStore object at path.

Path to store. True if this should be a test for path existence. Returns True or False. Path elements. X509NativeStore object.

Gets the X509NativeStore at the specified path. Adds to cache if not already there.

Path to the store. Name of store (path leaf element). Location of store (CurrentUser or LocalMachine). X509NativeStore object.

Gets X509NativeStore objects or their name at the specified path.

Path to the store. Recursively return all items if true. Filter info. Does not return a value.

Check if the specified certificate has the name in DNS name list.

Certificate object. Wildcard pattern for DNS name to search. True on success, false otherwise.

Check if the specified certificate is a server authentication certificate.

Certificate object. True on success, false otherwise.

Check if the specified certificate contains EKU matching all of these patterns.

Certificate object. EKU patterns. True on success, false otherwise.

Get provider-specific help.

Name of help item or cmdlet for which user has requested help Path to the current location or path to the location of the property that the user needs help about. Provider specific MAML help content string

Defines a class to represent a store location in the certificate provider. The two possible store locations are CurrentUser and LocalMachine.

Gets the location, as a string.

Gets the location as a

Gets the list of stores at this location.

Initializes a new instance of the X509StoreLocation class.

Defines the type of EKU string The structure contains friendly name and EKU oid.

Localized friendly name of EKU.

OID of EKU.

Constructor of an EnhancedKeyUsageRepresentation.

Value comparison.

Get property of friendlyName.

Get property of oid.

Get display string.

Class for SendAsTrustedIssuer.

Get property of SendAsTrustedIssuer.

Set property of SendAsTrustedIssuer.

Class for ekulist.

Get property of EKUList.

Constructor for EnhancedKeyUsageProperty.

Class for DNSNameList.

Get property of DnsNameList.

Constructor for DnsNameProperty.

Downlevel helper function to determine if the OS is WIN8 and above.

Check in UI is allowed.

Container for helper functions that use pinvoke into crypt32.dll.

Lock that guards access to the following static members -- storeNames.

Get a list of store names at the specified location.

Call back function used by CertEnumSystemStore Currently, there is no managed support for enumerating store names on a machine. We use the win32 function CertEnumSystemStore() to get a list of stores for a given context. Each time this callback is called, we add the passed store name to the list of stores.

Defines the base class for exceptions thrown by the certificate provider when the specified item cannot be located.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the default message.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the specified message.

The message to be included in the exception.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the specified message, and inner exception.

The message to be included in the exception. The inner exception to be included in the exception.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the specified serialization information, and context.

The serialization information. The streaming context.

Initializes a new instance of the CertificateProviderItemNotFoundException class with the specified inner exception.

The inner exception to be included in the exception.

Defines the exception thrown by the certificate provider when the specified X509 certificate cannot be located.

Initializes a new instance of the CertificateNotFoundException class with the default message.

Initializes a new instance of the CertificateNotFoundException class with the specified message.

The message to be included in the exception.

Initializes a new instance of the CertificateNotFoundException class with the specified message, and inner exception.

The message to be included in the exception. The inner exception to be included in the exception.

Initializes a new instance of the CertificateNotFoundException class with the specified serialization information, and context.

The serialization information. The streaming context.

Initializes a new instance of the CertificateNotFoundException class with the specified inner exception.

The inner exception to be included in the exception.

Defines the exception thrown by the certificate provider when the specified X509 store cannot be located.

Initializes a new instance of the CertificateStoreNotFoundException class with the default message.

Initializes a new instance of the CertificateStoreNotFoundException class with the specified serialization information, and context.

The serialization information. The streaming context.

Initializes a new instance of the CertificateStoreNotFoundException class with the specified message.

The message to be included in the exception.

Initializes a new instance of the CertificateStoreNotFoundException class with the specified message, and inner exception.

The message to be included in the exception. The inner exception to be included in the exception.

Initializes a new instance of the CertificateStoreNotFoundException class with the specified inner exception.

The inner exception to be included in the exception.

