-
-
Save soondook/59d58b468e357801afc91844017af477 to your computer and use it in GitHub Desktop.
Powershell Encryption, Compression, Base64 Encoding
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile, [String]$Password="pa55w0rd" ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| # Read the Salt | |
| $Salt = New-Object Byte[](32) | |
| $BytesRead = $InputStream.Read($Salt, 0, $Salt.Length) | |
| if ( $BytesRead -ne $Salt.Length ) { | |
| Write-Host 'Failed to read Salt from file' | |
| exit | |
| } | |
| # Generate PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| # Setup our decryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Dec = $AES.CreateDecryptor($AESKey, $AESIV) | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $InputStream, $Dec, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| $CryptoStream.CopyTo($OutputStream) | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile, [String]$Password="pa55w0rd" ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $Salt = New-Object Byte[](32) | |
| $Prng = New-Object System.Security.Cryptography.RNGCryptoServiceProvider | |
| $Prng.GetBytes($Salt) | |
| # Derive random bytes using PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| #$HMACKey = $PBKDF2.GetBytes(20) | |
| #$HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| # Setup our encryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Enc = $AES.CreateEncryptor($AESKey, $AESIV) | |
| # Write our Salt now, then append the encrypted data | |
| $OutputStream.Write($Salt, 0, $Salt.Length) | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $OutputStream, $Enc, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| $InputStream.CopyTo($CryptoStream) | |
| $CryptoStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile, [String]$Password="pa55w0rd" ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $B64Transform = New-Object System.Security.Cryptography.FromBase64Transform | |
| $Base64Stream = New-Object System.Security.Cryptography.CryptoStream( | |
| $InputStream, $B64Transform, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| # Read the Salt | |
| $Salt = New-Object Byte[](32) | |
| $BytesRead = $Base64Stream.Read($Salt, 0, $Salt.Length) | |
| if ( $BytesRead -ne $Salt.Length ) { | |
| Write-Host 'Failed to read Salt from file' | |
| exit | |
| } | |
| # Generate PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| $HMACKey = $PBKDF2.GetBytes(20) | |
| $HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| $Code = New-Object Byte[](20) | |
| $BytesRead = $Base64Stream.Read($Code, 0, $Code.Length) | |
| if ( $BytesRead -ne $Code.Length ) { | |
| Write-Host 'Failed to read HMAC from file' | |
| exit | |
| } | |
| $CryptedStream = New-Object IO.MemoryStream | |
| $Base64Stream.CopyTo($CryptedStream) | |
| $Base64Stream.Flush() | |
| [void]$CryptedStream.Seek(0, [System.IO.SeekOrigin]::Begin) | |
| $Auth = $HMAC.ComputeHash($CryptedStream) | |
| if (Compare-Object $Auth ($Code) -SyncWindow 0) { | |
| Write-Host 'Checksum failure.' | |
| exit | |
| } | |
| # Setup our decryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Dec = $AES.CreateDecryptor($AESKey, $AESIV) | |
| [void]$CryptedStream.Seek(0, [System.IO.SeekOrigin]::Begin) | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $CryptedStream, $Dec, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| $CryptoStream.CopyTo($OutputStream) | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( | |
| [String]$InputFile, | |
| [String]$OutputFile, | |
| [String]$Password="pa55w0rd", | |
| [String]$UseSalt | |
| ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| if ( $UseSalt ) { | |
| $String = $UseSalt.ToLower() -replace '[^a-f0-9]','' | |
| $Salt = @($String -split '([a-f0-9]{2})' | foreach-object { if ($_) {[System.Convert]::ToByte($_,16)}}) | |
| } else { | |
| $Salt = New-Object Byte[](32) | |
| $Prng = New-Object System.Security.Cryptography.RNGCryptoServiceProvider | |
| $Prng.GetBytes($Salt) | |
| } | |
| # Derive random bytes using PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| $HMACKey = $PBKDF2.GetBytes(20) | |
| $HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| # Setup our encryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Enc = $AES.CreateEncryptor($AESKey, $AESIV) | |
| # Write our Salt now, then append the encrypted data | |
| $B64Transform = New-Object System.Security.Cryptography.ToBase64Transform | |
| $Base64Stream = New-Object System.Security.Cryptography.CryptoStream( | |
| $OutputStream, $B64Transform, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| $Base64Stream.Write($Salt, 0, $Salt.Length) | |
| # Write out crypted data to memory | |
| $CryptedStream = New-Object IO.MemoryStream | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $CryptedStream, $Enc, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| $InputStream.CopyTo($CryptoStream) | |
| $CryptoStream.FlushFinalBlock() | |
| # Compute our HMAC | |
| [void]$CryptedStream.Seek(0, [IO.SeekOrigin]::Begin) | |
| $Auth = $HMAC.ComputeHash($CryptedStream) | |
| # Write out our HMAC | |
| $Base64Stream.Write($Auth, 0, $Auth.Length) | |
| # Write out out encrypted data | |
| [void]$CryptedStream.Seek(0, [IO.SeekOrigin]::Begin) | |
| $CryptedStream.CopyTo($Base64Stream) | |
| #$Base64Stream.Dispose() # Required to flush all the bytes through | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( | |
| [String]$InputFile, | |
| [String]$OutputFile, | |
| [String]$Password="pa55w0rd" | |
| ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $B64Transform = New-Object System.Security.Cryptography.FromBase64Transform | |
| $Base64Stream = New-Object System.Security.Cryptography.CryptoStream( | |
| $InputStream, $B64Transform, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| # Read the Salt | |
| $Salt = New-Object Byte[](32) | |
| $BytesRead = $Base64Stream.Read($Salt, 0, $Salt.Length) | |
| if ( $BytesRead -ne $Salt.Length ) { | |
| Write-Host 'Failed to read Salt from file' | |
| exit | |
| } | |
| # Generate PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| $HMACKey = $PBKDF2.GetBytes(20) | |
| $HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| $Code = New-Object Byte[](20) | |
| $BytesRead = $Base64Stream.Read($Code, 0, $Code.Length) | |
| if ( $BytesRead -ne $Code.Length ) { | |
| Write-Host 'Failed to read HMAC from file' | |
| exit | |
| } | |
| Write-Host "SALT:", ([System.BitConverter]::ToString($Salt) -replace "-").ToLower() | |
| Write-Host "HMAC:", ([System.BitConverter]::ToString($Code) -replace "-").ToLower() | |
| Write-Host "KEY: ", ([System.BitConverter]::ToString($AESKey) -replace "-").ToLower() | |
| Write-Host "IV: ", ([System.BitConverter]::ToString($AESIV) -replace "-").ToLower() | |
| Write-Host "MAC: ", ([System.BitConverter]::ToString($HMACKey) -replace "-").ToLower() | |
