2021-09-27 10:38:12 +02:00
|
|
|
|
<#
|
2021-07-13 21:10:02 +02:00
|
|
|
|
.SYNOPSIS
|
2021-10-04 21:29:23 +02:00
|
|
|
|
Encrypts a file
|
2021-07-13 21:10:02 +02:00
|
|
|
|
.DESCRIPTION
|
2022-08-25 08:36:55 +02:00
|
|
|
|
This PowerShell script encrypts a file using the given password and AES encryption.
|
2021-10-16 16:50:10 +02:00
|
|
|
|
.PARAMETER Path
|
|
|
|
|
Specifies the path to the file to encrypt
|
|
|
|
|
.PARAMETER Password
|
|
|
|
|
Specifies the password to use
|
2021-07-13 21:10:02 +02:00
|
|
|
|
.EXAMPLE
|
2021-09-24 17:19:49 +02:00
|
|
|
|
PS> ./encrypt-file C:\MyFile.txt "123"
|
2021-07-13 21:10:02 +02:00
|
|
|
|
.LINK
|
|
|
|
|
https://github.com/fleschutz/PowerShell
|
2022-01-29 12:47:46 +01:00
|
|
|
|
.NOTES
|
2022-08-25 08:36:55 +02:00
|
|
|
|
Author: Markus Fleschutz | License: CC0
|
2021-01-04 10:09:52 +01:00
|
|
|
|
#>
|
|
|
|
|
|
2021-07-15 15:51:22 +02:00
|
|
|
|
param([string]$Path = "", [string]$Password = "")
|
2021-01-04 10:09:52 +01:00
|
|
|
|
|
2021-01-27 15:12:17 +01:00
|
|
|
|
function EncryptFile {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
[CmdletBinding(DefaultParameterSetName='SecureString')]
|
|
|
|
|
[OutputType([System.IO.FileInfo[]])]
|
|
|
|
|
Param(
|
|
|
|
|
[Parameter(Mandatory=$true, Position=1, ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)]
|
|
|
|
|
[Alias('PSPath','LiteralPath')]
|
|
|
|
|
[string[]]$FileName,
|
|
|
|
|
[Parameter(Mandatory=$false, Position=2)]
|
|
|
|
|
[ValidateSet('AES','DES','RC2','Rijndael','TripleDES')]
|
|
|
|
|
[String]$Algorithm = 'AES',
|
|
|
|
|
[Parameter(Mandatory=$false, Position=3, ParameterSetName='SecureString')]
|
|
|
|
|
[System.Security.SecureString]$Key = (New-CryptographyKey -Algorithm $Algorithm),
|
|
|
|
|
[Parameter(Mandatory=$true, Position=3, ParameterSetName='PlainText')]
|
|
|
|
|
[String]$KeyAsPlainText,
|
|
|
|
|
[Parameter(Mandatory=$false, Position=4)]
|
|
|
|
|
[System.Security.Cryptography.CipherMode]$CipherMode,
|
|
|
|
|
[Parameter(Mandatory=$false, Position=5)]
|
|
|
|
|
[System.Security.Cryptography.PaddingMode]$PaddingMode,
|
|
|
|
|
[Parameter(Mandatory=$false, Position=6)]
|
|
|
|
|
[String]$Suffix = ".$Algorithm",
|
|
|
|
|
[Parameter()]
|
|
|
|
|
[Switch]$RemoveSource
|
|
|
|
|
)
|
2021-01-04 10:37:14 +01:00
|
|
|
|
begin {
|
|
|
|
|
try {
|
|
|
|
|
if ($PSCmdlet.ParameterSetName -eq 'PlainText') {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
$Key = $KeyAsPlainText | ConvertTo-SecureString -AsPlainText -Force
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$BSTR = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($Key)
|
|
|
|
|
$EncryptionKey = [System.Convert]::FromBase64String([System.Runtime.InteropServices.Marshal]::PtrToStringAuto($BSTR))
|
|
|
|
|
|
|
|
|
|
$Crypto = [System.Security.Cryptography.SymmetricAlgorithm]::Create($Algorithm)
|
2021-01-04 10:37:14 +01:00
|
|
|
|
if ($PSBoundParameters.ContainsKey('CipherMode')) {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
$Crypto.Mode = $CipherMode
|
|
|
|
|
}
|
2021-01-04 10:37:14 +01:00
|
|
|
|
if ($PSBoundParameters.ContainsKey('PaddingMode')) {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
$Crypto.Padding = $PaddingMode
|
|
|
|
|
}
|
|
|
|
|
$Crypto.KeySize = $EncryptionKey.Length*8
|
|
|
|
|
$Crypto.Key = $EncryptionKey
|
2021-01-04 10:37:14 +01:00
|
|
|
|
} catch {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
Write-Error $_ -ErrorAction Stop
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-01-04 10:37:14 +01:00
|
|
|
|
process {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
$Files = Get-Item -LiteralPath $FileName
|
|
|
|
|
|
2021-01-04 10:37:14 +01:00
|
|
|
|
foreach($File in $Files) {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
$DestinationFile = $File.FullName + $Suffix
|
|
|
|
|
|
2021-01-04 10:37:14 +01:00
|
|
|
|
try {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
$FileStreamReader = New-Object System.IO.FileStream($File.FullName, [System.IO.FileMode]::Open)
|
|
|
|
|
$FileStreamWriter = New-Object System.IO.FileStream($DestinationFile, [System.IO.FileMode]::Create)
|
|
|
|
|
|
|
|
|
|
$Crypto.GenerateIV()
|
|
|
|
|
$FileStreamWriter.Write([System.BitConverter]::GetBytes($Crypto.IV.Length), 0, 4)
|
|
|
|
|
$FileStreamWriter.Write($Crypto.IV, 0, $Crypto.IV.Length)
|
|
|
|
|
|
|
|
|
|
$Transform = $Crypto.CreateEncryptor()
|
|
|
|
|
$CryptoStream = New-Object System.Security.Cryptography.CryptoStream($FileStreamWriter, $Transform, [System.Security.Cryptography.CryptoStreamMode]::Write)
|
|
|
|
|
$FileStreamReader.CopyTo($CryptoStream)
|
|
|
|
|
|
|
|
|
|
$CryptoStream.FlushFinalBlock()
|
|
|
|
|
$CryptoStream.Close()
|
|
|
|
|
$FileStreamReader.Close()
|
|
|
|
|
$FileStreamWriter.Close()
|
|
|
|
|
|
2021-01-04 10:37:14 +01:00
|
|
|
|
if ($RemoveSource) {
|
|
|
|
|
Remove-Item -LiteralPath $File.FullName
|
|
|
|
|
}
|
2021-01-04 10:09:52 +01:00
|
|
|
|
|
|
|
|
|
$result = Get-Item $DestinationFile
|
|
|
|
|
$result | Add-Member –MemberType NoteProperty –Name SourceFile –Value $File.FullName
|
|
|
|
|
$result | Add-Member –MemberType NoteProperty –Name Algorithm –Value $Algorithm
|
|
|
|
|
$result | Add-Member –MemberType NoteProperty –Name Key –Value $Key
|
|
|
|
|
$result | Add-Member –MemberType NoteProperty –Name CipherMode –Value $Crypto.Mode
|
|
|
|
|
$result | Add-Member –MemberType NoteProperty –Name PaddingMode –Value $Crypto.Padding
|
|
|
|
|
$result
|
2021-01-04 10:37:14 +01:00
|
|
|
|
} catch {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
Write-Error $_
|
2021-01-04 10:37:14 +01:00
|
|
|
|
if ($FileStreamWriter) {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
$FileStreamWriter.Close()
|
|
|
|
|
Remove-Item -LiteralPath $DestinationFile -Force
|
|
|
|
|
}
|
2021-01-04 10:37:14 +01:00
|
|
|
|
continue
|
|
|
|
|
} finally {
|
2021-01-04 10:09:52 +01:00
|
|
|
|
if($CryptoStream){$CryptoStream.Close()}
|
|
|
|
|
if($FileStreamReader){$FileStreamReader.Close()}
|
|
|
|
|
if($FileStreamWriter){$FileStreamWriter.Close()}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
try {
|
2022-08-25 08:36:55 +02:00
|
|
|
|
if ($Path -eq "" ) { $Path = read-host "Enter path to file" }
|
|
|
|
|
if ($Password -eq "" ) { $Password = read-host "Enter password" }
|
|
|
|
|
$StopWatch = [system.diagnostics.stopwatch]::startNew()
|
2021-01-04 10:09:52 +01:00
|
|
|
|
|
|
|
|
|
$PasswordBase64 = [System.Convert]::ToBase64String($Password)
|
2022-10-31 11:41:59 +01:00
|
|
|
|
EncryptFile "$Path" -Algorithm AES -KeyAsPlainText $PasswordBase64 -RemoveSource
|
2021-02-10 19:25:48 +01:00
|
|
|
|
|
2022-08-25 08:36:55 +02:00
|
|
|
|
[int]$Elapsed = $StopWatch.Elapsed.TotalSeconds
|
|
|
|
|
"✔️ file encrypted in $Elapsed sec"
|
2021-09-27 10:09:45 +02:00
|
|
|
|
exit 0 # success
|
2021-01-04 10:09:52 +01:00
|
|
|
|
} catch {
|
2022-04-13 12:06:32 +02:00
|
|
|
|
"⚠️ Error in line $($_.InvocationInfo.ScriptLineNumber): $($Error[0])"
|
2021-01-04 10:09:52 +01:00
|
|
|
|
exit 1
|
2022-10-31 11:41:59 +01:00
|
|
|
|
}
|