Defines the exception thrown by the certificate provider when the specified X509 store location cannot be located.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the default message.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the specified serialization information, and context.

The serialization information. The streaming context.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the specified message.

The message to be included in the exception.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the specified message, and inner exception.

The message to be included in the exception. The inner exception to be included in the exception.

Initializes a new instance of the CertificateStoreLocationNotFoundException class with the specified inner exception.

The inner exception to be included in the exception.

Defines the implementation of the 'Protect-CmsMessage' cmdlet. This cmdlet generates a new encrypted CMS message given the recipient and content supplied.

Gets or sets the recipient of the CMS Message.

Gets or sets the content of the CMS Message.

Gets or sets the content of the CMS Message by path.

Gets or sets the content of the CMS Message by literal path.

Emits the protected message to a file path.

Validate / convert arguments.

Processes records from the input pipeline. For each input object, the command encrypts and exports the object.

Encrypts and outputs the message.

Defines the implementation of the 'Get-CmsMessage' cmdlet. This cmdlet retrieves information about an encrypted CMS message.

Gets or sets the content of the CMS Message.

Gets or sets the CMS Message by path.

Gets or sets the CMS Message by literal path.

Validate / convert arguments.

Processes records from the input pipeline. For each input object, the command gets the information about the protected message and exports the object.

Gets the CMS Message object.

Defines the implementation of the 'Unprotect-CmsMessage' cmdlet. This cmdlet retrieves the clear text content of an encrypted CMS message.

Gets or sets the content of the CMS Message.

Gets or sets the Windows Event Log Message with contents to be decrypted.

Gets or sets the CMS Message by path.

Gets or sets the CMS Message by literal path.

Determines whether to include the decrypted content in its original context, rather than just output the decrypted content itself.

Gets or sets the recipient of the CMS Message.

Validate / convert arguments.

Processes records from the input pipeline. For each input object, the command gets the information about the protected message and exports the object.

Processes records from the input pipeline. For each input object, the command gets the information about the protected message and exports the object.

Defines the implementation of the 'get-credential' cmdlet. The get-credential Cmdlet establishes a credential object called a PSCredential, by pairing a given username with a prompted password. That credential object can then be used for other operations involving security.

The Credential parameter set name.

The Message parameter set name.

Gets or sets the underlying PSCredential of the instance.

Gets and sets the user supplied message providing description about which script/function is requesting the PSCredential from the user.

Gets and sets the user supplied username to be used while creating the PSCredential.

Gets and sets the title on the window prompt.

Initializes a new instance of the GetCredentialCommand class.

The command outputs the stored PSCredential.

Defines the implementation of the 'Get-ExecutionPolicy' cmdlet. This cmdlet gets the effective execution policy of the shell. In priority-order (highest priority first,) these come from: - Machine-wide Group Policy - Current-user Group Policy - Current session preference - Current user machine preference - Local machine preference.

Gets or sets the scope of the execution policy.

Gets or sets the List parameter, which lists all scopes and their execution policies.

Outputs the execution policy.

Defines the implementation of the 'Set-ExecutionPolicy' cmdlet. This cmdlet sets the local preference for the execution policy of the shell. The execution policy may be overridden by settings in Group Policy. If the Group Policy setting overrides the desired behaviour, the Cmdlet generates a terminating error.

Gets or sets the execution policy that the user requests.

Gets or sets the scope of the execution policy.

Specifies whether to force the execution policy change.

Sets the execution policy (validation).

Set the desired execution policy.

Defines the base class from which all SecureString commands are derived.

Gets or sets the secure string to be used by the get- and set- commands.

Initializes a new instance of the SecureStringCommandBase class.

The command name deriving from this class

Defines the base class from which all SecureString import and export commands are derived.

Initializes a new instance of the ConvertFromToSecureStringCommandBase class.

Gets or sets the SecureString version of the encryption key used by the SecureString cmdlets.

Gets or sets the byte version of the encryption key used by the SecureString cmdlets.

