Created
October 3, 2018 21:41
-
-
Save jhorsman/8a9e97e3b2195162abe1a0ba523cb3e6 to your computer and use it in GitHub Desktop.
Encrypt-Config.ps1: A PowerShell tool to encrypt or decrypt .NET app.config files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[CmdletBinding()] | |
Param( | |
[parameter(Mandatory=$false, HelpMessage="Encrypt the secure app settings")] | |
[switch]$Encrypt, | |
[parameter(Mandatory=$false, HelpMessage="Decrypt the secure app settings")] | |
[switch]$Decrypt | |
) | |
$ErrorActionPreference = "Stop" | |
function Get-EncryptionMode() | |
{ | |
if($Encrypt.IsPresent -and $Decrypt.IsPresent) { Write-Error "Use either -Encrypt or -Decrypt" } | |
if($Decrypt.IsPresent) | |
{ | |
return "Decrypt" | |
} | |
return "Encrypt" | |
} | |
function Find-ConfigurationFile() | |
{ | |
$configFiles = @(Get-ChildItem -Filter "*.exe.config") | |
$configFiles += @(Get-ChildItem -Filter "App.config") | |
if($configFiles.Count -gt 1) { Write-Error ("Found more than one configuration file: {0}" -f [string]::Join(", ", $configFiles.Name)) } | |
if($configFiles.Count -ne 1) { Write-Error "Could not find the .config file" } | |
return $configFiles.Get(0) | |
} | |
function Get-DotNetFrameworkDirectory() | |
{ | |
$([System.Runtime.InteropServices.RuntimeEnvironment]::GetRuntimeDirectory()) | |
} | |
function Copy-ToTempWebConfig($configurationFile) | |
{ | |
if (!(Test-Path -path ".\temp")) | |
{ | |
Write-Verbose ("Creating temp directory {0}" -f ".\temp") | |
New-Item ".\temp" -Type Directory | |
} | |
Copy-Item $configurationFile "temp\Web.config" | |
return Get-Item "temp\Web.config" | |
} | |
function Copy-FromTempWebConfig($configurationFile) | |
{ | |
Move-Item "temp\Web.config" $configurationFile -Force | Out-Null | |
if((Get-ChildItem ".\temp").Count -eq 0) | |
{ | |
Write-Verbose ("Removing empty temp directory {0}" -f ".\temp") | |
Remove-Item ".\temp" | |
} | |
} | |
function Encrypt-ConfigurationSection([string] $configurationPath, $mode){ | |
$currentDirectory = (Get-Location) | |
Set-Location (Get-DotNetFrameworkDirectory) | |
if($mode -eq "Decrypt") | |
{ | |
.\aspnet_regiis -pdf "secureAppSettings" "$configurationPath" | |
} else | |
{ | |
.\aspnet_regiis -pef "secureAppSettings" "$configurationPath" | |
} | |
Set-Location $currentDirectory | |
} | |
$mode = Get-EncryptionMode | |
$configurationFile = (Find-ConfigurationFile) | |
Write-Verbose ("{0} configuation file {1}" -f $mode, $configurationFile.FullName) | |
$tempFile = Copy-ToTempWebConfig $configurationFile | |
Write-Verbose ("Attempting to {0} {1}" -f $mode, $configurationFile.FullName) | |
Encrypt-ConfigurationSection $tempFile.Directory.FullName $mode | |
Copy-FromTempWebConfig $configurationFile |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment