Encrypt.ps1
[string]$global:UnencryptedMark = 'Unencrypted' [string]$global:EncryptedMark = 'Encrypted' function New-Credential($username, [SecureString] $password) { $credPassword = ConvertTo-SecureString $PASSWORD -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential ($username, $credPassword ) return $cred } function Get-SecureKey_Plain { param( [Parameter(ValueFromPipeline=$true)] $secureKey ) if ($secureKey -is [string]) { return $secureKey } $Ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToCoTaskMemUnicode($secureKey) $plainValue = [System.Runtime.InteropServices.Marshal]::PtrToStringUni($Ptr) [System.Runtime.InteropServices.Marshal]::ZeroFreeCoTaskMemUnicode($Ptr) return $plainValue } function Set-SecureKey($environmentVariable, $secureKey ){ if ($secureKey -is [string]) { $secureKey = ConvertTo-SecureString -String $secureKey -AsPlainText -Force } $storedKey = ConvertFrom-SecureString -SecureString $secureKey [Environment]::SetEnvironmentVariable($environmentVariable, $storedKey, [System.EnvironmentVariableTarget]::User) [Environment]::SetEnvironmentVariable($environmentVariable, $storedKey, [System.EnvironmentVariableTarget]::Process) } function Set-SecureKey:::Test{ $testKey = 'TestSet-SecureKey' $secret = 'AnySecret' Set-SecureKey -environmentVariable $testKey -secureKey $secret $result = Get-SecureKey -environmentVariable $testKey $result | Get-SecureKey_Plain | assert -eq $secret } function Set-SecureKey:::Example{ Set-SecureKey -environmentVariable Corp_Deploy_Key_Standalone -secureKey 'XXXXXXXXXXXXXX' } function Get-SecureKey{ param ( [string]$environmentVariable, [string]$prompt ) [string]$storedKey = [Environment]::GetEnvironmentVariable($environmentVariable) if ($storedKey -and ( $storedKey.Length -lt 50) ) { return $storedKey } if ($storedKey) { try { $secureKey = $storedKey | ConvertTo-SecureString } catch [System.Security.Cryptography.CryptographicException] { throw " '$environmentVariable' Environment Variable does not contain a valid encryption key for user '$env:USERDOMAIN\$env:USERName' " } } else { if ( -not ( Test-Powershell_Editor ) ) { throw "Secure String not found in `$env:$environmentVariable`nRun the script in ISE to specify one or use Set-SecureKey" } $secureKey = Read-Host -Prompt $prompt -AsSecureString Set-SecureKey -environmentVariable $environmentVariable -secureKey $secureKey } return $secureKey } function Set-Content_Encrypt { [CmdletBinding()] Param( [Parameter(ValueFromPipeline=$true)] $path, [validateLength(5,20)] [SecureString]$password, [string]$EncryptedMark = $EncryptedMark, [string]$UnencryptedMark = $UnencryptedMark ) process { $path = Get-Path -path $path $filelist = Get-ChildItem -path $path -Filter "*.$UnencryptedMark.*" -re | Get-Path foreach($file in $filelist) { $outFileName = $file -replace $UnencryptedMark, $EncryptedMark $outFileName = "$outFileName.zip" | Update-String_Enclose '"' if ( test-path $outFileName ) { Remove-Item $outFileName -Force } $file = $file | Update-String_Enclose '"' Invoke-Exe 7z a $outFileName "$file" "-p$password" -y | Out-Null #nooutput } } } function Get-Unzip_Path { $unzip = (Get-Command unzip -ErrorAction SilentlyContinue).Source if (-not $unzip) { $unzip = 'C:\Program Files\Git\usr\bin\unzip.exe' if(-not (Test-Path $unzip)) { throw 'Unzip.exe not found' } } return $unzip } function Set-Content_UnEncrypt { [CmdletBinding()] Param( [Parameter(ValueFromPipeline=$true)] $path, [validateLength(5,20)] [SecureString]$password ) begin { $unzip = Get-Unzip_Path } process { $path = Get-Path -path $path $outFolder = Split-Path $path -Parent $path = $path | Update-String_Enclose '"' $outFolder = $outFolder | Update-String_Enclose '"' Invoke-Exe $unzip -o -q -P $password $path -d $outFolder | Out-Null } } function Remove-UnEncrypted { [CmdletBinding()] Param( [Parameter(ValueFromPipeline=$true)] $path, $EncryptedMark = $EncryptedMark, $UnencryptedMark = $UnencryptedMark ) process { $toRemove = Get-ChildItem -Path $path -Filter "*.$UnencryptedMark.*" -Recurse $toRemove | Remove-Item -Force -Verbose } } function Set-Content_Encrypt:::Example { $EncryptPassword = '1234567890' Set-Content_Encrypt -path $src -password $EncryptPassword Set-Content_UnEncrypt -path $src -password $EncryptPassword } |