functions/ConvertFrom-EncryptedString.ps1
Function ConvertFrom-EncryptedString { <# .SYNOPSIS Converts an encrypted string to a SecureString object. .DESCRIPTION Converts an encrypted string to a SecureString object with an option to use a custom key. Key path can be defined by: PS> Get/Set-DBODefaultSetting -Name security.encryptionkey Custom key is enforced in a Unix environment by a default setting security.usecustomencryptionkey PS> Get/Set-DBODefaultSetting -Name security.usecustomencryptionkey .PARAMETER String String to be decrypted .EXAMPLE # Converts a password provided by user to an encrypted string $encrypted = ConvertTo-EncryptedString -String (Read-Host -AsSecureString) $decrypted = ConvertFrom-EncryptedString -String $encrypted .NOTES #> [CmdletBinding()] Param ( [Parameter(ValueFromPipeline, Mandatory)] [String]$String ) process { $params = @{ String = $String } if (Get-DBODefaultSetting -Name security.usecustomencryptionkey -Value) { $key = Get-EncryptionKey if ($null -eq $key) { Stop-PSFFunction -Message "Encryption key not found" -EnableException $true } $params += @{ Key = Get-EncryptionKey } } try { ConvertTo-SecureString @params -ErrorAction Stop } catch { Stop-PSFFunction -Message "Failed to decrypt the secure string" -ErrorRecord $_ -EnableException $true } } } |