Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Wraps Secret Server Decryption routine.
function Invoke-SecretWrap
{
Param (
[Parameter(Mandatory = $True )]
[String] $EncryptionConfigPath,
[Parameter(Mandatory = $True )]
[String] $SecretServerDataPath
)
$raw = Import-csv $SecretServerDataPath
# Filter out anything that doesn't have valid keys, ivs, or ivmeks
$data = $raw | ?{$null -ne $_.Key -and $null -ne $_.ItemValue -and $null -ne $_.IV `
-and $null -ne $_.IvMEK -and $_.IV.length -gt 10 -and $_.Key.Length -gt 10}
$collection = @()
foreach ($entry in $data) {
try {
$plain = Invoke-SecretDecrypt -EncryptionConfig $EncryptionConfigPath -ItemIV $entry.IV `
-Item $entry.ItemValue -IVMek $entry.IVMek -Key $entry.Key -NewFormat
$name = $entry.SecretName
$plain = $plain.Replace("`r`n", " ")
$temp = new-object psobject -Property @{
Name = $name
Description = $desc
Decrypted = $plain
}
Write-Output "$name,$desc,$plain"
$collection += $temp
}
catch {
# After you've done enough testing, you still might get sporadic errors on the occasional item.
# Comment out the throw below to ignore & proceed.
throw
}
}
$collection | Export-Csv "awwyeah.csv"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment