Powershell slightly expand ek retrieval and dont use wmic

iadgovuser29 · iadgovuser29 · commit 6c21a3aa49ae · 2025-04-11T10:58:15.000-04:00
diff --git a/scripts/windows/allcomponents.ps1 b/scripts/windows/allcomponents.ps1
@@ -864,7 +864,10 @@ $componentArray=(jsonComponentArray "$componentChassis" "$componentBaseboard" "$
 
 ### Gather property details
 Write-Progress -Id 1 -Activity "Gathering properties" -PercentComplete 80
-$osCaption=((wmic os get caption /value | Select-String -Pattern "^.*=(.*)$").Matches.Groups[1].ToString().Trim())
+$osCaption=(Get-WmiObject -Class Win32_OperatingSystem).caption
+if ($osCaption -ne $null) {
+    $osCaption = $osCaption.Trim()
+}
 $property1=(jsonProperty "caption" "$osCaption")  ## Example1
 $property2=(jsonProperty "caption" "$osCaption") # "$JSON_STATUS_ADDED") ## Example2 with optional third status argument
 
diff --git a/scripts/windows/get_ek.ps1 b/scripts/windows/get_ek.ps1
@@ -12,13 +12,29 @@ param(
                 [Security.Principal.WindowsBuiltInRole]::Administrator)
           ) {
                 Write-Progress -Activity "Gathering an EK Certificate" -CurrentOperation "Accessing the TPM" -PercentComplete 10
-                $data=(Get-TpmEndorsementKeyInfo).ManufacturerCertificates[0].GetRawCertData()
-                Write-Progress -Activity "EK Certificate Gathered" -CurrentOperation "Converting to Base64" -PercentComplete 75
-                $base64 = [Convert]::ToBase64String($data,'InsertLineBreaks')
-                Write-Progress -Activity "EK Certificate Gathered" -CurrentOperation "Writing PEM" -PercentComplete 90
-                $pem = ("-----BEGIN CERTIFICATE-----`n$base64`n-----END CERTIFICATE-----").Replace("`r`n", "`n")
-                [IO.File]::WriteAllText($filename, $pem)
-                Write-Progress "Done" -PercentComplete 100
+                $data = $null
+                $manufacturerCerts = (Get-TpmEndorsementKeyInfo).ManufacturerCertificates
+                if ($manufacturerCerts -ne $null -and $manufacturerCerts.Length -gt 0)
+                {
+                    $data = $manufacturerCerts[0].GetRawCertData()
+                } else {
+                    $additionalCerts = (Get-TpmEndorsementKeyInfo).AdditionalCertificates
+                    if ($additionalCerts -ne $null -and $additionalCerts.Length -gt 0) {
+                        $data = $additionalCerts[0].GetRawCertData()
+                    }
+                }
+
+                if ($data -eq $null) {
+                    echo "Found no EK Certificates using the PowerShell TrustedPlatformModule module."
+                    $data = $null
+                } else {
+                    Write-Progress -Activity "EK Certificate Gathered" -CurrentOperation "Converting to Base64" -PercentComplete 75
+                    $base64 = [Convert]::ToBase64String($data,'InsertLineBreaks')
+                    Write-Progress -Activity "EK Certificate Gathered" -CurrentOperation "Writing PEM" -PercentComplete 90
+                    $pem = ("-----BEGIN CERTIFICATE-----`n$base64`n-----END CERTIFICATE-----").Replace("`r`n", "`n")
+                    [IO.File]::WriteAllText($filename, $pem)
+                    Write-Progress "Done" -PercentComplete 100
+                }
             }
         Else {
             echo "Not admin"