| $CryptedStream = New-Object IO.MemoryStream | |
| $Base64Stream.CopyTo($CryptedStream) | |
| $Base64Stream.Flush() | |
| [void]$CryptedStream.Seek(0, [System.IO.SeekOrigin]::Begin) | |
| $Auth = $HMAC.ComputeHash($CryptedStream) | |
| if (Compare-Object $Auth ($Code) -SyncWindow 0) { | |
| Write-Host "AUTH:", ([System.BitConverter]::ToString($Auth) -replace "-").ToLower(), "failed" | |
| #exit | |
| } | |
| # Setup our decryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Dec = $AES.CreateDecryptor($AESKey, $AESIV) | |
| [void]$CryptedStream.Seek(0, [System.IO.SeekOrigin]::Begin) | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $CryptedStream, $Dec, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| $GzipStream = New-Object System.IO.Compression.GZipStream( | |
| $CryptoStream, [IO.Compression.CompressionMode]::Decompress) | |
| $GzipStream.CopyTo($OutputStream) | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( | |
| [String]$InputFile, | |
| [String]$OutputFile, | |
| [String]$Password="pa55w0rd", | |
| [String]$UseSalt | |
| ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| if ( $UseSalt ) { | |
| $String = $UseSalt.ToLower() -replace '[^a-f0-9]','' | |
| $Salt = @($String -split '([a-f0-9]{2})' | foreach-object { if ($_) {[System.Convert]::ToByte($_,16)}}) | |
| } else { | |
| $Salt = New-Object Byte[](32) | |
| $Prng = New-Object System.Security.Cryptography.RNGCryptoServiceProvider | |
| $Prng.GetBytes($Salt) | |
| } | |
| # Derive random bytes using PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| $HMACKey = $PBKDF2.GetBytes(20) | |
| $HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| # Setup our encryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Enc = $AES.CreateEncryptor($AESKey, $AESIV) | |
| # Write our Salt now, then append the encrypted data | |
| $B64Transform = New-Object System.Security.Cryptography.ToBase64Transform | |
| $Base64Stream = New-Object System.Security.Cryptography.CryptoStream( | |
| $OutputStream, $B64Transform, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| $Base64Stream.Write($Salt, 0, $Salt.Length) | |
| # Write out crypted data to memory | |
| $CryptedStream = New-Object IO.MemoryStream | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $CryptedStream, $Enc, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| # think we want to GZIP around the InputStream | |
| $GzipStream = New-Object System.IO.Compression.GZipStream( | |
| $CryptoStream, [IO.Compression.CompressionMode]::Compress) | |
| $InputStream.CopyTo($GzipStream) | |
| $GzipStream.Flush() | |
| $CryptoStream.FlushFinalBlock() | |
| # Compute our HMAC | |
| [void]$CryptedStream.Seek(0, [IO.SeekOrigin]::Begin) | |
| $Auth = $HMAC.ComputeHash($CryptedStream) | |
| # Write out our HMAC | |
| $Base64Stream.Write($Auth, 0, $Auth.Length) | |
| Write-Host "SALT:", ([System.BitConverter]::ToString($Salt) -replace "-").ToLower() | |
| Write-Host "HMAC:", ([System.BitConverter]::ToString($Auth) -replace "-").ToLower() | |
| Write-Host "KEY: ", ([System.BitConverter]::ToString($AESKey) -replace "-").ToLower() | |
| Write-Host "IV: ", ([System.BitConverter]::ToString($AESIV) -replace "-").ToLower() | |
| Write-Host "MAC: ", ([System.BitConverter]::ToString($HMACKey) -replace "-").ToLower() | |
| # Write out out encrypted data | |
| [void]$CryptedStream.Seek(0, [IO.SeekOrigin]::Begin) | |
| $CryptedStream.CopyTo($Base64Stream) | |
