Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <#
- .NOTES
- ===========================================================================
- Created on: 28/03/2017 4:22 PM
- Created by: Angelo Papiccio
- Organization: Papiccio.com
- Filename: Create-AESPasswordFiles.ps1
- ===========================================================================
- .DESCRIPTION
- This function can be used to create both an AES encryption key file and password file that can be used
- to pass secure passwords through PowerShell scripts
- .EXAMPLE
- Create-AESPasswordFile
- =============================================================================================================================
- Please enter the full path and file name for the AES Key (e.g. C:\AESKey.txt): C:\Temp\AES_OneDrive.txt
- Please enter the password to encrypt: ********************
- Please enter the full path and file name for the Secure Password file (e.g. C:\AppSecurePwd.txt): c:\temp\Secure_OneDrive.txt
- -----------------------------------------------------------------------------------------------------------------------------
- .EXAMPLE
- To use the saved files add the below code to your script
- $UserName = "YOUR USERNAME HERE}
- $SecurePwdFilePath = {PATH TO YOUR PASSWORD FILE HERE}
- $AESKeyFilePath = {PATH TO YOUR AESKEY FILE HERE}
- $AESKey = Get-Content $AESKeyFilePath
- $pwdTxt = Get-Content $SecurePwdFilePath
- $securePwd = $pwdTxt | ConvertTo-SecureString -Key $AESKey
- $credObject = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $securePwd
- You can now pass the $CredObject with the -Credential switch e.g. Connect-MsolService -Credential $CredObject
- #>
- function Create-AESPasswordFile {
- # Create a 32 bit random key to be used by the AES Key
- $AESKey = New-Object Byte[] 32
- [Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($AESKey)
- #Collect the location to store the AES Key file
- $AESKeyFilePath = Read-Host -Prompt "Please enter the full path and file name for the AES Key (e.g. C:\AESKey.txt)"
- Set-Content $AESKeyFilePath $AESKey #It will over-write existing file data if already exists
- #Collect the password to encrypt. It uses the -AsSecureString to hide the text then converts it back text and encrypts using the AES Key
- $InputPwd = Read-Host -Prompt "Please enter the password to encrypt" -AsSecureString
- $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($InputPwd)
- $PlainTxtPsswd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
- $secureStringPwd = $PlainTxtPsswd | ConvertTo-SecureString -AsPlainText -Force
- #Export Secure content to password file
- $SecurePwdFile = Read-Host -Prompt "Please enter the full path and file name for the Secure Password file (e.g. C:\AppSecurePwd.txt)"
- $password = $secureStringPwd | ConvertFrom-SecureString -Key $AESKey
- Add-Content $SecurePwdFile $password
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement