office politics
It's all just 1s and 0s
- Messages
- 6,555
- Location
- in the lab
I found some code to do this. However, it requires the cert to be installed inside the certificate stores in windows. Does anyone know of a way to do the same thing with keys that are strings. This should avoid the need to install the cert on every machine.
Aperture Science Blog - Blog - Encrypting a string using certificates andÂ*PowerShell
Aperture Science Blog - Blog - Encrypting a string using certificates andÂ*PowerShell
Code:
Function encrypt-envelope ($unprotectedcontent, $cert)
{
[System.Reflection.Assembly]::LoadWithPartialName("System.Security") | Out-Null
$utf8content = [Text.Encoding]::UTF8.GetBytes($unprotectedcontent)
$content = New-Object Security.Cryptography.Pkcs.ContentInfo `
-argumentList (,$utf8content)
$env = New-Object Security.Cryptography.Pkcs.EnvelopedCms $content
$recpient = (New-Object System.Security.Cryptography.Pkcs.CmsRecipient($cert))
$env.Encrypt($recpient)
$base64string = [Convert]::ToBase64String($env.Encode())
return $base64string
}
function decrypt-envelope ($base64string)
{
[System.Reflection.Assembly]::LoadWithPartialName("System.Security") | Out-Null
$content = [Convert]::FromBase64String($base64string)
$env = New-Object Security.Cryptography.Pkcs.EnvelopedCms
$env.Decode($content)
$env.Decrypt()
$utf8content = [text.encoding]::UTF8.getstring($env.ContentInfo.Content)
return $utf8content
}