functions/security/ConvertTo-EncryptedString.ps1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
function ConvertTo-EncryptedString { param( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = 'SecureString')] [SecureString]$SecureString, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ParameterSetName = 'PlainText')] [string]$PlainText, [Parameter(Mandatory = $false)] [ValidateSet('CurrentUser', 'LocalMachine')] [System.Security.Cryptography.DataProtectionScope]$Scope = [System.Security.Cryptography.DataProtectionScope]::CurrentUser ) begin { $entropy = Get-Entropy } process { if ($PSCmdlet.ParameterSetName -eq 'SecureString') { $encryptedData = [System.Security.Cryptography.ProtectedData]::Protect( [System.Text.Encoding]::Unicode.GetBytes((ConvertFrom-SecureString $SecureString -AsPlainText)), [System.Text.Encoding]::Unicode.GetBytes($entropy), $Scope) } else { $encryptedData = [System.Security.Cryptography.ProtectedData]::Protect( [System.Text.Encoding]::Unicode.GetBytes($PlainText), [System.Text.Encoding]::Unicode.GetBytes($entropy), $Scope) } ConvertTo-Base64 -Bytes $encryptedData } } |