| $CryptedStream.Flush() | |
| $Base64Stream.FlushFinalBlock() | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( | |
| [String]$InputFile, | |
| [String]$OutputFile, | |
| [String]$Password="pa55w0rd" | |
| ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $B64Transform = New-Object System.Security.Cryptography.FromBase64Transform | |
| $Base64Stream = New-Object System.Security.Cryptography.CryptoStream( | |
| $InputStream, $B64Transform, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| # Read the Salt | |
| $Salt = New-Object Byte[](32) | |
| $BytesRead = $Base64Stream.Read($Salt, 0, $Salt.Length) | |
| if ( $BytesRead -ne $Salt.Length ) { | |
| Write-Host 'Failed to read Salt from file' | |
| exit | |
| } | |
| # Generate PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| $HMACKey = $PBKDF2.GetBytes(20) | |
| $HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| $Code = New-Object Byte[](20) | |
| $BytesRead = $Base64Stream.Read($Code, 0, $Code.Length) | |
| if ( $BytesRead -ne $Code.Length ) { | |
| Write-Host 'Failed to read HMAC from file' | |
| exit | |
| } | |
| Write-Host "SALT:", ([System.BitConverter]::ToString($Salt) -replace "-").ToLower() | |
| Write-Host "HMAC:", ([System.BitConverter]::ToString($Code) -replace "-").ToLower() | |
| Write-Host "KEY: ", ([System.BitConverter]::ToString($AESKey) -replace "-").ToLower() | |
| Write-Host "IV: ", ([System.BitConverter]::ToString($AESIV) -replace "-").ToLower() | |
| Write-Host "MAC: ", ([System.BitConverter]::ToString($HMACKey) -replace "-").ToLower() | |
| $CryptedStream = New-Object IO.MemoryStream | |
| $Base64Stream.CopyTo($CryptedStream) | |
| $Base64Stream.Flush() | |
| [void]$CryptedStream.Seek(0, [System.IO.SeekOrigin]::Begin) | |
| $Auth = $HMAC.ComputeHash($CryptedStream) | |
| if (Compare-Object $Auth ($Code) -SyncWindow 0) { | |
| Write-Host "AUTH:", ([System.BitConverter]::ToString($Auth) -replace "-").ToLower(), "failed" | |
| #exit | |
| } | |
| # Setup our decryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| # Setup the crypto-stream | |
| [void]$CryptedStream.Seek(0, [System.IO.SeekOrigin]::Begin) | |
| $Decryptor = $AES.CreateDecryptor($AESKey, $AESIV) | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $CryptedStream, $Decryptor, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| # Get the first byte so we can check to see if is compressed or not | |
| $FirstByte = $CryptoStream.ReadByte() | |
| # Setup the crypto-stream again because we can't seek... | |
| [void]$CryptedStream.Seek(0, [System.IO.SeekOrigin]::Begin) | |
| $Decryptor = $AES.CreateDecryptor($AESKey, $AESIV) | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $CryptedStream, $Decryptor, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| if ($FirstByte -eq 0x1F) { | |
| $GzipStream = New-Object System.IO.Compression.GZipStream( | |
| $CryptoStream, [IO.Compression.CompressionMode]::Decompress) | |
| $GzipStream.CopyTo($OutputStream) | |
| } else { | |
| $CryptoStream.CopyTo($OutputStream) | |
| } | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( | |
| [String]$InputFile, | |
| [String]$OutputFile, | |
| [String]$Password="pa55w0rd", | |
| [String]$UseSalt, | |
| [switch]$Compress=$false | |
| ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| if ( $UseSalt ) { | |
| $String = $UseSalt.ToLower() -replace '[^a-f0-9]','' | |
| $Salt = @($String -split '([a-f0-9]{2})' | foreach-object { if ($_) {[System.Convert]::ToByte($_,16)}}) | |
