module.psm1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
<#
    .SYNOPSIS
        Encrypts a SecureString with the specified encryption key
    .PARAMETER StringToEncrypt
        The string to be encrypted
    .PARAMETER SecureStringToEncrypt
        The string to be encrypted
    .PARAMETER EncryptionKey
        The encryption key
#>

Function New-EncryptedString
{
    [OutputType([String])]
    [CmdletBinding(DefaultParameterSetName='plain')]
    param
    (
        [Parameter(Mandatory=$true,ParameterSetName='plain',Position=0,ValueFromPipeline=$true)]
        [String[]]
        $StringToEncrypt,
        [Parameter(Mandatory=$true,ParameterSetName='secure',Position=0,ValueFromPipeline=$true)]
        [securestring[]]
        $SecureStringToEncrypt,
        [Parameter(Mandatory=$true,ParameterSetName='secure',Position=1)]
        [Parameter(Mandatory=$true,ParameterSetName='plain',Position=1)]
        [ValidateLength(16,32)]
        [String]
        $EncryptionKey
    )
    BEGIN
    {
        $EncryptionKeyBytes=[System.Text.Encoding]::ASCII.GetBytes($EncryptionKey)
    }
    PROCESS
    {
        if($PSCmdlet.ParameterSetName -eq 'plain')
        {
            foreach ($item in $StringToEncrypt)
            {
                $SecureString=[securestring]::new()
                foreach($Char in $item.ToCharArray())
                {
                    $SecureString.AppendChar($Char)
                }
                $Encrypted = ConvertFrom-SecureString -SecureString $SecureString -Key $EncryptionKeyBytes
                Write-Output $Encrypted
            }
        }
        else
        {
            foreach ($SecureString in $SecureStringToEncrypt)
            {
                $Encrypted = ConvertFrom-SecureString -SecureString $SecureString -Key $EncryptionKeyBytes
                Write-Output $Encrypted
            }
        }
    }
}

<#
    .SYNOPSIS
        Decrypts a SecureString that was encrypted with the specified key
    .PARAMETER StringToDecrypt
        The encrypted SecureString
    .PARAMETER EncryptionKey
        The encryption key
#>

Function Get-EncryptedString
{
    [CmdletBinding()]
    param
    (
        [Parameter(Mandatory=$true,ValueFromPipeline=$true)]
        [String[]]
        $StringToDecrypt,
        [Parameter(Mandatory=$true)]
        [ValidateLength(16,32)]
        [String]
        $EncryptionKey
    )
    BEGIN
    {
        $EncryptionKeyBytes=[System.Text.Encoding]::ASCII.GetBytes($EncryptionKey)
    }
    PROCESS
    {
        foreach ($item in $StringToDecrypt)
        {
            $Decrypted = ConvertTo-SecureString -String $item -Key $EncryptionKeyBytes
            Write-Output $Decrypted
        }
    }
}

<#
    .SYNOPSIS
        Generates a new encryption key for use with a SecureString
    .PARAMETER KeyLength
        The length of the key in bits 128,196, or 256
#>

Function New-EncryptedStringKey
{
    [OutputType([String])]
    [CmdletBinding()]
    param
    (
        [ValidateSet(128,196,256)]
        [Parameter(Mandatory=$false)]
        [int]
        $KeyLength=128,
        [Parameter(Mandatory=$false)]
        [Switch]
        $UseRandomNumberGenerator
    )
    $CharCount=$KeyLength/8
    $ClientSecret=New-Object System.String($CharCount)
    $Seed = New-Object System.Byte[]($CharCount)
    $NumGen = [System.Security.Cryptography.RandomNumberGenerator]::Create()
    if($UseRandomNumberGenerator.IsPresent)
    {
        try
        {
            $NumGen.GetBytes($Seed)
            $ClientSecret = [System.Convert]::ToBase64String($Seed)
        }
        finally
        {
            if($NumGen -ne $null)
            {
                $NumGen.Dispose()
            }
        }
    }
    else
    {
        $AvailChars=("1,2,3,4,5,6,7,8,9,0," + `
            "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z," + `
            "-,+,=,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z," +
            "!,@,#,$,%,^,&,*,<,>,?,/,|,\").Split(',')
        $CharCount=$KeyLength/8
        $EndChars=Get-Random -InputObject $AvailChars -Count $CharCount
        $ClientSecret=([String]::Join([String]::Empty,$EndChars))
    }
    return $ClientSecret
}