v1.1.1

Added support for RSA certificates that use a CNG (Crypto Next Generation) key storage provider.

Version 1.1

Adds support for passing X509Certificate2 objects directly, instead of requiring the certificates to be installed in a store on the local machine and referenced by Thumbprint. This allows data to be encrypted / decrypted via certificates stored in files on disk.

Adds a -UseLegacyPadding to the Protect-Data and Add-ProtectedDataCredential commands which causes certificate-based encryption to use PKCS#1 v1.5 padding instead of OAEP. I had received bug reports that some certificates don't work with OAEP.

Also includes some small performance enhancements when using certificate thumbprints and the Get-KeyEncryptionCertificate command, particularly when the -RequirePrivateKey switch is used.

Small bug fix

Bug fix

Previous commit had a but that would output the wrong error (partial) error message, then send an unwanted string down the Output stream.

Initial release

I haven't received much feedback on the pre-release versions of this, and haven't done much work on it recently, so I guess it's time to just call this v1.0.