| } else { | |
| $Salt = New-Object Byte[](32) | |
| $Prng = New-Object System.Security.Cryptography.RNGCryptoServiceProvider | |
| $Prng.GetBytes($Salt) | |
| } | |
| # Derive random bytes using PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| $HMACKey = $PBKDF2.GetBytes(20) | |
| $HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| # Setup our encryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Enc = $AES.CreateEncryptor($AESKey, $AESIV) | |
| # Write our Salt now, then append the encrypted data | |
| $B64Transform = New-Object System.Security.Cryptography.ToBase64Transform | |
| $Base64Stream = New-Object System.Security.Cryptography.CryptoStream( | |
| $OutputStream, $B64Transform, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| $Base64Stream.Write($Salt, 0, $Salt.Length) | |
| # Write out crypted data to memory | |
| $CryptedStream = New-Object IO.MemoryStream | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $CryptedStream, $Enc, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| # think we want to GZIP around the InputStream | |
| if ($Compress) { | |
| $GzipStream = New-Object System.IO.Compression.GZipStream( | |
| $CryptoStream, [IO.Compression.CompressionMode]::Compress) | |
| $InputStream.CopyTo($GzipStream) | |
| $GzipStream.Flush() | |
| } else { | |
| $InputStream.CopyTo($CryptoStream) | |
| } | |
| $CryptoStream.FlushFinalBlock() | |
| # Compute our HMAC | |
| [void]$CryptedStream.Seek(0, [IO.SeekOrigin]::Begin) | |
| $Auth = $HMAC.ComputeHash($CryptedStream) | |
| # Write out our HMAC | |
| $Base64Stream.Write($Auth, 0, $Auth.Length) | |
| Write-Host "SALT:", ([System.BitConverter]::ToString($Salt) -replace "-").ToLower() | |
| Write-Host "HMAC:", ([System.BitConverter]::ToString($Auth) -replace "-").ToLower() | |
| Write-Host "KEY: ", ([System.BitConverter]::ToString($AESKey) -replace "-").ToLower() | |
| Write-Host "IV: ", ([System.BitConverter]::ToString($AESIV) -replace "-").ToLower() | |
| Write-Host "MAC: ", ([System.BitConverter]::ToString($HMACKey) -replace "-").ToLower() | |
| # Write out out encrypted data | |
| [void]$CryptedStream.Seek(0, [IO.SeekOrigin]::Begin) | |
| $CryptedStream.CopyTo($Base64Stream) | |
| $CryptedStream.Flush() | |
| $Base64Stream.FlushFinalBlock() | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile, [String]$Password="pa55w0rd" ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| # Read the Salt | |
| $Salt = New-Object Byte[](32) | |
| $BytesRead = $InputStream.Read($Salt, 0, $Salt.Length) | |
| if ( $BytesRead -ne $Salt.Length ) { | |
| Write-Host 'Failed to read Salt from file' | |
| exit | |
| } | |
| # Generate PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| $HMACKey = $PBKDF2.GetBytes(20) | |
| $HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| $Code = New-Object Byte[](20) | |
| $BytesRead = $InputStream.Read($Code, 0, $Code.Length) | |
| if ( $BytesRead -ne $Code.Length ) { | |
| Write-Host 'Failed to read HMAC from file' | |
| exit | |
| } | |
| [void]$InputStream.Seek(52, [System.IO.SeekOrigin]::Begin) | |
| $Auth = $HMAC.ComputeHash($InputStream) | |
| if (Compare-Object $Auth ($Code) -SyncWindow 0) { | |
| Write-Host 'Checksum failure.' | |
| exit | |
| } | |
| # Setup our decryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Dec = $AES.CreateDecryptor($AESKey, $AESIV) | |
