Last active
February 19, 2018 07:32
-
-
Save imbushuo/4de89ad18a0f538d8ebd18bf6daca56a to your computer and use it in GitHub Desktop.
Generates certificate and installs it on your phone.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Param | |
| ( | |
| [switch] | |
| $InjectOnly, | |
| [Parameter(Mandatory=$True)] | |
| [string] | |
| $ImageDir, | |
| [string] | |
| $CertHash = $null | |
| ) | |
| Function Verify-Admin | |
| { | |
| ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") | |
| } | |
| # Requires admin credential | |
| if ((Verify-Admin) -ne $true) | |
| { | |
| Write-Warning "This utility requires Administator privileges. Please run the utility as Administrator." | |
| return | |
| } | |
| # Sanity check | |
| if ($InjectOnly -and ([string]::IsNullOrEmpty($CertHash))) | |
| { | |
| Write-Warning "CertHash is required in Inject-only scenario." | |
| return | |
| } | |
| if ($InjectOnly -ne $true) | |
| { | |
| # In this case, we will generate certificate and fill this variable in | |
| $CertHash = $null | |
| } | |
| $OfflineRegistryPath = [System.IO.Path]::Combine($ImageDir, "Windows", "System32", "config", "SOFTWARE") | |
| if ((Test-Path -Path $OfflineRegistryPath -ErrorAction SilentlyContinue) -ne $True) | |
| { | |
| Write-Warning "Unable to find system registry file in the target image." | |
| return | |
| } | |
| # Generate certificate if required | |
| if ($InjectOnly -ne $true) | |
| { | |
| Write-Host "Generating a self-signed certificate in computer's certificate store." | |
| $CurrentTicks = (Get-Date).Ticks | |
| $CertSubject = "CN=Windows RT Driver Test Signing ($($CurrentTicks))" | |
| $Cert = New-SelfSignedCertificate -Type CodeSigningCert -Subject $CertSubject -CertStoreLocation "Cert:\LocalMachine\My" -KeyAlgorithm RSA -KeyLength 2048 -HashAlgorithm SHA256 -KeyExportPolicy Exportable -ErrorAction Stop | |
| $CertHash = $Cert.Thumbprint | |
| } | |
| else | |
| { | |
| Write-Host "Attempt to retrieve certificate with fingerprint $($CertHash)." | |
| $Cert = Get-ChildItem "Cert:\LocalMachine\My\$($CertHash)" -ErrorAction SilentlyContinue | |
| if ($Cert -eq $null) | |
| { | |
| Write-Warning "Unable to find certificate with the given fingerprint. Certificate should be placed in machine's personal certificate store." | |
| return | |
| } | |
| } | |
| # Enable trust relationship | |
| Write-Host "Enabling trust relationship for the certificate on this machine." | |
| Move-Item "Cert:\LocalMachine\My\$($CertHash)" "Cert:\LocalMachine\Root\$($CertHash)" -ErrorAction Stop | |
| # Create temporary work file | |
| $ExportedRegistryFile = New-TemporaryFile -ErrorAction Stop | |
| # Export registry | |
| $RegistryPath = "HKLM\SOFTWARE\Microsoft\SystemCertificates\Root\Certificates\$($Cert.Thumbprint)" | |
| reg export $RegistryPath $ExportedRegistryFile.FullName /y | |
| if (-not $?) | |
| { | |
| Write-Error "Exporting registry key failed." | |
| return $? | |
| } | |
| # Apply settings to Windows RT system image | |
| $MountKey = New-Guid | |
| $TargetRegistryFile = New-TemporaryFile -ErrorAction Stop | |
| $PTargetRegistryFile = New-TemporaryFile -ErrorAction Stop | |
| Get-Content -Path $ExportedRegistryFile.FullName -ErrorAction Stop | ForEach-Object { $_ -Replace "HKEY_LOCAL_MACHINE\\SOFTWARE", "HKEY_LOCAL_MACHINE\$($MountKey)" } | Set-Content $TargetRegistryFile.FullName -Force -ErrorAction Stop | |
| Get-Content -Path $TargetRegistryFile.FullName -ErrorAction Stop | ForEach-Object { $_ -Replace "Root", "TrustedPublisher" } | Set-Content $PTargetRegistryFile.FullName -Force -ErrorAction Stop | |
| # Mount target registry file | |
| reg load "HKLM\$($MountKey)" $OfflineRegistryPath | |
| if (-not $?) | |
| { | |
| Write-Error "Mounting registry key failed." | |
| return $? | |
| } | |
| # Import target registry file | |
| reg import $TargetRegistryFile.FullName | |
| if (-not $?) | |
| { | |
| Write-Error "Importing registry key failed." | |
| return $? | |
| } | |
| reg import $PTargetRegistryFile.FullName | |
| if (-not $?) | |
| { | |
| Write-Error "Importing registry key failed." | |
| return $? | |
| } | |
| # Unmount target registry file | |
| reg unload "HKLM\$($MountKey)" | |
| if (-not $?) | |
| { | |
| Write-Error "Unmounting registry key failed." | |
| return $? | |
| } | |
| # Remove temporary file | |
| Remove-Item -Path $ExportedRegistryFile.FullName -ErrorAction SilentlyContinue | |
| Remove-Item -Path $TargetRegistryFile.FullName -ErrorAction SilentlyContinue | |
| Remove-Item -Path $PTargetRegistryFile.FullName -ErrorAction SilentlyContinue | |
| # Revoke trust relationship | |
| Write-Host "Revoking trust relationship for the certificate on this machine." | |
| Move-Item "Cert:\LocalMachine\Root\$($CertHash)" "Cert:\LocalMachine\My\$($CertHash)" -ErrorAction Stop | |
| # Output final conclusion | |
| Write-Host "Offline certificate injection completed. Sign drivers with certificate $($CertHash), located in machine's personal store." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment