This repository has been archived by the owner on Aug 1, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathNew-ManagedCredential.ps1
118 lines (95 loc) · 3.51 KB
/
New-ManagedCredential.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
###############################################################################################################
# Language : PowerShell 4.0
# Filename : ManagedCredentials.psm1
# Autor : BornToBeRoot (https://github.com/BornToBeRoot)
# Description : Secure encryption of credentials as SecureString
# Repository : https://github.com/BornToBeRoot/PowerShell_ManagedCredential
###############################################################################################################
<#
.SYNOPSIS
Secure encryption of credentials as SecureString
.DESCRIPTION
Secure encryption of credentials as SecureString, which can be saved as an xml-file or variable.
If user "A" encrypt the credentials on computer "A", user "B" cannot decrypt the credentials on
computer "A" and also user "A" cannot decrypt the credentials on Computer "B".
.EXAMPLE
$EncryptedCredentials = .\New-ManagedCredential.ps1
$EncryptedCredentials
UsernameAsSecureString : c04fc297eb01000000edade3a984d5ca...
PasswordAsSecureString : 984d5ca4aa6c39de63b9627730000c22...
.EXAMPLE
.\New-ManagedCredential.ps1 -OutFile E:\Temp\EncryptedCredentials.xml
.LINK
https://github.com/BornToBeRoot/PowerShell_ManagedCredential/blob/master/Documentation/New-ManagedCredential.README.md
#>
[CmdletBinding(SupportsShouldProcess=$true)]
Param(
[Parameter(
Position=0,
HelpMessage='Path to the xml-file where the encrypted credentials will be saved')]
[String]$OutFile,
[Parameter(
Position=1,
HelpMessage='Credentials which are encrypted')]
[System.Management.Automation.PSCredential]
[System.Management.Automation.CredentialAttribute()]
$Credential
)
Begin{
}
Process{
if($null -eq $Credential)
{
try{
$Credential = Get-Credential $null
}
catch{
throw
}
}
$EncryptedUsername = $Credential.UserName | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString
$EncryptedPassword = $Credential.Password | ConvertFrom-SecureString
$EncryptedCredentials = [pscustomobject] @{
UsernameAsSecureString = $EncryptedUsername
PasswordAsSecureString = $EncryptedPassword
}
if(-not([String]::IsNullOrEmpty($OutFile)))
{
if(-not([System.IO.Path]::IsPathRooted($OutFile)))
{
$FilePath = Join-Path -Path $PSScriptRoot -ChildPath $OutFile.Replace(".\","")
}
else
{
$FilePath = $OutFile
}
if(-not($FilePath.ToLower().EndsWith(".xml")))
{
$FilePath += ".xml"
}
if($PSCmdlet.ShouldProcess($FilePath))
{
if([System.IO.File]::Exists($FilePath))
{
$Title = "Overwrite existing file"
$Info = "Do you want to overwrite the exisiting file?"
$Options = [System.Management.Automation.Host.ChoiceDescription[]] @("&Yes", "&No")
[int]$Defaultchoice = 0
$Opt = $host.UI.PromptForChoice($Title , $Info, $Options, $Defaultchoice)
switch($Opt)
{
1 {
return
}
}
}
$EncryptedCredentials | Export-Clixml -Path $FilePath
}
}
else
{
$EncryptedCredentials
}
}
End{
}