| [void]$InputStream.Seek(52, [System.IO.SeekOrigin]::Begin) | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $InputStream, $Dec, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| $CryptoStream.CopyTo($OutputStream) | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile, [String]$Password="pa55w0rd" ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $Salt = New-Object Byte[](32) | |
| $Prng = New-Object System.Security.Cryptography.RNGCryptoServiceProvider | |
| $Prng.GetBytes($Salt) | |
| # Derive random bytes using PBKDF2 from Salt and Password | |
| $PBKDF2 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes( | |
| $Password, $Salt) | |
| # Get our AES key, iv and hmac key from the PBKDF2 stream | |
| $AESKey = $PBKDF2.GetBytes(32) | |
| $AESIV = $PBKDF2.GetBytes(16) | |
| $HMACKey = $PBKDF2.GetBytes(20) | |
| $HMAC = New-Object System.Security.Cryptography.HMACSHA1(,$HMACKey) | |
| # Setup our encryptor | |
| $AES = New-Object Security.Cryptography.AesManaged | |
| $Enc = $AES.CreateEncryptor($AESKey, $AESIV) | |
| # Write our Salt now, then append the encrypted data | |
| $OutputStream.Write($Salt, 0, $Salt.Length) | |
| # Write out crypted data to memory | |
| $CryptedStream = New-Object IO.MemoryStream | |
| $CryptoStream = New-Object System.Security.Cryptography.CryptoStream( | |
| $CryptedStream, $Enc, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| $InputStream.CopyTo($CryptoStream) | |
| $CryptoStream.FlushFinalBlock() | |
| # Compute our HMAC | |
| [void]$CryptedStream.Seek(0, [IO.SeekOrigin]::Begin) | |
| $Auth = $HMAC.ComputeHash($CryptedStream) | |
| # Write out our HMAC | |
| $OutputStream.Write($Auth, 0, $Auth.Length) | |
| # Write out out encrypted data | |
| [void]$CryptedStream.Seek(0, [IO.SeekOrigin]::Begin) | |
| $CryptedStream.CopyTo($OutputStream) | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $B64Transform = New-Object System.Security.Cryptography.FromBase64Transform | |
| $Base64Stream = New-Object System.Security.Cryptography.CryptoStream( | |
| $InputStream, $B64Transform, [System.Security.Cryptography.CryptoStreamMode]::Read) | |
| $Base64Stream.CopyTo($OutputStream) | |
| $OutputStream.Dispose() # Required to flush the content to disk |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $B64Transform = New-Object System.Security.Cryptography.ToBase64Transform | |
| $Base64Stream = New-Object System.Security.Cryptography.CryptoStream( | |
| $OutputStream, $B64Transform, [System.Security.Cryptography.CryptoStreamMode]::Write) | |
| $InputStream.CopyTo($Base64Stream) | |
| $Base64Stream.Dispose() # Required to flush all the bytes through |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $GzipStream = New-Object System.IO.Compression.GZipStream( | |
| $OutputStream, [IO.Compression.CompressionMode]::Compress) | |
| $InputStream.CopyTo($GzipStream) | |
| $GzipStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env powershell | |
| param ( [String]$InputFile, [String]$OutputFile ) | |
| $InputStream = New-Object IO.FileStream($InputFile, | |
| [IO.FileMode]::Open, [IO.FileAccess]::Read) | |
| $OutputStream = New-Object IO.FileStream($OutputFile, | |
| [IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $GzipStream = New-Object System.IO.Compression.GZipStream( | |
| $InputStream, [IO.Compression.CompressionMode]::Decompress) | |
| $GzipStream.CopyTo($OutputStream) | |
| $OutputStream.Dispose() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Encrypting ($Restart, $InputStream){ | |
