<# .NOTES ===================================================================

1. <#
2. .NOTES
3. ===========================================================================
4. Created on: 28/03/2017 4:22 PM
5. Created by: Angelo Papiccio
6. Organization: Papiccio.com
7. Filename: Create-AESPasswordFiles.ps1
8. ===========================================================================
9. .DESCRIPTION
10. This function can be used to create both an AES encryption key file and password file that can be used
11. to pass secure passwords through PowerShell scripts
12. .EXAMPLE
13. Create-AESPasswordFile
14. =============================================================================================================================
15. Please enter the full path and file name for the AES Key (e.g. C:\AESKey.txt): C:\Temp\AES_OneDrive.txt
16. Please enter the password to encrypt: ********************
17. Please enter the full path and file name for the Secure Password file (e.g. C:\AppSecurePwd.txt): c:\temp\Secure_OneDrive.txt
18. -----------------------------------------------------------------------------------------------------------------------------
19. .EXAMPLE
20. To use the saved files add the below code to your script
21. $UserName = "YOUR USERNAME HERE}
22. $SecurePwdFilePath = {PATH TO YOUR PASSWORD FILE HERE}
23. $AESKeyFilePath = {PATH TO YOUR AESKEY FILE HERE}
24. $AESKey = Get-Content $AESKeyFilePath
25. $pwdTxt = Get-Content $SecurePwdFilePath
26. $securePwd = $pwdTxt | ConvertTo-SecureString -Key $AESKey
27. $credObject = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $securePwd
28. You can now pass the $CredObject with the -Credential switch e.g. Connect-MsolService -Credential $CredObject
29.  
30. #>
31. function Create-AESPasswordFile {
32.  
33. # Create a 32 bit random key to be used by the AES Key
34. $AESKey = New-Object Byte[] 32
35. [Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($AESKey)
36.  
37. #Collect the location to store the AES Key file
38. $AESKeyFilePath = Read-Host -Prompt "Please enter the full path and file name for the AES Key (e.g. C:\AESKey.txt)"
39. Set-Content $AESKeyFilePath $AESKey #It will over-write existing file data if already exists
40.  
41. #Collect the password to encrypt. It uses the -AsSecureString to hide the text then converts it back text and encrypts using the AES Key
42. $InputPwd = Read-Host -Prompt "Please enter the password to encrypt" -AsSecureString
43. $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($InputPwd)
44. $PlainTxtPsswd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
45. $secureStringPwd = $PlainTxtPsswd | ConvertTo-SecureString -AsPlainText -Force
46.  
47. #Export Secure content to password file
48. $SecurePwdFile = Read-Host -Prompt "Please enter the full path and file name for the Secure Password file (e.g. C:\AppSecurePwd.txt)"
49. $password = $secureStringPwd | ConvertFrom-SecureString -Key $AESKey
50. Add-Content $SecurePwdFile $password
51.  
52. }