Defines the implementation of the 'ConvertFrom-SecureString' cmdlet. This cmdlet exports a new SecureString -- one that represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. When no key is specified, the command uses the DPAPI to encrypt the string. When a key is specified, the command uses the AES algorithm to encrypt the string.

Initializes a new instance of the ExportSecureStringCommand class.

Gets or sets the secure string to be exported.

Gets or sets a switch to get the secure string as plain text.

Processes records from the input pipeline. For each input object, the command encrypts and exports the object.

Defines the implementation of the 'ConvertTo-SecureString' cmdlet. This cmdlet imports a new SecureString from encrypted data -- one that represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. When no key is specified, the command uses the DPAPI to decrypt the data. When a key is specified, the command uses the AES algorithm to decrypt the data.

Initializes a new instance of the ImportSecureStringCommand class.

Gets or sets the unsecured string to be imported.

Gets or sets the flag that marks the unsecured string as a plain text string.

Gets or sets the flag that will force the import of a plaintext unsecured string.

Processes records from the input pipeline. For each input object, the command decrypts the data, then exports a new SecureString created from the object.

Defines the base class from which all signature commands are derived.

Gets or sets the path to the file for which to get or set the digital signature.

Gets or sets the literal path to the file for which to get or set the digital signature.

Gets or sets the digital signature to be written to the output pipeline.

Gets or sets the file type of the byte array containing the content with digital signature.

File contents as a byte array.

Initializes a new instance of the SignatureCommandsBase class, using the given command name.

The name of the command.

Processes records from the input pipeline. For each input object, the command gets or sets the digital signature on the object, and and exports the object.

Performs the action (ie: get signature, or set signature) on the specified file.

The name of the file on which to perform the action.

Performs the action (ie: get signature, or set signature) on the specified contents.

The filename used for type if content is specified. The file contents on which to perform the action.

Defines the implementation of the 'get-AuthenticodeSignature' cmdlet. This cmdlet extracts the digital signature from the given file.

Initializes a new instance of the GetSignatureCommand class.

Gets the signature from the specified file.

The name of the file on which to perform the action. The signature on the specified file.

Gets the signature from the specified file contents.

The file type associated with the contents. The contents of the file on which to perform the action. The signature on the specified file contents.

Defines the implementation of the 'set-AuthenticodeSignature' cmdlet. This cmdlet sets the digital signature on a given file.

Initializes a new instance of the SetAuthenticodeSignatureCommand class.

Gets or sets the certificate with which to sign the file.

Gets or sets the additional certificates to include in the digital signature. Use 'signer' to include only the signer's certificate. Use 'notroot' to include all certificates in the certificate chain, except for the root authority. Use 'all' to include all certificates in the certificate chain. Defaults to 'notroot'.

Gets or sets the Url of the time stamping server. The time stamping server certifies the exact time that the certificate was added to the file.

Gets or sets the hash algorithm used for signing. This string value must represent the name of a Cryptographic Algorithm Identifier supported by Windows.

Property that sets force parameter.

Sets the digital signature on the specified file.

The name of the file on which to perform the action. The signature on the specified file.

Not implemented.

Association between SigningOption.* values and the corresponding string names.

Get SigningOption value corresponding to a string name.

Name of option. SigningOption.

Gets the size of a file.

Path to file. File size.

Present a prompt for a SecureString data.

Ref to host ui interface. Prompt text. user input as secure string.

Resource string. Error identifier. Replacement params for resource string formatting.

Path that was not found. Error identifier. ErrorRecord instance.

Create an error record for 'operation not supported' condition.

Resource string. Error identifier. Replacement params for resource string formatting.

Create an error record for 'operation not supported' condition.

Exception to include in ErrorRecord. Error identifier.

Convert the specified provider path to a provider path and make sure that all of the following is true: -- it represents a FileSystem path -- it points to a file -- the file exists.

Cmdlet instance. Provider path. filesystem path if all conditions are true, null otherwise