| $rsa = New-Object -TypeName System.Security.Cryptography.RSACryptoServiceProvider | |
| $bytes = [system.Text.Encoding]::UTF8.GetBytes($InputStream) | |
| $encoding = [System.Text.Encoding]::Unicode | |
| $rsa.FromXmlString("<RSAKeyValue><Modulus>qpckDXTWK8imuKMozgNexHnABZLqZ+iI55uNkZ5y1R5eDceIrOEfWUd5V+KIkq+5QepL9upDdnFp4PWUqj++dVR7DcuFMqFQ9DSERsRUr/VxyZ7pDn0xjAPhAmeoe0ffoVnrJAqbhYE5jccsg5+78vrpGPicYH1E7Y+gxq01PuM=</Modulus><Exponent>AQAB</Exponent><P>2aLcuWDVM++oWb75p9eSO6zqmv6K190rAJ4r1SNpcv4FpajhO6+0H1TSeD0Rx3XkNcmPIEVLTom6jhasmSmFdw==</P><Q>yKlFg8RoxzJ7khGKCj6qcObCYlNxaCjiPF5c3TBn5VXaByElJmPCEiODZgbI8FntQE92mZEiHjp/bjb6Zvyc9Q==</Q><DP>A67K12Q5F2Dl02b06I8wTUw2yBqolNCMSr1idn/b5/M+ezgpX44wmRshWKGH7H0lOHfJsT0a8iBIhOEDWLAoLw==</DP><DQ>JgDJBZehMHjDJnrj5eTQaumJTw32oH99uWk1tT6BrtF/pXIFkyu5ia3oKN6IF90wLcne8F6oU4lIsRsAeZjGMQ==</DQ><InverseQ>nA+wqIY5OPnclY2YqW5K4wTpVjZq4s43eKrCwoSKx03aL/oMxMUxpUkQgB/MhEmD78wvZmPCL6dLU1rMWRsxlw==</InverseQ><D>pQZ3Wwkm0s5V8pHsPHdoKvt4tius1X5PSnbhmfhFMEQjSoM3hb52XCDXkxxTcEvMFKb6e8+eGauXeIc6HQRzUmsSFs/xpbNJ4DYkqFYy0cWxENOFWKCSPh9cER1I3OgeM+su+Qj7LozB5ztKL3PEq5xWyfdU+VGCn7WqmR8KWkk=</D></RSAKeyValue>") | |
| $encryptedBytes = $rsa.Encrypt($bytes, $true) | |
| $encryptedString = [Convert]::ToBase64String($encryptedBytes); | |
| $encryptedString.ToString() | |
| [String]$OutputFile = 'C:\temp\keysRSA.txt' | |
| $OutputStream = New-Object IO.FileStream($OutputFile,[IO.FileMode]::Create, [IO.FileAccess]::Write) | |
| $writer = New-Object System.IO.StreamWriter $OutputStream, $encoding | |
| $writer.Write($encryptedString) | |
| $writer.Dispose() | |
| $OutputStream.Dispose() | |
| } | |
| [int]$InputStreams = '12345678' | |
| Encrypting 0 $InputStreams | |
| function Decrypting ($Restart, $encryptedBytes){ | |
| $rsa = New-Object -TypeName System.Security.Cryptography.RSACryptoServiceProvider | |
| $rsa.FromXmlString("<RSAKeyValue><Modulus>qpckDXTWK8imuKMozgNexHnABZLqZ+iI55uNkZ5y1R5eDceIrOEfWUd5V+KIkq+5QepL9upDdnFp4PWUqj++dVR7DcuFMqFQ9DSERsRUr/VxyZ7pDn0xjAPhAmeoe0ffoVnrJAqbhYE5jccsg5+78vrpGPicYH1E7Y+gxq01PuM=</Modulus><Exponent>AQAB</Exponent><P>2aLcuWDVM++oWb75p9eSO6zqmv6K190rAJ4r1SNpcv4FpajhO6+0H1TSeD0Rx3XkNcmPIEVLTom6jhasmSmFdw==</P><Q>yKlFg8RoxzJ7khGKCj6qcObCYlNxaCjiPF5c3TBn5VXaByElJmPCEiODZgbI8FntQE92mZEiHjp/bjb6Zvyc9Q==</Q><DP>A67K12Q5F2Dl02b06I8wTUw2yBqolNCMSr1idn/b5/M+ezgpX44wmRshWKGH7H0lOHfJsT0a8iBIhOEDWLAoLw==</DP><DQ>JgDJBZehMHjDJnrj5eTQaumJTw32oH99uWk1tT6BrtF/pXIFkyu5ia3oKN6IF90wLcne8F6oU4lIsRsAeZjGMQ==</DQ><InverseQ>nA+wqIY5OPnclY2YqW5K4wTpVjZq4s43eKrCwoSKx03aL/oMxMUxpUkQgB/MhEmD78wvZmPCL6dLU1rMWRsxlw==</InverseQ><D>pQZ3Wwkm0s5V8pHsPHdoKvt4tius1X5PSnbhmfhFMEQjSoM3hb52XCDXkxxTcEvMFKb6e8+eGauXeIc6HQRzUmsSFs/xpbNJ4DYkqFYy0cWxENOFWKCSPh9cER1I3OgeM+su+Qj7LozB5ztKL3PEq5xWyfdU+VGCn7WqmR8KWkk=</D></RSAKeyValue>") | |
| $bytes = [System.Convert]::FromBase64String($encryptedBytes) | |
| $decryptedBytes = $rsa.Decrypt($bytes, $true) | |
| $text = [system.Text.Encoding]::UTF8.GetString($decryptedBytes).Trim([char]0); | |
| Write-Host $text | |
| # don't forget to dispose when you're done! | |
| $rsa.Dispose() | |
| } | |
| $encryptedByte = 'X3WevVNdiFTNT3apJ37OjHHJtamN5l4InFsjm4Y4U31SOrT/hc/jRa388xsN60YcKSrsCJLyTCTfnvyzz89QiQFZSrj6+qKJGgQ6txW9DNWW0Kxxt5Z/cA63Uw1yVtO6PzyxyIgmhNzOWKwr8TQlzRq6j8ozfoW3+dGAbXm0eV4=' | |
| Decrypting 0 $encryptedBytes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment