apapiccio/gist:3abec6155ae4637b63fa201627a350e1

## gistfile1.txt
<#
	.NOTES
	===========================================================================
	 Created on:   	28/03/2017 4:22 PM
	 Created by:   	Angelo Papiccio
	 Organization: 	Papiccio.com
	 Filename:     	Create-AESPasswordFiles.ps1
	===========================================================================
	.DESCRIPTION
		This function can be used to create both an AES encryption key file and password file that can be used
		to pass secure passwords through PowerShell scripts
	.EXAMPLE
		Create-AESPasswordFile
		=============================================================================================================================
		Please enter the full path and file name for the AES Key (e.g. C:\AESKey.txt): C:\Temp\AES_OneDrive.txt
		Please enter the password to encrypt: ********************
		Please enter the full path and file name for the Secure Password file (e.g. C:\AppSecurePwd.txt): c:\temp\Secure_OneDrive.txt
		-----------------------------------------------------------------------------------------------------------------------------
	.EXAMPLE
		To use the saved files add the below code to your script
		$UserName = "YOUR USERNAME HERE}
		$SecurePwdFilePath = {PATH TO YOUR PASSWORD FILE HERE}
		$AESKeyFilePath = {PATH TO YOUR AESKEY FILE HERE}
		$AESKey = Get-Content $AESKeyFilePath
		$pwdTxt = Get-Content $SecurePwdFilePath
		$securePwd = $pwdTxt | ConvertTo-SecureString -Key $AESKey
		$credObject = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $securePwd
		You can now pass the $CredObject with the -Credential switch e.g. Connect-MsolService -Credential $CredObject

#>
function Create-AESPasswordFile {

	# Create a 32 bit random key to be used by the AES Key
	$AESKey = New-Object Byte[] 32
	[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($AESKey)

	#Collect the location to store the AES Key file
	$AESKeyFilePath = Read-Host -Prompt "Please enter the full path and file name for the AES Key (e.g. C:\AESKey.txt)"
	Set-Content $AESKeyFilePath $AESKey #It will over-write existing file data if already exists

	#Collect the password to encrypt. It uses the -AsSecureString to hide the text then converts it back text and encrypts using the AES Key
	$InputPwd = Read-Host -Prompt "Please enter the password to encrypt" -AsSecureString
	$bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($InputPwd)
	$PlainTxtPsswd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
	$secureStringPwd = $PlainTxtPsswd | ConvertTo-SecureString -AsPlainText -Force

	#Export Secure content to password file
	$SecurePwdFile = Read-Host -Prompt "Please enter the full path and file name for the Secure Password file (e.g. C:\AppSecurePwd.txt)"
	$password = $secureStringPwd | ConvertFrom-SecureString -Key $AESKey
	Add-Content $SecurePwdFile $password

}
	<#
	.NOTES
	===========================================================================
	Created on: 28/03/2017 4:22 PM
	Created by: Angelo Papiccio
	Organization: Papiccio.com
	Filename: Create-AESPasswordFiles.ps1
	===========================================================================
	.DESCRIPTION
	This function can be used to create both an AES encryption key file and password file that can be used
	to pass secure passwords through PowerShell scripts
	.EXAMPLE
	Create-AESPasswordFile
	=============================================================================================================================
	Please enter the full path and file name for the AES Key (e.g. C:\AESKey.txt): C:\Temp\AES_OneDrive.txt
	Please enter the password to encrypt: ********************
	Please enter the full path and file name for the Secure Password file (e.g. C:\AppSecurePwd.txt): c:\temp\Secure_OneDrive.txt
	-----------------------------------------------------------------------------------------------------------------------------
	.EXAMPLE
	To use the saved files add the below code to your script
	$UserName = "YOUR USERNAME HERE}
	$SecurePwdFilePath = {PATH TO YOUR PASSWORD FILE HERE}
	$AESKeyFilePath = {PATH TO YOUR AESKEY FILE HERE}
	$AESKey = Get-Content $AESKeyFilePath
	$pwdTxt = Get-Content $SecurePwdFilePath
	$securePwd = $pwdTxt \| ConvertTo-SecureString -Key $AESKey
	$credObject = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $securePwd
	You can now pass the $CredObject with the -Credential switch e.g. Connect-MsolService -Credential $CredObject

	#>
	function Create-AESPasswordFile {

	# Create a 32 bit random key to be used by the AES Key
	$AESKey = New-Object Byte[] 32
	[Security.Cryptography.RNGCryptoServiceProvider]::Create().GetBytes($AESKey)

	#Collect the location to store the AES Key file
	$AESKeyFilePath = Read-Host -Prompt "Please enter the full path and file name for the AES Key (e.g. C:\AESKey.txt)"
	Set-Content $AESKeyFilePath $AESKey #It will over-write existing file data if already exists

	#Collect the password to encrypt. It uses the -AsSecureString to hide the text then converts it back text and encrypts using the AES Key
	$InputPwd = Read-Host -Prompt "Please enter the password to encrypt" -AsSecureString
	$bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($InputPwd)
	$PlainTxtPsswd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
	$secureStringPwd = $PlainTxtPsswd \| ConvertTo-SecureString -AsPlainText -Force

	#Export Secure content to password file
	$SecurePwdFile = Read-Host -Prompt "Please enter the full path and file name for the Secure Password file (e.g. C:\AppSecurePwd.txt)"
	$password = $secureStringPwd \| ConvertFrom-SecureString -Key $AESKey
	Add-Content $SecurePwdFile $password

	}